Prosím o kontrolu logu,stáhl jsem vír,který mi zamkl disky/nejde obnovení systému,a zmizely ikony u hodin na liště vpravu,moc děkuji.
Logfile of random's system information tool 1.06 (written by random/random)
Run by PC at 2010-02-10 15:21:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (44%) free of 76 GB
Total RAM: 2030 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:21, on 2010-02-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\14.tmp
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\PC\Plocha\Nepoužívané odkazy plochy\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\PC.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www3.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe,C:\WINDOWS\system32\sdra64.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: gwprimawega - {777d1175-39e9-6d8e-c902-40412f918d84} - C:\WINDOWS\system32\cT-F3K-t.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: updater.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{F05B655F-DD1B-414B-B6AA-D0447548F817}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\mssrv32.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 9018 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-12-13 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{777d1175-39e9-6d8e-c902-40412f918d84}]
gwprimawega - C:\WINDOWS\system32\cT-F3K-t.dll [2010-01-29 1265664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-01 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-01 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-12-13 798771]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-01 263280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"12CFG214-K641-12SF-N85P"=C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2010-02-10 41984]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\PC\Nabídka Start\Programy\Po spuštění
updater.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-29 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\Documents and Settings\PC\Dokumenty\eMule\emule.exe"="C:\Documents and Settings\PC\Dokumenty\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\PC\Plocha\Az\DCC.version2.80\DCC.exe"="C:\Documents and Settings\PC\Plocha\Az\DCC.version2.80\DCC.exe:*:Enabled:Dreambox Control Center"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\WINDOWS\system32\wmsrvc.exe"="C:\WINDOWS\system32\wmsrvc.exe:*:Enabled:DHCP Router"
"C:\Documents and Settings\PC\Plocha\Az\misut\test loga\TuneAZbox\TuneAZbox.exe"="C:\Documents and Settings\PC\Plocha\Az\misut\test loga\TuneAZbox\TuneAZbox.exe:*:Disabled: "
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Documents and Settings\PC\Local Settings\temp\init.exe"="C:\Documents and Settings\PC\Local Settings\temp\init.exe:*:Enabled:ENABLE"
"E:\uTorrent\utorrent.exe"="E:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\telesat\CAM Wizard\AZBox CAM Wizard.exe"="C:\Program Files\telesat\CAM Wizard\AZBox CAM Wizard.exe:*:Enabled:AZBox CAM Wizard"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\wmsrvc.exe"="C:\WINDOWS\system32\wmsrvc.exe:*:Enabled:DHCP Router"
======List of files/folders created in the last 1 months======
2010-02-10 13:08:45 ----A---- C:\WINDOWS\system32\imPlayok.exe
2010-02-10 12:09:55 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-10 10:55:58 ----D---- C:\WINDOWS\Prefetch
2010-02-10 10:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-02-10 10:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-10 10:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-10 10:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-10 10:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-10 10:49:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-10 10:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2010-02-10 10:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2010-02-10 10:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-10 10:48:13 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-02-10 10:48:13 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-02-10 10:47:22 ----A---- C:\WINDOWS\000001_.tmp
2010-02-10 01:02:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 01:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 01:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 01:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 01:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 01:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 01:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-10 01:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 01:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 00:02:51 ----A---- C:\WINDOWS\system32\HZIG24MGwf_l.exe
2010-02-09 23:23:50 ----RSH---- C:\WINDOWS\system32\wmsrvc.exe
2010-02-09 23:15:03 ----SHDC---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-09 21:35:35 ----DC---- C:\Config.Msi
2010-02-09 21:06:36 ----D---- C:\Documents and Settings\PC\Data aplikací\TuneUp Software
2010-02-09 21:06:09 ----DC---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-02-03 17:47:03 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-03 17:01:31 ----DC---- C:\Output Files
2010-02-01 10:51:00 ----D---- C:\Program Files\CCleaner
2010-01-29 19:34:06 ----A---- C:\WINDOWS\system32\cT-F3K-t.dll
2010-01-24 11:12:21 ----A---- C:\Documents and Settings\PC\Data aplikací\isfree4_0.tmp
2010-01-24 11:11:35 ----D---- C:\Program Files\Common Files\iSpring Solutions
2010-01-24 11:11:34 ----D---- C:\Program Files\iSpring
2010-01-24 11:04:36 ----D---- C:\Program Files\IrfanView
2010-01-24 10:57:38 ----D---- C:\Program Files\Image Grabber II
2010-01-20 19:26:49 ----D---- C:\Documents and Settings\PC\Data aplikací\vlc
2010-01-19 21:04:12 ----DC---- C:\Nová složka
2010-01-16 16:47:37 ----D---- C:\Program Files\TeamViewer
2010-01-16 16:13:17 ----D---- C:\Program Files\VideoLAN
2010-01-15 18:29:24 ----DC---- C:\multiAVCHD
2010-01-13 11:09:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 11:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
======List of files/folders modified in the last 1 months======
2010-02-10 15:21:29 ----DC---- C:\rsit
2010-02-10 15:05:19 ----D---- C:\Program Files\Mozilla Firefox
2010-02-10 14:57:37 ----D---- C:\WINDOWS\temp
2010-02-10 14:56:47 ----D---- C:\WINDOWS\system32\drivers
2010-02-10 14:56:47 ----D---- C:\WINDOWS\system32
2010-02-10 14:54:00 ----AD---- C:\WINDOWS
2010-02-10 14:52:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-10 14:51:40 ----SHD---- C:\WINDOWS\Installer
2010-02-10 14:51:34 ----RD---- C:\Program Files
2010-02-10 14:51:31 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-10 14:20:31 ----HD---- C:\WINDOWS\inf
2010-02-10 13:49:52 ----DC---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-02-10 13:46:52 ----D---- C:\Program Files\AVG
2010-02-10 13:31:14 ----D---- C:\WINDOWS\Debug
2010-02-10 13:25:40 ----SHD---- C:\RECYCLER
2010-02-10 13:23:23 ----D---- C:\Inst.programy
2010-02-10 13:21:45 ----SD---- C:\WINDOWS\Tasks
2010-02-10 13:12:43 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-10 13:11:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-10 12:36:38 ----D---- C:\Documents and Settings\PC\Data aplikací\Skype
2010-02-10 12:20:55 ----D---- C:\instalace
2010-02-10 12:17:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-02-10 10:54:37 ----D---- C:\WINDOWS\security
2010-02-10 10:49:53 ----D---- C:\Program Files\Messenger
2010-02-10 10:48:13 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-10 10:48:12 ----D---- C:\WINDOWS\Help
2010-02-10 10:48:09 ----D---- C:\Program Files\Windows Media Player
2010-02-10 10:48:05 ----D---- C:\WINDOWS\system32\oobe
2010-02-10 10:46:22 ----D---- C:\WINDOWS\EHome
2010-02-10 09:43:33 ----D---- C:\Program Files\Outlook Express
2010-02-10 09:43:33 ----D---- C:\Program Files\NetMeeting
2010-02-10 09:43:33 ----D---- C:\Program Files\Movie Maker
2010-02-10 09:14:22 ----D---- C:\Program Files\Wisdom-soft ScreenHunter Free
2010-02-10 09:14:19 ----D---- C:\Program Files\Windows NT
2010-02-10 09:13:31 ----D---- C:\Program Files\Windows Media Connect 2
2010-02-10 09:13:07 ----D---- C:\Program Files\WinAVIVideoConverter
2010-02-10 09:05:28 ----D---- C:\Program Files\Total Video Converter
2010-02-10 09:03:35 ----D---- C:\Program Files\The KMPlayer
2010-02-10 09:00:05 ----D---- C:\Program Files\Shared files
2010-02-10 09:00:03 ----D---- C:\Program Files\Seznam DVD
2010-02-10 08:56:23 ----D---- C:\Program Files\Realtek AC97
2010-02-10 08:56:16 ----D---- C:\Program Files\QuickMediaConverter
2010-02-10 08:55:33 ----D---- C:\Program Files\QIP
2010-02-10 08:55:09 ----D---- C:\Program Files\PSPad editor
2010-02-10 08:47:38 ----D---- C:\Program Files\Magic Video Converter
2010-02-10 08:43:43 ----D---- C:\Program Files\iWisoft Free Video Converter
2010-02-10 08:43:24 ----D---- C:\Program Files\Internet Explorer
2010-02-10 08:41:53 ----D---- C:\Program Files\Image Converter .EXE
2010-02-10 08:25:12 ----D---- C:\Program Files\Get IP
2010-02-10 08:25:03 ----D---- C:\Program Files\Fausto
2010-02-10 08:23:40 ----D---- C:\Program Files\E.M. PowerPoint Video Converter
2010-02-10 08:23:24 ----D---- C:\Program Files\DVDFab Decrypter
2010-02-10 08:23:18 ----D---- C:\Program Files\DVD Shrink
2010-02-10 08:17:59 ----D---- C:\Program Files\Common Files\SoftTech InterCorp
2010-02-10 08:17:51 ----D---- C:\Program Files\Common Files\snpstd2
2010-02-10 08:13:00 ----D---- C:\Program Files\Cell Phone Manager
2010-02-10 08:11:20 ----D---- C:\Program Files\btw
2010-02-10 08:10:53 ----D---- C:\Program Files\Avi To MPEG Scout
2010-02-10 08:10:23 ----D---- C:\Program Files\AVD Video Processor 8.0.1 TRIAL
2010-02-10 08:00:39 ----D---- C:\GAME
2010-02-10 07:13:11 ----A---- C:\Documents and Settings\PC\Data aplikací\ezpinst.exe
2010-02-10 07:13:09 ----D---- C:\Documents and Settings\PC\Data aplikací\Desktopicon
2010-02-10 01:44:51 ----D---- C:\WINDOWS\WinSxS
2010-02-10 01:44:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-10 01:02:40 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-09 23:52:54 ----DC---- C:\$AVG8.VAULT$
2010-02-09 21:36:44 ----D---- C:\WINDOWS\system32\config
2010-02-09 21:36:22 ----D---- C:\WINDOWS\system32\wbem
2010-02-09 21:36:21 ----D---- C:\WINDOWS\Registration
2010-02-09 18:33:10 ----A---- C:\Documents and Settings\PC\Data aplikací\fspro2_0.tmp
2010-02-08 13:06:34 ----A---- C:\WINDOWS\TRNCOM.INI
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-29 22:03:06 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-29 09:51:19 ----A---- C:\WINDOWS\system32\sstunst2.exe
2010-01-24 11:11:35 ----D---- C:\Program Files\Common Files
2010-01-24 10:13:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-23 01:35:57 ----AC---- C:\WINDOWS\PhotoSnapViewer.INI
2010-01-23 00:38:53 ----AC---- C:\WINDOWS\wincmd.ini
2010-01-22 15:05:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-01-16 19:14:58 ----SD---- C:\Documents and Settings\PC\Data aplikací\Microsoft
2010-01-16 16:47:48 ----D---- C:\Documents and Settings\PC\Data aplikací\TeamViewer
2010-01-13 11:50:31 ----D---- C:\WINDOWS\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-29 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-29 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-07 108552]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-22 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 VRVD302;VRVD302; C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-07-16 11296]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-11 4015680]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-10-30 329901]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-11-13 862922]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-02-11 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-06-30 10368]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2007-06-17 186592]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-10-30 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-10-30 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-10-30 47875]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-10-30 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-30 67672]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-01-25 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-25 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd2;VideoCAM Look; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-07-28 334080]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndis;USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBBOX;Settop Box USB driver; C:\WINDOWS\System32\Drivers\USBBOX.sys [2003-12-22 16640]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-11-11 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S2 msupdate;Microsoft security update service; c:\windows\system32\mssrv32.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-10 183280]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2010-02-10 444288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-02-10 145696]
S3 p2pgasvc;Ověřování v síti skupiny rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Síť rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-02-10 914432]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 602SQL 8 FastCGI Client;602SQL 8 FastCGI Client; c:\Program Files\webgencz\602FSVC8.EXE []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu,víry v PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu,víry v PC
Zdravím,
tak na to nejdřív pustíme roboty
tak na to nejdřív pustíme roboty
stáhni http://www.raktor.net/exeHelper/exeHelper.com na plochu a dvojklikem spusť.
po skončení opravy vyskočí log, který sem zkopíruj.
Stáhni a nainstaluj MBAM z odkazu v mém podpisu.
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Skener" > Provést rychlý sken > Skenovat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosím o kontrolu logu,víry v PC
exeHelper by Raktor
Build 20091220
Run at 17:47:15 on 02/10/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
první část a díky,že ses mě ujal
Z té druhé časti jsem blbec,stáhl jsem instaloval,aktualizoval,ale kdyždám sken zmizí někde k liště a není,nevidí ani správce
běhám k mladým a tam to jede,drží sken na obrazovce,mi se ihned ukončí
zkusil odinstalovat a zpět ale už po polovině aktualizace zmizne.Ještě se mi objevují hlášky v souboru 211.exe,pak 917.exe a nějak tak došlo k problému je třeba ji zavřít
Build 20091220
Run at 17:47:15 on 02/10/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
první část a díky,že ses mě ujal
Z té druhé časti jsem blbec,stáhl jsem instaloval,aktualizoval,ale kdyždám sken zmizí někde k liště a není,nevidí ani správce
běhám k mladým a tam to jede,drží sken na obrazovce,mi se ihned ukončí
zkusil odinstalovat a zpět ale už po polovině aktualizace zmizne.Ještě se mi objevují hlášky v souboru 211.exe,pak 917.exe a nějak tak došlo k problému je třeba ji zavřít
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu,víry v PC
tak se zkusíme podívat na rootkity
stáhneš speciální verzi G-Mer
Special
ulož na plochu a spusť -> proběhne krátký scan
když dostaneš hlášku rootkit activity and asks if you want to run scan>>klikneš NO<<
a nastavíš to takto
>> klikneš scan,<<
na konci scanu >>SAVE<< název dej Gspeclog.txt>>ulož na plochu a obsah logu zkopíruj sem
pokud by se nedařilo, zkus spustit v nouzovém režimuDoporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosím o kontrolu logu,víry v PC
Jedu ještě ,že mladí mají taky PC,jedině fleška a pak plocha já se na soubory .exe nedostanu 
za chvíli bude hotovo
za chvíli bude hotovo-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu,víry v PC
to by měl exeHelper už opravitmisut píše: já se na soubory .exe nedostanu
Resetting filetype association for .exe
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosím o kontrolu logu,víry v PC
to bylo dlouho.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-10 22:11:50
Windows 5.1.2600 Service Pack 3
Running: q36brgjl.exe; Driver: C:\DOCUME~1\PC\LOCALS~1\Temp\uwqoapog.sys
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8A55B220
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Process C:\WINDOWS\system32\wmsrvc.exe (*** hidden *** ) 1460
Process C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe (*** hidden *** ) 1996
---- Services - GMER 1.0.15 ----
Service (*** hidden *** ) [BOOT] gmwfc <-- ROOTKIT !!!
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs C:\WINDOWS\system32\avgrsstx.dll
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.str\OpenWithProgids@a\1a\0b\0l\0o\0n\0a\0 \0d\0i\0a\0l\0o\0g\0u
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}@napighjfgppokoeihdpdcmihnpfm 0x6A 0x61 0x64 0x6F ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}@mafkaefjdmccbffcjjoffknfnl 0x6A 0x61 0x64 0x6F ...
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\system32\lowsec 0 bytes
File C:\WINDOWS\system32\lowsec\local.ds 159 bytes
File C:\WINDOWS\system32\lowsec\user.ds 0 bytes
File C:\WINDOWS\system32\sdra64.exe 169472 bytes
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-10 22:11:50
Windows 5.1.2600 Service Pack 3
Running: q36brgjl.exe; Driver: C:\DOCUME~1\PC\LOCALS~1\Temp\uwqoapog.sys
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8A55B220
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Process C:\WINDOWS\system32\wmsrvc.exe (*** hidden *** ) 1460
Process C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe (*** hidden *** ) 1996
---- Services - GMER 1.0.15 ----
Service (*** hidden *** ) [BOOT] gmwfc <-- ROOTKIT !!!
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet003\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@Type 1
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@Start 0
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet004\Services\gmwfc@Group Boot Bus Extender
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs C:\WINDOWS\system32\avgrsstx.dll
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.str\OpenWithProgids@a\1a\0b\0l\0o\0n\0a\0 \0d\0i\0a\0l\0o\0g\0u
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}@napighjfgppokoeihdpdcmihnpfm 0x6A 0x61 0x64 0x6F ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}@mafkaefjdmccbffcjjoffknfnl 0x6A 0x61 0x64 0x6F ...
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\system32\lowsec 0 bytes
File C:\WINDOWS\system32\lowsec\local.ds 159 bytes
File C:\WINDOWS\system32\lowsec\user.ds 0 bytes
File C:\WINDOWS\system32\sdra64.exe 169472 bytes
---- EOF - GMER 1.0.15 ----
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu,víry v PC
ScriptStahni Avenger zde:
http://swandog46.geekstogo.com/avenger.exe
Spusť a všude souhlas „Yes“
Hlavní okno
dole dej fajfku do obou čtverečků
Do pole „Input script here“ zkopíruj zelený text scriptu > „Execute“ > „Yes“
Bude restart a je potřeba vyčkat na otevření Notepadu a jeho obsah sem vložit.
Kód: Vybrat vše
Begin copying here:
Files to delete:
C:\WINDOWS\system32\wmsrvc.exe
C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe
C:\WINDOWS\system32\sdra64.exe
Folders to delete:
C:\WINDOWS\system32\lowsec
Drivers to delete:
gmwfcDoporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosím o kontrolu logu,víry v PC
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\system32\wmsrvc.exe" deleted successfully.
File "C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe" deleted successfully.
File "C:\WINDOWS\system32\sdra64.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lowsec" deleted successfully.
Driver "gmwfc" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\system32\wmsrvc.exe" deleted successfully.
File "C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe" deleted successfully.
File "C:\WINDOWS\system32\sdra64.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lowsec" deleted successfully.
Driver "gmwfc" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu,víry v PC
Aktuální RSIT + popis současných problémů 
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosím o kontrolu logu,víry v PC
Logfile of random's system information tool 1.06 (written by random/random)
Run by PC at 2010-02-11 15:02:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (44%) free of 76 GB
Total RAM: 2030 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03, on 2010-02-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\updatd7.exe
C:\DOCUME~1\PC\LOCALS~1\Temp\rjvjlsvw.exe
C:\Documents and Settings\PC\imPlayok.exe
C:\Documents and Settings\PC\reader_s.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\imPlayok.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\PC\Plocha\Nepoužívané odkazy plochy\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\PC.exe
c:\lsass.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www3.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe,C:\WINDOWS\system32\sdra64.exe,
O1 - Hosts: 184.29.144.198 msnfix.changelog.fr
O1 - Hosts: 184.29.144.198 www.incodesolutions.com
O1 - Hosts: 184.29.144.198 virusinfo.prevx.com
O1 - Hosts: 184.29.144.198 download.bleepingcomputer.com
O1 - Hosts: 184.29.144.198 www.dazhizhu.cn
O1 - Hosts: 184.29.144.198 foro.noticias3d.com
O1 - Hosts: 184.29.144.198 www.spybotupdates.com
O1 - Hosts: 184.29.144.198 club.myce.com
O1 - Hosts: 184.29.144.198 www.k7computing.com
O1 - Hosts: 184.29.144.198 softwaresecuritysolutions.com
O1 - Hosts: 184.29.144.198 www.nabble.com
O1 - Hosts: 184.29.144.198 lurker.clamav.net
O1 - Hosts: 184.29.144.198 lexikon.ikarus.at
O1 - Hosts: 184.29.144.198 research.sunbelt-software.com
O1 - Hosts: 184.29.144.198 www.virusdoctor.jp
O1 - Hosts: 184.29.144.198 www.elitepvpers.de
O1 - Hosts: 184.29.144.198 guru.avg.com
O1 - Hosts: 184.29.144.198 downloads.sophos.com
O1 - Hosts: 184.29.144.198 share.skype.com
O1 - Hosts: 184.29.144.198 myantispyware.com
O1 - Hosts: 184.29.144.198 www.computerhilfen.de
O1 - Hosts: 184.29.144.198 www.superuser.co.kr
O1 - Hosts: 184.29.144.198 ntfaq.co.kr
O1 - Hosts: 184.29.144.198 v.dreamwiz.com
O1 - Hosts: 184.29.144.198 cit.kookmin.ac.kr
O1 - Hosts: 184.29.144.198 forums.whatthetech.com
O1 - Hosts: 184.29.144.198 forum.hijackthis.de
O1 - Hosts: 184.29.144.198 avg.vo.llnwd.net
O1 - Hosts: 184.29.144.198 ftp.drweb.com
O1 - Hosts: 184.29.144.198 www.zonealarm.com
O1 - Hosts: 184.29.144.198 smadaver.com
O1 - Hosts: 184.29.144.198 support.emsisoft.com
O1 - Hosts: 184.29.144.198 www.huaifai.go.th
O1 - Hosts: 184.29.144.198 www.mostz.com
O1 - Hosts: 184.29.144.198 www.krupunmai.com
O1 - Hosts: 184.29.144.198 www.cddchiangmai.net
O1 - Hosts: 184.29.144.198 forum.malekal.com
O1 - Hosts: 184.29.144.198 tech.pantip.com
O1 - Hosts: 184.29.144.198 sapcupgrades.com
O1 - Hosts: 184.29.144.198 www.elguruinformatico.com
O1 - Hosts: 184.29.144.198 forums.avg.com
O1 - Hosts: 184.29.144.198 zastita.com
O1 - Hosts: 184.29.144.198 support.kaspersky.com
O1 - Hosts: 184.29.144.198 www.247fixes.com
O1 - Hosts: 184.29.144.198 forum.sysinternals.com
O1 - Hosts: 184.29.144.198 forum.telecharger.01net.com
O1 - Hosts: 184.29.144.198 sophos.com
O1 - Hosts: 184.29.144.198 foros.softonic.com
O1 - Hosts: 184.29.144.198 avast-home.uptodown.com
O1 - Hosts: 184.29.144.198 dr-web-cureit.softonic.com
O1 - Hosts: 184.29.144.198 heavenward.ru
O1 - Hosts: 184.29.144.198 forum.smadav.net
O1 - Hosts: 184.29.144.198 www.forum.kaspersky.com
O1 - Hosts: 184.29.144.198 www.f-secure.com
O1 - Hosts: 184.29.144.198 www.chkrootkit.org
O1 - Hosts: 184.29.144.198 diamondcs.com.au
O1 - Hosts: 184.29.144.198 www.rootkit.nl
O1 - Hosts: 184.29.144.198 www.sysinternals.com
O1 - Hosts: 184.29.144.198 z-oleg.com
O1 - Hosts: 184.29.144.198 espanol.dir.groups.yahoo.com
O1 - Hosts: 184.29.144.198 ftp01net.telechargement.fr
O1 - Hosts: 184.29.144.198 modelayu.com
O1 - Hosts: 184.29.144.198 vaksin.com
O1 - Hosts: 184.29.144.198 bbs.kaspersky.com.cn
O1 - Hosts: 184.29.144.198 www.castlecrops.com
O1 - Hosts: 184.29.144.198 www.misec.net
O1 - Hosts: 184.29.144.198 safecomputing.umn.edu
O1 - Hosts: 184.29.144.198 www.antirootkit.com
O1 - Hosts: 184.29.144.198 www.greatis.com
O1 - Hosts: 184.29.144.198 ar.answers.yahoo.com
O1 - Hosts: 184.29.144.198 www.elhacker.org
O1 - Hosts: 184.29.144.198 research.pandasecurity.com
O1 - Hosts: 184.29.144.198 www.tpu.ro
O1 - Hosts: 184.29.144.198 www.pinoyden.com
O1 - Hosts: 184.29.144.198 forum.avira.de
O1 - Hosts: 184.29.144.198 www.rootkit.com
O1 - Hosts: 184.29.144.198 www.pctools.com
O1 - Hosts: 184.29.144.198 www.pcsupportadvisor.com
O1 - Hosts: 184.29.144.198 www.resplendence.com
O1 - Hosts: 184.29.144.198 www.personal.psu.edu
O1 - Hosts: 184.29.144.198 foro.ethek.com
O1 - Hosts: 184.29.144.198 foro.elhacker.net
O1 - Hosts: 184.29.144.198 download.zonealarm.com
O1 - Hosts: 184.29.144.198 spywarehammer.com
O1 - Hosts: 184.29.144.198 www.codelain.com
O1 - Hosts: 184.29.144.198 www.thaicert.org
O1 - Hosts: 184.29.144.198 vil.nail.com
O1 - Hosts: 184.29.144.198 search.mcafee.com
O1 - Hosts: 184.29.144.198 wwww.mcafee.com
O1 - Hosts: 184.29.144.198 download.nai.com
O1 - Hosts: 184.29.144.198 wwww.experts-exchange.com
O1 - Hosts: 184.29.144.198 www.bakunos.com
O1 - Hosts: 184.29.144.198 www.darkclockers.com
O1 - Hosts: 184.29.144.198 www2.gmer.net
O1 - Hosts: 184.29.144.198 ariefew.com
O1 - Hosts: 184.29.144.198 www.emsisoft.com
O1 - Hosts: 184.29.144.198 forum.romeonet.ro
O1 - Hosts: 184.29.144.198 www.Merijn.org
O1 - Hosts: 184.29.144.198 www.spywareinfo.com
O1 - Hosts: 184.29.144.198 www.spybot.info
O1 - Hosts: 184.29.144.198 www.viruslist.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: gwprimawega - {777d1175-39e9-6d8e-c902-40412f918d84} - C:\WINDOWS\system32\cT-F3K-t.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [17842] C:\DOCUME~1\PC\LOCALS~1\Temp\rjvjlsvw.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\updatd7.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: updater.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{F05B655F-DD1B-414B-B6AA-D0447548F817}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\mssrv32.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 14311 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-12-13 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{777d1175-39e9-6d8e-c902-40412f918d84}]
gwprimawega - C:\WINDOWS\system32\cT-F3K-t.dll [2010-01-29 1265664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-01 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-01 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-12-13 798771]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-01 263280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"15071"=C:\DOCUME~1\PC\LOCALS~1\Temp\rjvjlsvw.exe [2010-02-11 23040]
"Regedit32"=C:\WINDOWS\system32\regedit.exe [2010-02-11 200704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\updatd7.exe [2010-02-11 59392]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\PC\Nabídka Start\Programy\Po spuštění
updater.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-29 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=
"NoFolderOptions"=
"NoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\Documents and Settings\PC\Dokumenty\eMule\emule.exe"="C:\Documents and Settings\PC\Dokumenty\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\PC\Plocha\Az\DCC.version2.80\DCC.exe"="C:\Documents and Settings\PC\Plocha\Az\DCC.version2.80\DCC.exe:*:Enabled:Dreambox Control Center"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\WINDOWS\system32\wmsrvc.exe"="C:\WINDOWS\system32\wmsrvc.exe:*:Enabled:DHCP Router"
"C:\Documents and Settings\PC\Plocha\Az\misut\test loga\TuneAZbox\TuneAZbox.exe"="C:\Documents and Settings\PC\Plocha\Az\misut\test loga\TuneAZbox\TuneAZbox.exe:*:Disabled: "
"E:\uTorrent\utorrent.exe"="E:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\telesat\CAM Wizard\AZBox CAM Wizard.exe"="C:\Program Files\telesat\CAM Wizard\AZBox CAM Wizard.exe:*:Enabled:AZBox CAM Wizard"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Documents and Settings\PC\Local Settings\temp\init.exe"="C:\Documents and Settings\PC\Local Settings\temp\init.exe:*:Enabled:ENABLE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\wmsrvc.exe"="C:\WINDOWS\system32\wmsrvc.exe:*:Enabled:DHCP Router"
======List of files/folders created in the last 1 months======
2010-02-11 14:59:27 ----RSH---- C:\WINDOWS\system32\wmsrvc.exe
2010-02-11 14:58:21 ----A---- C:\WINDOWS\system32\info.tmp
2010-02-11 04:56:36 ----SHD---- C:\WINDOWS\system32\lowsec
2010-02-11 04:51:22 ----DC---- C:\Avenger
2010-02-11 04:51:22 ----AC---- C:\avenger.txt
2010-02-11 04:43:21 ----RSH---- C:\WINDOWS\updatd7.exe
2010-02-11 04:43:21 ----A---- C:\WINDOWS\logfile32.txt
2010-02-11 04:42:51 ----A---- C:\WINDOWS\system32\regedit.exe
2010-02-11 04:42:48 ----AC---- C:\lsass.exe
2010-02-11 04:42:46 ----RSH---- C:\WINDOWS\ccdrive32.exe
2010-02-11 04:42:37 ----A---- C:\WINDOWS\system32\reader_s.exe
2010-02-10 18:45:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-10 17:56:43 ----D---- C:\WINDOWS\Prefetch
2010-02-10 16:28:37 ----A---- C:\WINDOWS\SEC35.tmp
2010-02-10 16:26:29 ----A---- C:\WINDOWS\setuplog.txt
2010-02-10 16:25:12 ----A---- C:\WINDOWS\000002_.tmp
2010-02-10 13:08:45 ----A---- C:\WINDOWS\system32\imPlayok.exe
2010-02-10 12:09:55 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-10 10:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-02-10 10:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-10 10:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-10 10:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-10 10:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-10 10:49:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-10 10:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2010-02-10 10:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2010-02-10 10:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-10 10:48:13 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-02-10 10:48:13 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-02-10 10:47:22 ----A---- C:\WINDOWS\000001_.tmp
2010-02-10 01:02:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 01:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 01:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 01:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 01:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 01:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 01:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-10 01:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 01:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 00:02:51 ----A---- C:\WINDOWS\system32\HZIG24MGwf_l.exe
2010-02-09 23:15:03 ----SHDC---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-09 21:35:35 ----DC---- C:\Config.Msi
2010-02-09 21:06:36 ----D---- C:\Documents and Settings\PC\Data aplikací\TuneUp Software
2010-02-09 21:06:09 ----DC---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-02-03 17:47:03 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-03 17:01:31 ----DC---- C:\Output Files
2010-02-01 10:51:00 ----D---- C:\Program Files\CCleaner
2010-01-29 19:34:06 ----A---- C:\WINDOWS\system32\cT-F3K-t.dll
2010-01-24 11:12:21 ----A---- C:\Documents and Settings\PC\Data aplikací\isfree4_0.tmp
2010-01-24 11:11:35 ----D---- C:\Program Files\Common Files\iSpring Solutions
2010-01-24 11:11:34 ----D---- C:\Program Files\iSpring
2010-01-24 11:04:36 ----D---- C:\Program Files\IrfanView
2010-01-24 10:57:38 ----D---- C:\Program Files\Image Grabber II
2010-01-20 19:26:49 ----D---- C:\Documents and Settings\PC\Data aplikací\vlc
2010-01-19 21:04:12 ----DC---- C:\Nová složka
2010-01-16 16:47:37 ----D---- C:\Program Files\TeamViewer
2010-01-16 16:13:17 ----D---- C:\Program Files\VideoLAN
2010-01-15 18:29:24 ----DC---- C:\multiAVCHD
2010-01-13 11:09:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 11:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
======List of files/folders modified in the last 1 months======
2010-02-11 15:01:39 ----D---- C:\Program Files\Mozilla Firefox
2010-02-11 14:59:47 ----D---- C:\WINDOWS\temp
2010-02-11 14:59:40 ----D---- C:\WINDOWS\system32\drivers
2010-02-11 14:59:27 ----D---- C:\WINDOWS\system32
2010-02-11 04:51:22 ----RD---- C:\Program Files
2010-02-11 04:49:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-11 04:43:21 ----AD---- C:\WINDOWS
2010-02-11 04:43:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-11 04:43:10 ----RSHD---- C:\RECYCLER
2010-02-10 22:19:38 ----D---- C:\Documents and Settings\PC\Data aplikací\Skype
2010-02-10 20:06:45 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-10 20:05:18 ----HD---- C:\WINDOWS\inf
2010-02-10 20:05:18 ----D---- C:\Program Files\Messenger
2010-02-10 20:04:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-10 16:25:47 ----D---- C:\WINDOWS\Help
2010-02-10 16:25:46 ----D---- C:\WINDOWS\system32\oobe
2010-02-10 16:25:14 ----D---- C:\WINDOWS\security
2010-02-10 16:24:58 ----D---- C:\WINDOWS\EHome
2010-02-10 16:12:34 ----SHD---- C:\WINDOWS\Installer
2010-02-10 15:47:45 ----DC---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-02-10 15:21:29 ----DC---- C:\rsit
2010-02-10 13:46:52 ----D---- C:\Program Files\AVG
2010-02-10 13:31:14 ----D---- C:\WINDOWS\Debug
2010-02-10 13:23:23 ----D---- C:\Inst.programy
2010-02-10 13:21:45 ----SD---- C:\WINDOWS\Tasks
2010-02-10 12:20:55 ----D---- C:\instalace
2010-02-10 12:17:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-02-10 10:48:13 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-10 10:48:09 ----D---- C:\Program Files\Windows Media Player
2010-02-10 09:43:33 ----D---- C:\Program Files\Outlook Express
2010-02-10 09:43:33 ----D---- C:\Program Files\NetMeeting
2010-02-10 09:43:33 ----D---- C:\Program Files\Movie Maker
2010-02-10 09:14:22 ----D---- C:\Program Files\Wisdom-soft ScreenHunter Free
2010-02-10 09:14:19 ----D---- C:\Program Files\Windows NT
2010-02-10 09:13:31 ----D---- C:\Program Files\Windows Media Connect 2
2010-02-10 09:13:07 ----D---- C:\Program Files\WinAVIVideoConverter
2010-02-10 09:05:28 ----D---- C:\Program Files\Total Video Converter
2010-02-10 09:03:35 ----D---- C:\Program Files\The KMPlayer
2010-02-10 09:00:05 ----D---- C:\Program Files\Shared files
2010-02-10 09:00:03 ----D---- C:\Program Files\Seznam DVD
2010-02-10 08:56:23 ----D---- C:\Program Files\Realtek AC97
2010-02-10 08:56:16 ----D---- C:\Program Files\QuickMediaConverter
2010-02-10 08:55:33 ----D---- C:\Program Files\QIP
2010-02-10 08:55:09 ----D---- C:\Program Files\PSPad editor
2010-02-10 08:47:38 ----D---- C:\Program Files\Magic Video Converter
2010-02-10 08:43:43 ----D---- C:\Program Files\iWisoft Free Video Converter
2010-02-10 08:43:24 ----D---- C:\Program Files\Internet Explorer
2010-02-10 08:41:53 ----D---- C:\Program Files\Image Converter .EXE
2010-02-10 08:25:12 ----D---- C:\Program Files\Get IP
2010-02-10 08:25:03 ----D---- C:\Program Files\Fausto
2010-02-10 08:23:40 ----D---- C:\Program Files\E.M. PowerPoint Video Converter
2010-02-10 08:23:24 ----D---- C:\Program Files\DVDFab Decrypter
2010-02-10 08:23:18 ----D---- C:\Program Files\DVD Shrink
2010-02-10 08:17:59 ----D---- C:\Program Files\Common Files\SoftTech InterCorp
2010-02-10 08:17:51 ----D---- C:\Program Files\Common Files\snpstd2
2010-02-10 08:13:00 ----D---- C:\Program Files\Cell Phone Manager
2010-02-10 08:11:20 ----D---- C:\Program Files\btw
2010-02-10 08:10:53 ----D---- C:\Program Files\Avi To MPEG Scout
2010-02-10 08:10:23 ----D---- C:\Program Files\AVD Video Processor 8.0.1 TRIAL
2010-02-10 08:00:39 ----D---- C:\GAME
2010-02-10 07:13:11 ----A---- C:\Documents and Settings\PC\Data aplikací\ezpinst.exe
2010-02-10 07:13:09 ----D---- C:\Documents and Settings\PC\Data aplikací\Desktopicon
2010-02-10 01:44:51 ----D---- C:\WINDOWS\WinSxS
2010-02-10 01:44:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-10 01:02:40 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-09 23:52:54 ----DC---- C:\$AVG8.VAULT$
2010-02-09 21:36:44 ----D---- C:\WINDOWS\system32\config
2010-02-09 21:36:22 ----D---- C:\WINDOWS\system32\wbem
2010-02-09 21:36:21 ----D---- C:\WINDOWS\Registration
2010-02-09 18:33:10 ----A---- C:\Documents and Settings\PC\Data aplikací\fspro2_0.tmp
2010-02-08 13:06:34 ----A---- C:\WINDOWS\TRNCOM.INI
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-29 22:03:06 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-29 09:51:19 ----A---- C:\WINDOWS\system32\sstunst2.exe
2010-01-24 11:11:35 ----D---- C:\Program Files\Common Files
2010-01-24 10:13:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-23 01:35:57 ----AC---- C:\WINDOWS\PhotoSnapViewer.INI
2010-01-23 00:38:53 ----AC---- C:\WINDOWS\wincmd.ini
2010-01-22 15:05:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-01-16 19:14:58 ----SD---- C:\Documents and Settings\PC\Data aplikací\Microsoft
2010-01-16 16:47:48 ----D---- C:\Documents and Settings\PC\Data aplikací\TeamViewer
2010-01-13 11:50:31 ----D---- C:\WINDOWS\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-29 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-29 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-07 108552]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-22 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 VRVD302;VRVD302; C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-07-16 11296]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-11 4015680]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-10-30 329901]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-11-13 862922]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-02-11 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-06-30 10368]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2007-06-17 186592]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-10-30 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-10-30 182656]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-10-30 47875]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-10-30 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-30 67672]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-01-25 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-25 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd2;VideoCAM Look; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-07-28 334080]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndis;USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBBOX;Settop Box USB driver; C:\WINDOWS\System32\Drivers\USBBOX.sys [2003-12-22 16640]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 gmwfc;gmwfc; C:\WINDOWS\system32\drivers\gmwfc.sys [2010-02-11 791552]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-11-11 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S2 msupdate;Microsoft security update service; c:\windows\system32\mssrv32.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-10 183280]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2010-02-10 444288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-02-10 145696]
S3 p2pgasvc;Ověřování v síti skupiny rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Síť rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-02-10 914432]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 602SQL 8 FastCGI Client;602SQL 8 FastCGI Client; c:\Program Files\webgencz\602FSVC8.EXE []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF------------
Při RSIT mi píše abych smazal sobory -O1 - Hosts: 184.29.144.19 ... ale schválně jsem je nechal,a zatím je vše pomalé,stále je vidět přesýpací hod.jak PC něco dělá,a ve složce C/ je znovu soubor ..lsass.exe ,který mi ESET hned smazal,objevil se nyní po zapnutí,když tak ještě probádám,ale myslím,že je to stále stejné
Run by PC at 2010-02-11 15:02:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (44%) free of 76 GB
Total RAM: 2030 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03, on 2010-02-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\updatd7.exe
C:\DOCUME~1\PC\LOCALS~1\Temp\rjvjlsvw.exe
C:\Documents and Settings\PC\imPlayok.exe
C:\Documents and Settings\PC\reader_s.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\imPlayok.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\PC\Plocha\Nepoužívané odkazy plochy\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\PC.exe
c:\lsass.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www3.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe,C:\WINDOWS\system32\sdra64.exe,
O1 - Hosts: 184.29.144.198 msnfix.changelog.fr
O1 - Hosts: 184.29.144.198 www.incodesolutions.com
O1 - Hosts: 184.29.144.198 virusinfo.prevx.com
O1 - Hosts: 184.29.144.198 download.bleepingcomputer.com
O1 - Hosts: 184.29.144.198 www.dazhizhu.cn
O1 - Hosts: 184.29.144.198 foro.noticias3d.com
O1 - Hosts: 184.29.144.198 www.spybotupdates.com
O1 - Hosts: 184.29.144.198 club.myce.com
O1 - Hosts: 184.29.144.198 www.k7computing.com
O1 - Hosts: 184.29.144.198 softwaresecuritysolutions.com
O1 - Hosts: 184.29.144.198 www.nabble.com
O1 - Hosts: 184.29.144.198 lurker.clamav.net
O1 - Hosts: 184.29.144.198 lexikon.ikarus.at
O1 - Hosts: 184.29.144.198 research.sunbelt-software.com
O1 - Hosts: 184.29.144.198 www.virusdoctor.jp
O1 - Hosts: 184.29.144.198 www.elitepvpers.de
O1 - Hosts: 184.29.144.198 guru.avg.com
O1 - Hosts: 184.29.144.198 downloads.sophos.com
O1 - Hosts: 184.29.144.198 share.skype.com
O1 - Hosts: 184.29.144.198 myantispyware.com
O1 - Hosts: 184.29.144.198 www.computerhilfen.de
O1 - Hosts: 184.29.144.198 www.superuser.co.kr
O1 - Hosts: 184.29.144.198 ntfaq.co.kr
O1 - Hosts: 184.29.144.198 v.dreamwiz.com
O1 - Hosts: 184.29.144.198 cit.kookmin.ac.kr
O1 - Hosts: 184.29.144.198 forums.whatthetech.com
O1 - Hosts: 184.29.144.198 forum.hijackthis.de
O1 - Hosts: 184.29.144.198 avg.vo.llnwd.net
O1 - Hosts: 184.29.144.198 ftp.drweb.com
O1 - Hosts: 184.29.144.198 www.zonealarm.com
O1 - Hosts: 184.29.144.198 smadaver.com
O1 - Hosts: 184.29.144.198 support.emsisoft.com
O1 - Hosts: 184.29.144.198 www.huaifai.go.th
O1 - Hosts: 184.29.144.198 www.mostz.com
O1 - Hosts: 184.29.144.198 www.krupunmai.com
O1 - Hosts: 184.29.144.198 www.cddchiangmai.net
O1 - Hosts: 184.29.144.198 forum.malekal.com
O1 - Hosts: 184.29.144.198 tech.pantip.com
O1 - Hosts: 184.29.144.198 sapcupgrades.com
O1 - Hosts: 184.29.144.198 www.elguruinformatico.com
O1 - Hosts: 184.29.144.198 forums.avg.com
O1 - Hosts: 184.29.144.198 zastita.com
O1 - Hosts: 184.29.144.198 support.kaspersky.com
O1 - Hosts: 184.29.144.198 www.247fixes.com
O1 - Hosts: 184.29.144.198 forum.sysinternals.com
O1 - Hosts: 184.29.144.198 forum.telecharger.01net.com
O1 - Hosts: 184.29.144.198 sophos.com
O1 - Hosts: 184.29.144.198 foros.softonic.com
O1 - Hosts: 184.29.144.198 avast-home.uptodown.com
O1 - Hosts: 184.29.144.198 dr-web-cureit.softonic.com
O1 - Hosts: 184.29.144.198 heavenward.ru
O1 - Hosts: 184.29.144.198 forum.smadav.net
O1 - Hosts: 184.29.144.198 www.forum.kaspersky.com
O1 - Hosts: 184.29.144.198 www.f-secure.com
O1 - Hosts: 184.29.144.198 www.chkrootkit.org
O1 - Hosts: 184.29.144.198 diamondcs.com.au
O1 - Hosts: 184.29.144.198 www.rootkit.nl
O1 - Hosts: 184.29.144.198 www.sysinternals.com
O1 - Hosts: 184.29.144.198 z-oleg.com
O1 - Hosts: 184.29.144.198 espanol.dir.groups.yahoo.com
O1 - Hosts: 184.29.144.198 ftp01net.telechargement.fr
O1 - Hosts: 184.29.144.198 modelayu.com
O1 - Hosts: 184.29.144.198 vaksin.com
O1 - Hosts: 184.29.144.198 bbs.kaspersky.com.cn
O1 - Hosts: 184.29.144.198 www.castlecrops.com
O1 - Hosts: 184.29.144.198 www.misec.net
O1 - Hosts: 184.29.144.198 safecomputing.umn.edu
O1 - Hosts: 184.29.144.198 www.antirootkit.com
O1 - Hosts: 184.29.144.198 www.greatis.com
O1 - Hosts: 184.29.144.198 ar.answers.yahoo.com
O1 - Hosts: 184.29.144.198 www.elhacker.org
O1 - Hosts: 184.29.144.198 research.pandasecurity.com
O1 - Hosts: 184.29.144.198 www.tpu.ro
O1 - Hosts: 184.29.144.198 www.pinoyden.com
O1 - Hosts: 184.29.144.198 forum.avira.de
O1 - Hosts: 184.29.144.198 www.rootkit.com
O1 - Hosts: 184.29.144.198 www.pctools.com
O1 - Hosts: 184.29.144.198 www.pcsupportadvisor.com
O1 - Hosts: 184.29.144.198 www.resplendence.com
O1 - Hosts: 184.29.144.198 www.personal.psu.edu
O1 - Hosts: 184.29.144.198 foro.ethek.com
O1 - Hosts: 184.29.144.198 foro.elhacker.net
O1 - Hosts: 184.29.144.198 download.zonealarm.com
O1 - Hosts: 184.29.144.198 spywarehammer.com
O1 - Hosts: 184.29.144.198 www.codelain.com
O1 - Hosts: 184.29.144.198 www.thaicert.org
O1 - Hosts: 184.29.144.198 vil.nail.com
O1 - Hosts: 184.29.144.198 search.mcafee.com
O1 - Hosts: 184.29.144.198 wwww.mcafee.com
O1 - Hosts: 184.29.144.198 download.nai.com
O1 - Hosts: 184.29.144.198 wwww.experts-exchange.com
O1 - Hosts: 184.29.144.198 www.bakunos.com
O1 - Hosts: 184.29.144.198 www.darkclockers.com
O1 - Hosts: 184.29.144.198 www2.gmer.net
O1 - Hosts: 184.29.144.198 ariefew.com
O1 - Hosts: 184.29.144.198 www.emsisoft.com
O1 - Hosts: 184.29.144.198 forum.romeonet.ro
O1 - Hosts: 184.29.144.198 www.Merijn.org
O1 - Hosts: 184.29.144.198 www.spywareinfo.com
O1 - Hosts: 184.29.144.198 www.spybot.info
O1 - Hosts: 184.29.144.198 www.viruslist.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: gwprimawega - {777d1175-39e9-6d8e-c902-40412f918d84} - C:\WINDOWS\system32\cT-F3K-t.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [17842] C:\DOCUME~1\PC\LOCALS~1\Temp\rjvjlsvw.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\updatd7.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: updater.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{F05B655F-DD1B-414B-B6AA-D0447548F817}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\mssrv32.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 14311 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-12-13 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{777d1175-39e9-6d8e-c902-40412f918d84}]
gwprimawega - C:\WINDOWS\system32\cT-F3K-t.dll [2010-01-29 1265664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-01 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-01 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-12-13 798771]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-01 263280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"15071"=C:\DOCUME~1\PC\LOCALS~1\Temp\rjvjlsvw.exe [2010-02-11 23040]
"Regedit32"=C:\WINDOWS\system32\regedit.exe [2010-02-11 200704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\updatd7.exe [2010-02-11 59392]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\PC\Nabídka Start\Programy\Po spuštění
updater.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-29 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=
"NoFolderOptions"=
"NoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\Documents and Settings\PC\Dokumenty\eMule\emule.exe"="C:\Documents and Settings\PC\Dokumenty\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\PC\Plocha\Az\DCC.version2.80\DCC.exe"="C:\Documents and Settings\PC\Plocha\Az\DCC.version2.80\DCC.exe:*:Enabled:Dreambox Control Center"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\WINDOWS\system32\wmsrvc.exe"="C:\WINDOWS\system32\wmsrvc.exe:*:Enabled:DHCP Router"
"C:\Documents and Settings\PC\Plocha\Az\misut\test loga\TuneAZbox\TuneAZbox.exe"="C:\Documents and Settings\PC\Plocha\Az\misut\test loga\TuneAZbox\TuneAZbox.exe:*:Disabled: "
"E:\uTorrent\utorrent.exe"="E:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\telesat\CAM Wizard\AZBox CAM Wizard.exe"="C:\Program Files\telesat\CAM Wizard\AZBox CAM Wizard.exe:*:Enabled:AZBox CAM Wizard"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Documents and Settings\PC\Local Settings\temp\init.exe"="C:\Documents and Settings\PC\Local Settings\temp\init.exe:*:Enabled:ENABLE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\wmsrvc.exe"="C:\WINDOWS\system32\wmsrvc.exe:*:Enabled:DHCP Router"
======List of files/folders created in the last 1 months======
2010-02-11 14:59:27 ----RSH---- C:\WINDOWS\system32\wmsrvc.exe
2010-02-11 14:58:21 ----A---- C:\WINDOWS\system32\info.tmp
2010-02-11 04:56:36 ----SHD---- C:\WINDOWS\system32\lowsec
2010-02-11 04:51:22 ----DC---- C:\Avenger
2010-02-11 04:51:22 ----AC---- C:\avenger.txt
2010-02-11 04:43:21 ----RSH---- C:\WINDOWS\updatd7.exe
2010-02-11 04:43:21 ----A---- C:\WINDOWS\logfile32.txt
2010-02-11 04:42:51 ----A---- C:\WINDOWS\system32\regedit.exe
2010-02-11 04:42:48 ----AC---- C:\lsass.exe
2010-02-11 04:42:46 ----RSH---- C:\WINDOWS\ccdrive32.exe
2010-02-11 04:42:37 ----A---- C:\WINDOWS\system32\reader_s.exe
2010-02-10 18:45:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-10 17:56:43 ----D---- C:\WINDOWS\Prefetch
2010-02-10 16:28:37 ----A---- C:\WINDOWS\SEC35.tmp
2010-02-10 16:26:29 ----A---- C:\WINDOWS\setuplog.txt
2010-02-10 16:25:12 ----A---- C:\WINDOWS\000002_.tmp
2010-02-10 13:08:45 ----A---- C:\WINDOWS\system32\imPlayok.exe
2010-02-10 12:09:55 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-10 10:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-02-10 10:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-10 10:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-10 10:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-10 10:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-10 10:49:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-10 10:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2010-02-10 10:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2010-02-10 10:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-10 10:48:13 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-02-10 10:48:13 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-02-10 10:47:22 ----A---- C:\WINDOWS\000001_.tmp
2010-02-10 01:02:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 01:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 01:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 01:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 01:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 01:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 01:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-10 01:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 01:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 00:02:51 ----A---- C:\WINDOWS\system32\HZIG24MGwf_l.exe
2010-02-09 23:15:03 ----SHDC---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-09 21:35:35 ----DC---- C:\Config.Msi
2010-02-09 21:06:36 ----D---- C:\Documents and Settings\PC\Data aplikací\TuneUp Software
2010-02-09 21:06:09 ----DC---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-02-03 17:47:03 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-03 17:01:31 ----DC---- C:\Output Files
2010-02-01 10:51:00 ----D---- C:\Program Files\CCleaner
2010-01-29 19:34:06 ----A---- C:\WINDOWS\system32\cT-F3K-t.dll
2010-01-24 11:12:21 ----A---- C:\Documents and Settings\PC\Data aplikací\isfree4_0.tmp
2010-01-24 11:11:35 ----D---- C:\Program Files\Common Files\iSpring Solutions
2010-01-24 11:11:34 ----D---- C:\Program Files\iSpring
2010-01-24 11:04:36 ----D---- C:\Program Files\IrfanView
2010-01-24 10:57:38 ----D---- C:\Program Files\Image Grabber II
2010-01-20 19:26:49 ----D---- C:\Documents and Settings\PC\Data aplikací\vlc
2010-01-19 21:04:12 ----DC---- C:\Nová složka
2010-01-16 16:47:37 ----D---- C:\Program Files\TeamViewer
2010-01-16 16:13:17 ----D---- C:\Program Files\VideoLAN
2010-01-15 18:29:24 ----DC---- C:\multiAVCHD
2010-01-13 11:09:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 11:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
======List of files/folders modified in the last 1 months======
2010-02-11 15:01:39 ----D---- C:\Program Files\Mozilla Firefox
2010-02-11 14:59:47 ----D---- C:\WINDOWS\temp
2010-02-11 14:59:40 ----D---- C:\WINDOWS\system32\drivers
2010-02-11 14:59:27 ----D---- C:\WINDOWS\system32
2010-02-11 04:51:22 ----RD---- C:\Program Files
2010-02-11 04:49:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-11 04:43:21 ----AD---- C:\WINDOWS
2010-02-11 04:43:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-11 04:43:10 ----RSHD---- C:\RECYCLER
2010-02-10 22:19:38 ----D---- C:\Documents and Settings\PC\Data aplikací\Skype
2010-02-10 20:06:45 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-10 20:05:18 ----HD---- C:\WINDOWS\inf
2010-02-10 20:05:18 ----D---- C:\Program Files\Messenger
2010-02-10 20:04:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-10 16:25:47 ----D---- C:\WINDOWS\Help
2010-02-10 16:25:46 ----D---- C:\WINDOWS\system32\oobe
2010-02-10 16:25:14 ----D---- C:\WINDOWS\security
2010-02-10 16:24:58 ----D---- C:\WINDOWS\EHome
2010-02-10 16:12:34 ----SHD---- C:\WINDOWS\Installer
2010-02-10 15:47:45 ----DC---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-02-10 15:21:29 ----DC---- C:\rsit
2010-02-10 13:46:52 ----D---- C:\Program Files\AVG
2010-02-10 13:31:14 ----D---- C:\WINDOWS\Debug
2010-02-10 13:23:23 ----D---- C:\Inst.programy
2010-02-10 13:21:45 ----SD---- C:\WINDOWS\Tasks
2010-02-10 12:20:55 ----D---- C:\instalace
2010-02-10 12:17:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-02-10 10:48:13 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-10 10:48:09 ----D---- C:\Program Files\Windows Media Player
2010-02-10 09:43:33 ----D---- C:\Program Files\Outlook Express
2010-02-10 09:43:33 ----D---- C:\Program Files\NetMeeting
2010-02-10 09:43:33 ----D---- C:\Program Files\Movie Maker
2010-02-10 09:14:22 ----D---- C:\Program Files\Wisdom-soft ScreenHunter Free
2010-02-10 09:14:19 ----D---- C:\Program Files\Windows NT
2010-02-10 09:13:31 ----D---- C:\Program Files\Windows Media Connect 2
2010-02-10 09:13:07 ----D---- C:\Program Files\WinAVIVideoConverter
2010-02-10 09:05:28 ----D---- C:\Program Files\Total Video Converter
2010-02-10 09:03:35 ----D---- C:\Program Files\The KMPlayer
2010-02-10 09:00:05 ----D---- C:\Program Files\Shared files
2010-02-10 09:00:03 ----D---- C:\Program Files\Seznam DVD
2010-02-10 08:56:23 ----D---- C:\Program Files\Realtek AC97
2010-02-10 08:56:16 ----D---- C:\Program Files\QuickMediaConverter
2010-02-10 08:55:33 ----D---- C:\Program Files\QIP
2010-02-10 08:55:09 ----D---- C:\Program Files\PSPad editor
2010-02-10 08:47:38 ----D---- C:\Program Files\Magic Video Converter
2010-02-10 08:43:43 ----D---- C:\Program Files\iWisoft Free Video Converter
2010-02-10 08:43:24 ----D---- C:\Program Files\Internet Explorer
2010-02-10 08:41:53 ----D---- C:\Program Files\Image Converter .EXE
2010-02-10 08:25:12 ----D---- C:\Program Files\Get IP
2010-02-10 08:25:03 ----D---- C:\Program Files\Fausto
2010-02-10 08:23:40 ----D---- C:\Program Files\E.M. PowerPoint Video Converter
2010-02-10 08:23:24 ----D---- C:\Program Files\DVDFab Decrypter
2010-02-10 08:23:18 ----D---- C:\Program Files\DVD Shrink
2010-02-10 08:17:59 ----D---- C:\Program Files\Common Files\SoftTech InterCorp
2010-02-10 08:17:51 ----D---- C:\Program Files\Common Files\snpstd2
2010-02-10 08:13:00 ----D---- C:\Program Files\Cell Phone Manager
2010-02-10 08:11:20 ----D---- C:\Program Files\btw
2010-02-10 08:10:53 ----D---- C:\Program Files\Avi To MPEG Scout
2010-02-10 08:10:23 ----D---- C:\Program Files\AVD Video Processor 8.0.1 TRIAL
2010-02-10 08:00:39 ----D---- C:\GAME
2010-02-10 07:13:11 ----A---- C:\Documents and Settings\PC\Data aplikací\ezpinst.exe
2010-02-10 07:13:09 ----D---- C:\Documents and Settings\PC\Data aplikací\Desktopicon
2010-02-10 01:44:51 ----D---- C:\WINDOWS\WinSxS
2010-02-10 01:44:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-10 01:02:40 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-09 23:52:54 ----DC---- C:\$AVG8.VAULT$
2010-02-09 21:36:44 ----D---- C:\WINDOWS\system32\config
2010-02-09 21:36:22 ----D---- C:\WINDOWS\system32\wbem
2010-02-09 21:36:21 ----D---- C:\WINDOWS\Registration
2010-02-09 18:33:10 ----A---- C:\Documents and Settings\PC\Data aplikací\fspro2_0.tmp
2010-02-08 13:06:34 ----A---- C:\WINDOWS\TRNCOM.INI
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-29 22:03:06 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-29 09:51:19 ----A---- C:\WINDOWS\system32\sstunst2.exe
2010-01-24 11:11:35 ----D---- C:\Program Files\Common Files
2010-01-24 10:13:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-23 01:35:57 ----AC---- C:\WINDOWS\PhotoSnapViewer.INI
2010-01-23 00:38:53 ----AC---- C:\WINDOWS\wincmd.ini
2010-01-22 15:05:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-01-16 19:14:58 ----SD---- C:\Documents and Settings\PC\Data aplikací\Microsoft
2010-01-16 16:47:48 ----D---- C:\Documents and Settings\PC\Data aplikací\TeamViewer
2010-01-13 11:50:31 ----D---- C:\WINDOWS\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-29 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-29 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-07 108552]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-22 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 VRVD302;VRVD302; C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-07-16 11296]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-11 4015680]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-10-30 329901]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-11-13 862922]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-02-11 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-06-30 10368]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2007-06-17 186592]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-10-30 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-10-30 182656]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-10-30 47875]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-10-30 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-30 67672]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-01-25 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-25 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd2;VideoCAM Look; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-07-28 334080]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndis;USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBBOX;Settop Box USB driver; C:\WINDOWS\System32\Drivers\USBBOX.sys [2003-12-22 16640]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 gmwfc;gmwfc; C:\WINDOWS\system32\drivers\gmwfc.sys [2010-02-11 791552]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-11-11 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S2 msupdate;Microsoft security update service; c:\windows\system32\mssrv32.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-10 183280]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2010-02-10 444288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-02-10 145696]
S3 p2pgasvc;Ověřování v síti skupiny rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Síť rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-02-10 914432]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 602SQL 8 FastCGI Client;602SQL 8 FastCGI Client; c:\Program Files\webgencz\602FSVC8.EXE []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF------------
Při RSIT mi píše abych smazal sobory -O1 - Hosts: 184.29.144.19 ... ale schválně jsem je nechal,a zatím je vše pomalé,stále je vidět přesýpací hod.jak PC něco dělá,a ve složce C/ je znovu soubor ..lsass.exe ,který mi ESET hned smazal,objevil se nyní po zapnutí,když tak ještě probádám,ale myslím,že je to stále stejné
Re: Prosím o kontrolu logu,víry v PC
Při RSIT mi píše abych smazal sobory -O1 - Hosts: 184.29.144.19 ... /které jsou umístěny v C:\WINDOWS\system32\drivers\etc, v C:\WINDOWS\system32\drivers je nějaký spouštěcí 718.exe vytvořený nyní při spuištění PC,
dále se začala objevovat tabulka s připojením a varovná
dále se začala objevovat tabulka s připojením a varovná
- Přílohy
-
- ScreenHunter_2.jpg (11.28 KiB) Zobrazeno 3161 x
-
- ScreenHunter_3.jpg (13.51 KiB) Zobrazeno 3162 x
Re: Prosím o kontrolu logu,víry v PC
a další varovná
- Přílohy
-
- ScreenHunter_2.jpg (11.28 KiB) Zobrazeno 3161 x
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu,víry v PC
Stáhni si
a ulož ho na plochu.
Ukonči všechna aktivní okna,vypni Antispy a Antivir a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna a nic nespouštěj
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
- Pokud by nešlo v normálním režimu restartuj do nouzového a zkus to tam
Kdyby ti po použití ComboFixu systém nenaběhl - při restartu F8 a poslední známá funkční konfigurace
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosím o kontrolu logu,víry v PC
Už píšu ze svého PC- konečně ,jde rychle-zmizely přes.hodiny,jde net,šel i před tím ale nabíhaly stránky i 5 a více minut,někdy KO-
Při Combu se několikrát restartoval,poprvé hned v uvodu jsem musel dát příkaz-našel nějaký ritkit-/nebo nesmějte se nevím jak se vír jmenoval
tak log
ComboFix 10-02-11.02 - PC 2010-02-11 21:12:57.22.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2030.1600 [GMT 1:00]
Spuštěný z: c:\documents and settings\PC\Plocha\Nová složka\tools\VerTerm.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\PC\imPlayok.exe
c:\documents and settings\PC\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\PC\reader_s.exe
C:\lsass.exe
c:\recycler\S-1-5-21-0243936033-3052116371-381863308-1811
c:\recycler\S-1-5-21-0920843915-9086358784-250941569-6229
c:\recycler\S-1-5-21-2058594700-7658535833-396947118-2889
c:\recycler\S-1-5-21-2327915719-1200706953-135672942-6726
c:\recycler\S-1-5-21-2675960554-9915919300-480336806-0842
c:\recycler\S-1-5-21-2995094912-7943020999-972115026-9432
c:\recycler\S-1-5-21-3769355891-4804271050-778453000-9908
c:\recycler\S-1-5-21-4870158546-3555498174-152674599-9565
c:\recycler\S-1-5-21-5265778064-2430129244-639712227-9417
c:\recycler\S-1-5-21-5265778064-2430129244-639712227-9417\mwau.exe
c:\recycler\S-1-5-21-5672042570-5535976374-663299440-5488
c:\recycler\S-1-5-21-6034383414-7647913308-648074852-2952
c:\recycler\S-1-5-21-6391206528-7277305611-519172823-8618
c:\recycler\S-1-5-21-6783583512-7091785261-056175797-0863
c:\recycler\S-1-5-21-6999215608-4478567987-536037421-1739
c:\recycler\S-1-5-21-7345428195-9104276190-730018974-3991
c:\recycler\S-1-5-21-7422140713-8667778966-436194516-3347
c:\recycler\S-1-5-21-7440012594-5590118143-165524205-7650
c:\recycler\S-1-5-21-8032450114-4269417801-650713117-9136
c:\recycler\S-1-5-21-9113323897-6924746961-758275306-7134
c:\recycler\S-1-5-21-9286944849-5835104361-445385483-0928
c:\windows\ccdrive32.exe
c:\windows\logfile32.txt
c:\windows\msdrv32.exe
c:\windows\system32\drivers\46.exe
c:\windows\system32\drivers\718.exe
c:\windows\system32\drivers\781.exe
c:\windows\system32\drivers\921.exe
c:\windows\system32\drivers\gmwfc.sys
c:\windows\system32\imPlayok.exe
c:\windows\system32\kbdsock.dll
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\mshlps.dll
c:\windows\system32\mssrv32.exe
c:\windows\system32\reader_s.exe
c:\windows\updatd7.exe
Nakažená kopie c:\windows\system32\drivers\cdrom.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\cdrom.sys
Nakažená kopie c:\windows\system32\drivers\ndis.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\ndis.sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MSUPDATE
-------\Service_msupdate
-------\Legacy_gmwfc
-------\Service_gmwfc
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-11 do 2010-02-11 )))))))))))))))))))))))))))))))
.
2010-02-11 14:08 . 2010-02-11 14:08 66560 ----a-w- c:\windows\system32\scshofst.exe
2010-02-11 13:59 . 2010-02-11 20:23 791552 ----a-w- c:\windows\system32\drivers\etalvk.sys
2010-02-11 13:59 . 2010-02-11 19:40 145408 --sh--r- c:\windows\system32\wmsrvc.exe
2010-02-11 03:42 . 2010-02-11 13:58 200704 ----a-w- c:\windows\system32\regedit.exe.vir
2010-02-10 17:45 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-10 17:45 . 2010-02-11 18:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 17:45 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-10 15:25 . 2008-04-14 07:49 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2010-02-10 11:09 . 2010-02-10 11:09 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-10 09:48 . 2008-04-14 07:51 9728 ------w- c:\windows\system32\rwnh.dll
2010-02-10 09:48 . 2008-04-14 07:51 10752 ------w- c:\windows\system32\smtpapi.dll
2010-02-09 23:02 . 2010-02-10 00:07 118284 ----a-w- c:\windows\system32\HZIG24MGwf_l.exe
2010-02-09 20:36 . 2010-02-09 20:36 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-03 16:01 . 2010-02-03 16:01 -------- dc----w- C:\Output Files
2010-02-01 09:51 . 2010-02-10 07:12 -------- d-----w- c:\program files\CCleaner
2010-01-29 18:34 . 2010-01-29 18:34 1265664 ----a-w- c:\windows\system32\cT-F3K-t.dll
2010-01-29 08:51 . 2010-01-29 08:51 373249 ----a-w- c:\windows\system32\ÇÖ°É Č¸éş¸ČŁ±â V1.0.scr
2010-01-24 10:11 . 2010-01-24 10:11 -------- d-----w- c:\program files\Common Files\iSpring Solutions
2010-01-24 10:11 . 2010-01-24 10:11 -------- d-----w- c:\program files\iSpring
2010-01-24 10:04 . 2010-01-24 10:09 -------- d-----w- c:\program files\IrfanView
2010-01-24 09:57 . 2010-02-10 07:42 -------- d-----w- c:\program files\Image Grabber II
2010-01-19 20:04 . 2010-01-19 20:04 -------- dc----w- C:\Nová složka
2010-01-16 15:47 . 2010-01-16 15:47 -------- d-----w- c:\program files\TeamViewer
2010-01-16 15:13 . 2010-01-16 15:13 -------- d-----w- c:\program files\VideoLAN
2010-01-15 17:29 . 2010-02-10 07:06 -------- dc----w- C:\multiAVCHD
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-10 15:28 . 2010-02-10 15:28 4146 ----a-w- c:\windows\SEC35.tmp
2010-02-10 12:46 . 2008-04-11 14:02 -------- d-----w- c:\program files\AVG
2010-02-10 08:14 . 2009-05-24 11:54 -------- d-----w- c:\program files\Wisdom-soft ScreenHunter Free
2010-02-10 08:13 . 2007-03-31 17:20 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-10 08:13 . 2007-04-01 07:59 -------- d-----w- c:\program files\WinAVIVideoConverter
2010-02-10 08:05 . 2007-11-05 08:49 -------- d-----w- c:\program files\Total Video Converter
2010-02-10 08:03 . 2008-12-08 16:14 -------- d-----w- c:\program files\The KMPlayer
2010-02-10 08:00 . 2008-01-19 21:02 -------- d-----w- c:\program files\Shared files
2010-02-10 08:00 . 2007-05-06 11:51 -------- d-----w- c:\program files\Seznam DVD
2010-02-10 07:56 . 2007-03-01 12:02 -------- d-----w- c:\program files\Realtek AC97
2010-02-10 07:56 . 2008-05-24 10:32 -------- d-----w- c:\program files\QuickMediaConverter
2010-02-10 07:55 . 2008-06-11 18:44 -------- d-----w- c:\program files\QIP
2010-02-10 07:55 . 2008-03-01 00:05 -------- d-----w- c:\program files\PSPad editor
2010-02-10 07:47 . 2009-02-11 17:29 -------- d-----w- c:\program files\Magic Video Converter
2010-02-10 07:43 . 2009-12-30 11:11 -------- d-----w- c:\program files\iWisoft Free Video Converter
2010-02-10 07:41 . 2007-07-15 15:56 -------- d-----w- c:\program files\Image Converter .EXE
2010-02-10 07:25 . 2008-09-03 11:58 -------- d-----w- c:\program files\Get IP
2010-02-10 07:25 . 2008-01-29 09:20 -------- d-----w- c:\program files\Fausto
2010-02-10 07:23 . 2009-06-22 10:26 -------- d-----w- c:\program files\E.M. PowerPoint Video Converter
2010-02-10 07:23 . 2007-03-21 18:27 -------- d-----w- c:\program files\DVDFab Decrypter
2010-02-10 07:23 . 2007-03-02 19:33 -------- d-----w- c:\program files\DVD Shrink
2010-02-10 07:17 . 2007-07-15 15:56 -------- d-----w- c:\program files\Common Files\SoftTech InterCorp
2010-02-10 07:17 . 2007-03-02 15:58 -------- d-----w- c:\program files\Common Files\snpstd2
2010-02-10 07:13 . 2007-12-21 11:42 -------- d-----w- c:\program files\Cell Phone Manager
2010-02-10 07:11 . 2008-08-14 16:34 -------- d-----w- c:\program files\btw
2010-02-10 07:10 . 2008-02-11 20:05 -------- d-----w- c:\program files\Avi To MPEG Scout
2010-02-10 07:10 . 2009-12-11 17:30 -------- d-----w- c:\program files\AVD Video Processor 8.0.1 TRIAL
2010-01-29 08:51 . 2007-03-02 20:29 29184 ----a-w- c:\windows\system32\sstunst2.exe
2010-01-25 21:53 . 2009-11-27 12:01 676 ----a-w- c:\windows\im32st.dat
2010-01-03 15:52 . 2010-01-03 15:52 -------- d-----w- c:\program files\Rising Research
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-28 18:51 . 2009-12-28 18:51 -------- d-----w- c:\program files\FreeTime
2009-12-24 20:23 . 2009-12-24 20:23 -------- d-----w- c:\program files\Topsevenreviews
2009-12-21 19:08 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2007-03-01 11:18 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-12 18:54 . 2009-12-12 18:54 26624 ----a-w- c:\windows\OETRN.EXE
2009-12-12 18:54 . 2009-12-12 18:54 200704 ----a-w- c:\windows\TRNOET.DLL
2009-12-12 18:54 . 2009-12-12 18:17 45056 ----a-w- c:\windows\TRNOEH.DLL
2009-12-12 18:54 . 2009-12-01 22:10 516096 ----a-w- c:\windows\UN32.EXE
2009-12-09 10:11 . 2004-08-17 15:45 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:11 . 2004-08-17 13:45 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 08:07 . 2001-10-25 12:00 732556 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 08:07 . 2001-10-25 12:00 196524 ----a-w- c:\windows\system32\perfc005.dat
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-17 13:49 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2001-10-25 14:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:09 . 2004-08-17 13:49 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 13:49 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-25 09:40 . 2009-11-25 09:40 34048 -c--a-w- c:\windows\system32\eEmpty.exe
2009-06-28 18:02 . 2009-06-28 18:02 23510720 -c--a-w- c:\program files\dotnetfx.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{777d1175-39e9-6d8e-c902-40412f918d84}]
2010-01-29 18:34 1265664 ----a-w- c:\windows\system32\cT-F3K-t.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
updater.exe [2010-2-10 2746785]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101952]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 30208]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-13 561213]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-29 07:23 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Documents and Settings\\PC\\Dokumenty\\eMule\\emule.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\Az\\DCC.version2.80\\DCC.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\wmsrvc.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\Az\\misut\\test loga\\TuneAZbox\\TuneAZbox.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\telesat\\CAM Wizard\\AZBox CAM Wizard.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-06-28 12552]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2006-02-23 11264]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-06-28 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-06-28 108552]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2007-03-01 13696]
R1 VRVD302;VRVD302;c:\windows\system32\drivers\VRVD302.sys [2008-07-16 11296]
S0 ebfwzod;ebfwzod; [x]
S0 lokewqfy;lokewqfy;c:\windows\system32\drivers\pzjkfbea.sys --> c:\windows\system32\drivers\pzjkfbea.sys [?]
S3 USBBOX;Settop Box USB driver;c:\windows\system32\drivers\USBBOX.sys [2007-03-12 16640]
S4 602SQL 8 FastCGI Client;602SQL 8 FastCGI Client;c:\program files\webgencz\602FSVC8.EXE --> c:\program files\webgencz\602FSVC8.EXE [?]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - etalvk
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www3.iamwired.net/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {F05B655F-DD1B-414B-B6AA-D0447548F817} = 62.129.50.20,85.135.32.100
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\de4ohtlf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Advanced PDF to IMAGE converter_is1 - e:\advanced pdf to image converter\unins000.exe
AddRemove-Aiseesoft Total Video Converter_is1 - f:\aiseesoft total video converter\unins000.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe
AddRemove-µTorrent CZ_is1 - e:\utorrent\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-11 21:23
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\etalvk]
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1202660629-1715567821-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"napighjfgppokoeihdpdcmihnpfm"=hex:6a,61,64,6f,62,6f,65,67,6d,63,64,67,6a,6d,
6a,6e,66,64,68,64,00,e8
"mafkaefjdmccbffcjjoffknfnl"=hex:6a,61,64,6f,62,6f,65,67,6d,63,64,67,6a,6d,6a,
6e,66,64,68,64,00,02
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(1252)
c:\windows\system32\btmmhook.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
.
**************************************************************************
.
Celkový čas: 2010-02-11 21:32:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-11 20:32
Před spuštěním: Volných bajtů: 41,766,735,872
Po spuštění: Volných bajtů: 42,222,596,096
- - End Of File - - B2ACD72802AD916A9C7667DB0D9C172B
Při Combu se několikrát restartoval,poprvé hned v uvodu jsem musel dát příkaz-našel nějaký ritkit-/nebo nesmějte se nevím jak se vír jmenoval
tak log
ComboFix 10-02-11.02 - PC 2010-02-11 21:12:57.22.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2030.1600 [GMT 1:00]
Spuštěný z: c:\documents and settings\PC\Plocha\Nová složka\tools\VerTerm.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\PC\imPlayok.exe
c:\documents and settings\PC\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\PC\reader_s.exe
C:\lsass.exe
c:\recycler\S-1-5-21-0243936033-3052116371-381863308-1811
c:\recycler\S-1-5-21-0920843915-9086358784-250941569-6229
c:\recycler\S-1-5-21-2058594700-7658535833-396947118-2889
c:\recycler\S-1-5-21-2327915719-1200706953-135672942-6726
c:\recycler\S-1-5-21-2675960554-9915919300-480336806-0842
c:\recycler\S-1-5-21-2995094912-7943020999-972115026-9432
c:\recycler\S-1-5-21-3769355891-4804271050-778453000-9908
c:\recycler\S-1-5-21-4870158546-3555498174-152674599-9565
c:\recycler\S-1-5-21-5265778064-2430129244-639712227-9417
c:\recycler\S-1-5-21-5265778064-2430129244-639712227-9417\mwau.exe
c:\recycler\S-1-5-21-5672042570-5535976374-663299440-5488
c:\recycler\S-1-5-21-6034383414-7647913308-648074852-2952
c:\recycler\S-1-5-21-6391206528-7277305611-519172823-8618
c:\recycler\S-1-5-21-6783583512-7091785261-056175797-0863
c:\recycler\S-1-5-21-6999215608-4478567987-536037421-1739
c:\recycler\S-1-5-21-7345428195-9104276190-730018974-3991
c:\recycler\S-1-5-21-7422140713-8667778966-436194516-3347
c:\recycler\S-1-5-21-7440012594-5590118143-165524205-7650
c:\recycler\S-1-5-21-8032450114-4269417801-650713117-9136
c:\recycler\S-1-5-21-9113323897-6924746961-758275306-7134
c:\recycler\S-1-5-21-9286944849-5835104361-445385483-0928
c:\windows\ccdrive32.exe
c:\windows\logfile32.txt
c:\windows\msdrv32.exe
c:\windows\system32\drivers\46.exe
c:\windows\system32\drivers\718.exe
c:\windows\system32\drivers\781.exe
c:\windows\system32\drivers\921.exe
c:\windows\system32\drivers\gmwfc.sys
c:\windows\system32\imPlayok.exe
c:\windows\system32\kbdsock.dll
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\mshlps.dll
c:\windows\system32\mssrv32.exe
c:\windows\system32\reader_s.exe
c:\windows\updatd7.exe
Nakažená kopie c:\windows\system32\drivers\cdrom.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\cdrom.sys
Nakažená kopie c:\windows\system32\drivers\ndis.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\ndis.sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MSUPDATE
-------\Service_msupdate
-------\Legacy_gmwfc
-------\Service_gmwfc
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-11 do 2010-02-11 )))))))))))))))))))))))))))))))
.
2010-02-11 14:08 . 2010-02-11 14:08 66560 ----a-w- c:\windows\system32\scshofst.exe
2010-02-11 13:59 . 2010-02-11 20:23 791552 ----a-w- c:\windows\system32\drivers\etalvk.sys
2010-02-11 13:59 . 2010-02-11 19:40 145408 --sh--r- c:\windows\system32\wmsrvc.exe
2010-02-11 03:42 . 2010-02-11 13:58 200704 ----a-w- c:\windows\system32\regedit.exe.vir
2010-02-10 17:45 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-10 17:45 . 2010-02-11 18:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 17:45 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-10 15:25 . 2008-04-14 07:49 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2010-02-10 11:09 . 2010-02-10 11:09 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-10 09:48 . 2008-04-14 07:51 9728 ------w- c:\windows\system32\rwnh.dll
2010-02-10 09:48 . 2008-04-14 07:51 10752 ------w- c:\windows\system32\smtpapi.dll
2010-02-09 23:02 . 2010-02-10 00:07 118284 ----a-w- c:\windows\system32\HZIG24MGwf_l.exe
2010-02-09 20:36 . 2010-02-09 20:36 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-03 16:01 . 2010-02-03 16:01 -------- dc----w- C:\Output Files
2010-02-01 09:51 . 2010-02-10 07:12 -------- d-----w- c:\program files\CCleaner
2010-01-29 18:34 . 2010-01-29 18:34 1265664 ----a-w- c:\windows\system32\cT-F3K-t.dll
2010-01-29 08:51 . 2010-01-29 08:51 373249 ----a-w- c:\windows\system32\ÇÖ°É Č¸éş¸ČŁ±â V1.0.scr
2010-01-24 10:11 . 2010-01-24 10:11 -------- d-----w- c:\program files\Common Files\iSpring Solutions
2010-01-24 10:11 . 2010-01-24 10:11 -------- d-----w- c:\program files\iSpring
2010-01-24 10:04 . 2010-01-24 10:09 -------- d-----w- c:\program files\IrfanView
2010-01-24 09:57 . 2010-02-10 07:42 -------- d-----w- c:\program files\Image Grabber II
2010-01-19 20:04 . 2010-01-19 20:04 -------- dc----w- C:\Nová složka
2010-01-16 15:47 . 2010-01-16 15:47 -------- d-----w- c:\program files\TeamViewer
2010-01-16 15:13 . 2010-01-16 15:13 -------- d-----w- c:\program files\VideoLAN
2010-01-15 17:29 . 2010-02-10 07:06 -------- dc----w- C:\multiAVCHD
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-10 15:28 . 2010-02-10 15:28 4146 ----a-w- c:\windows\SEC35.tmp
2010-02-10 12:46 . 2008-04-11 14:02 -------- d-----w- c:\program files\AVG
2010-02-10 08:14 . 2009-05-24 11:54 -------- d-----w- c:\program files\Wisdom-soft ScreenHunter Free
2010-02-10 08:13 . 2007-03-31 17:20 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-10 08:13 . 2007-04-01 07:59 -------- d-----w- c:\program files\WinAVIVideoConverter
2010-02-10 08:05 . 2007-11-05 08:49 -------- d-----w- c:\program files\Total Video Converter
2010-02-10 08:03 . 2008-12-08 16:14 -------- d-----w- c:\program files\The KMPlayer
2010-02-10 08:00 . 2008-01-19 21:02 -------- d-----w- c:\program files\Shared files
2010-02-10 08:00 . 2007-05-06 11:51 -------- d-----w- c:\program files\Seznam DVD
2010-02-10 07:56 . 2007-03-01 12:02 -------- d-----w- c:\program files\Realtek AC97
2010-02-10 07:56 . 2008-05-24 10:32 -------- d-----w- c:\program files\QuickMediaConverter
2010-02-10 07:55 . 2008-06-11 18:44 -------- d-----w- c:\program files\QIP
2010-02-10 07:55 . 2008-03-01 00:05 -------- d-----w- c:\program files\PSPad editor
2010-02-10 07:47 . 2009-02-11 17:29 -------- d-----w- c:\program files\Magic Video Converter
2010-02-10 07:43 . 2009-12-30 11:11 -------- d-----w- c:\program files\iWisoft Free Video Converter
2010-02-10 07:41 . 2007-07-15 15:56 -------- d-----w- c:\program files\Image Converter .EXE
2010-02-10 07:25 . 2008-09-03 11:58 -------- d-----w- c:\program files\Get IP
2010-02-10 07:25 . 2008-01-29 09:20 -------- d-----w- c:\program files\Fausto
2010-02-10 07:23 . 2009-06-22 10:26 -------- d-----w- c:\program files\E.M. PowerPoint Video Converter
2010-02-10 07:23 . 2007-03-21 18:27 -------- d-----w- c:\program files\DVDFab Decrypter
2010-02-10 07:23 . 2007-03-02 19:33 -------- d-----w- c:\program files\DVD Shrink
2010-02-10 07:17 . 2007-07-15 15:56 -------- d-----w- c:\program files\Common Files\SoftTech InterCorp
2010-02-10 07:17 . 2007-03-02 15:58 -------- d-----w- c:\program files\Common Files\snpstd2
2010-02-10 07:13 . 2007-12-21 11:42 -------- d-----w- c:\program files\Cell Phone Manager
2010-02-10 07:11 . 2008-08-14 16:34 -------- d-----w- c:\program files\btw
2010-02-10 07:10 . 2008-02-11 20:05 -------- d-----w- c:\program files\Avi To MPEG Scout
2010-02-10 07:10 . 2009-12-11 17:30 -------- d-----w- c:\program files\AVD Video Processor 8.0.1 TRIAL
2010-01-29 08:51 . 2007-03-02 20:29 29184 ----a-w- c:\windows\system32\sstunst2.exe
2010-01-25 21:53 . 2009-11-27 12:01 676 ----a-w- c:\windows\im32st.dat
2010-01-03 15:52 . 2010-01-03 15:52 -------- d-----w- c:\program files\Rising Research
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-28 18:51 . 2009-12-28 18:51 -------- d-----w- c:\program files\FreeTime
2009-12-24 20:23 . 2009-12-24 20:23 -------- d-----w- c:\program files\Topsevenreviews
2009-12-21 19:08 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2007-03-01 11:18 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-12 18:54 . 2009-12-12 18:54 26624 ----a-w- c:\windows\OETRN.EXE
2009-12-12 18:54 . 2009-12-12 18:54 200704 ----a-w- c:\windows\TRNOET.DLL
2009-12-12 18:54 . 2009-12-12 18:17 45056 ----a-w- c:\windows\TRNOEH.DLL
2009-12-12 18:54 . 2009-12-01 22:10 516096 ----a-w- c:\windows\UN32.EXE
2009-12-09 10:11 . 2004-08-17 15:45 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:11 . 2004-08-17 13:45 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 08:07 . 2001-10-25 12:00 732556 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 08:07 . 2001-10-25 12:00 196524 ----a-w- c:\windows\system32\perfc005.dat
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-17 13:49 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2001-10-25 14:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:09 . 2004-08-17 13:49 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 13:49 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-25 09:40 . 2009-11-25 09:40 34048 -c--a-w- c:\windows\system32\eEmpty.exe
2009-06-28 18:02 . 2009-06-28 18:02 23510720 -c--a-w- c:\program files\dotnetfx.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{777d1175-39e9-6d8e-c902-40412f918d84}]
2010-01-29 18:34 1265664 ----a-w- c:\windows\system32\cT-F3K-t.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
updater.exe [2010-2-10 2746785]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101952]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 30208]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-13 561213]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-29 07:23 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Documents and Settings\\PC\\Dokumenty\\eMule\\emule.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\Az\\DCC.version2.80\\DCC.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\wmsrvc.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\Az\\misut\\test loga\\TuneAZbox\\TuneAZbox.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\telesat\\CAM Wizard\\AZBox CAM Wizard.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-06-28 12552]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2006-02-23 11264]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-06-28 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-06-28 108552]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2007-03-01 13696]
R1 VRVD302;VRVD302;c:\windows\system32\drivers\VRVD302.sys [2008-07-16 11296]
S0 ebfwzod;ebfwzod; [x]
S0 lokewqfy;lokewqfy;c:\windows\system32\drivers\pzjkfbea.sys --> c:\windows\system32\drivers\pzjkfbea.sys [?]
S3 USBBOX;Settop Box USB driver;c:\windows\system32\drivers\USBBOX.sys [2007-03-12 16640]
S4 602SQL 8 FastCGI Client;602SQL 8 FastCGI Client;c:\program files\webgencz\602FSVC8.EXE --> c:\program files\webgencz\602FSVC8.EXE [?]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - etalvk
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www3.iamwired.net/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {F05B655F-DD1B-414B-B6AA-D0447548F817} = 62.129.50.20,85.135.32.100
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\de4ohtlf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Advanced PDF to IMAGE converter_is1 - e:\advanced pdf to image converter\unins000.exe
AddRemove-Aiseesoft Total Video Converter_is1 - f:\aiseesoft total video converter\unins000.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe
AddRemove-µTorrent CZ_is1 - e:\utorrent\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-11 21:23
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\etalvk]
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1202660629-1715567821-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC737334-5186-95A4-BDA2-8F750AB02F93}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"napighjfgppokoeihdpdcmihnpfm"=hex:6a,61,64,6f,62,6f,65,67,6d,63,64,67,6a,6d,
6a,6e,66,64,68,64,00,e8
"mafkaefjdmccbffcjjoffknfnl"=hex:6a,61,64,6f,62,6f,65,67,6d,63,64,67,6a,6d,6a,
6e,66,64,68,64,00,02
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(1252)
c:\windows\system32\btmmhook.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
.
**************************************************************************
.
Celkový čas: 2010-02-11 21:32:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-11 20:32
Před spuštěním: Volných bajtů: 41,766,735,872
Po spuštění: Volných bajtů: 42,222,596,096
- - End Of File - - B2ACD72802AD916A9C7667DB0D9C172B
Přispějete na provoz fóra?