Zdravím..Mám problém s Xpéčkama..mám Media centery a nejdou mi nazkočit..zobrazí se jen myš a to je vše..nebo to najede a nejde kliknout na start..do Safe Mode se dostanu..skoušel jsem poslední známou konfiguraci,defragmentaci,pak použil nějaký Registry cleanry atd..a nic..myslím že to bude programem Hamachi!! když šel,tak jsem ho odinstalovat a od tý doby nešel..skoušel jsem ho i znovu naistalovat a zas vymazat,ale pořád nic..prosím o radu
přidávám log z Hijacku..
Logfile of HijackThis v1.99.1
Scan saved at 20:21:15, on 19.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\Downloads\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with Rapget - C:\Documents and Settings\Luboš Štefan\Desktop\Programy\Rapget\rapget.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4311874359
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
Media center-nenaskočí
-
lubos.stefan
- nováček
- Příspěvky: 13
- Registrován: červenec 07
- Pohlaví:
- Stav:
Offline
-
lubos.stefan
- nováček
- Příspěvky: 13
- Registrován: červenec 07
- Pohlaví:
- Stav:
Offline
Re: Media center-nenaskočí
ComboFix 08-04-18.3 - Luboš Štefan 2008-04-19 20:28:50.1 - NTFSx86 NETWORK
Systém Microsoft Windows XP Professional [GMT 2:00]
Running from: C:\Downloads\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-03-19 to 2008-04-19 )))))))))))))))))))))))))))))))
.
2008-04-19 19:54 . 2008-04-19 19:54 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-19 17:45 . 2008-04-19 17:45 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-17 19:29 . 2008-04-17 19:32 <DIR> d-------- C:\WINDOWS\$regcmp$
2008-04-16 20:05 . 2008-04-16 20:05 <DIR> d-------- C:\Program Files\Registry Clean Expert
2008-04-16 20:05 . 2008-04-16 20:05 <DIR> d-------- C:\Program Files\AML Products
2008-04-16 20:05 . 1998-12-24 20:23 40,960 --a------ C:\WINDOWS\system32\VBAME.DLL
2008-04-15 21:06 . 2008-04-15 21:06 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-04-15 21:06 . 2008-04-15 21:06 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-04-15 19:30 . 2008-04-15 19:30 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\Application Data\GlarySoft
2008-04-15 19:28 . 2008-04-15 21:15 <DIR> d-------- C:\Program Files\Registry Repair
2008-04-14 14:55 . 2008-04-15 21:15 <DIR> d-------- C:\Program Files\Mafia(2)
2008-04-13 15:22 . 2008-04-13 15:22 1,464 --a------ C:\auta_save.zip
2008-04-13 15:22 . 2008-04-13 15:22 1,404 --a------ C:\vsechny_auta.zip
2008-04-13 15:01 . 2002-08-29 17:33 319,488 -ra------ C:\WINDOWS\system32\MafiaSetup.exe
2008-04-08 18:16 . 2008-04-17 19:21 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\Application Data\Hamachi
2008-04-08 18:16 . 2008-04-17 19:10 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-04-06 10:47 . 2008-04-06 10:47 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\Application Data\Nokia
2008-04-06 10:47 . 2008-04-06 10:47 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\.Nokia
2008-04-06 10:47 . 2008-04-06 10:47 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\.Nokia
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d--h----- C:\Program Files\Zero G Registry
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d-------- C:\Nokia
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d-------- C:\Documents and Settings\LUBO35~1\.Nokia
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d-------- C:\Documents and Settings\Lubo? ?352tefan
2008-04-06 10:11 . 2008-04-06 10:11 <DIR> d--h----- C:\Documents and Settings\Luboš Štefan\InstallAnywhere
2008-04-06 10:11 . 2008-04-06 10:11 <DIR> d--h----- C:\Documents and Settings\Luboš Štefan\InstallAnywhere
2008-04-03 21:44 . 2008-04-03 21:44 <DIR> d-------- C:\Hudba
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-19 18:30 --------- d-----w C:\Program Files\FlashGet
2008-04-19 15:24 --------- d-----w C:\Program Files\ICQ6
2008-04-17 17:20 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\OpenOffice.org2
2008-04-15 19:06 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-13 13:45 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\AdobeUM
2008-04-12 20:11 --------- d-----w C:\Program Files\Save
2008-04-08 18:56 --------- d-----w C:\Program Files\Java
2008-04-06 08:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-22 08:15 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\Ahead
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-17 18:22 --------- d-----w C:\Program Files\Lexmark X1100 Series
2008-03-15 18:04 --------- d-----w C:\Program Files\LS
2008-03-11 19:49 --------- d-----w C:\Program Files\freebird
2008-03-10 08:40 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\ICQ
2008-03-09 21:14 46,928 ----a-w C:\GDIPFONTCACHEV1.DAT
2008-03-09 21:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-09 21:02 --------- d-----w C:\Program Files\Bonjour
2008-03-09 20:51 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-03-01 16:36 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-03-01 09:49 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-02-29 19:21 --------- d-----w C:\Program Files\themexp
2008-02-29 19:17 --------- d-----w C:\Program Files\OneStepSearch
2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-22 06:55 20,480 ----a-w C:\WINDOWS\system32\H@tKeysH@@k.DLL
2008-02-21 12:13 --------- d-----w C:\Program Files\EA GAMES
2008-02-21 12:11 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-02-21 12:07 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-21 12:07 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\DAEMON Tools
2008-02-21 07:24 --------- d-----w C:\Program Files\DownloadToolz
2008-02-21 07:22 --------- d-----w C:\Program Files\RedTube Movie Ripper V2.1.2
2008-02-20 19:56 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\HP
2008-02-20 19:56 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\CyberLink
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-16 06:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 20:03 152872]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 01:09 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:56 64512]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 22:58 458752]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 22:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 22:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 22:17 118784]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 17:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 07:22 794713]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 15:14 102400]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 11:33 163840]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 10:50 40960]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 10:23 1187840]
"Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 10:10 2007088]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 11:36 57344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-16 06:00 15360]
C:\Documents and Settings\Luboç ćtefan\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-09-11 06:43:54 393216]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Rychlě zaź tek s aplikacˇ HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 09:39:30 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\mqsvc.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Nokia\\Devices\\S40_SDK_3rd_Edition\\bin\\S40_SDK_3rd_Edition_em.exe"=
"C:\\Nokia\\Devices\\S40_SDK_3rd_Edition\\bin\\emulator.exe"=
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2006-03-16 06:00]
S1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;C:\WINDOWS\system32\Drivers\5U870CAP.sys [2006-06-06 22:39]
*Newly Created Service* - CATCHME
*Newly Created Service* - MDMXSDK
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 20:31:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ???hV??????`?@?????L?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-04-19 20:32:04
ComboFix-quarantined-files.txt 2008-04-19 18:31:54
Pre-Run: 26,839,212,032 bytes free
Post-Run: 27,555,532,800 bytes free
151 --- E O F --- 2008-04-11 11:35:06
Systém Microsoft Windows XP Professional [GMT 2:00]
Running from: C:\Downloads\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-03-19 to 2008-04-19 )))))))))))))))))))))))))))))))
.
2008-04-19 19:54 . 2008-04-19 19:54 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-19 17:45 . 2008-04-19 17:45 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-17 19:29 . 2008-04-17 19:32 <DIR> d-------- C:\WINDOWS\$regcmp$
2008-04-16 20:05 . 2008-04-16 20:05 <DIR> d-------- C:\Program Files\Registry Clean Expert
2008-04-16 20:05 . 2008-04-16 20:05 <DIR> d-------- C:\Program Files\AML Products
2008-04-16 20:05 . 1998-12-24 20:23 40,960 --a------ C:\WINDOWS\system32\VBAME.DLL
2008-04-15 21:06 . 2008-04-15 21:06 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-04-15 21:06 . 2008-04-15 21:06 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-04-15 19:30 . 2008-04-15 19:30 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\Application Data\GlarySoft
2008-04-15 19:28 . 2008-04-15 21:15 <DIR> d-------- C:\Program Files\Registry Repair
2008-04-14 14:55 . 2008-04-15 21:15 <DIR> d-------- C:\Program Files\Mafia(2)
2008-04-13 15:22 . 2008-04-13 15:22 1,464 --a------ C:\auta_save.zip
2008-04-13 15:22 . 2008-04-13 15:22 1,404 --a------ C:\vsechny_auta.zip
2008-04-13 15:01 . 2002-08-29 17:33 319,488 -ra------ C:\WINDOWS\system32\MafiaSetup.exe
2008-04-08 18:16 . 2008-04-17 19:21 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\Application Data\Hamachi
2008-04-08 18:16 . 2008-04-17 19:10 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-04-06 10:47 . 2008-04-06 10:47 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\Application Data\Nokia
2008-04-06 10:47 . 2008-04-06 10:47 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\.Nokia
2008-04-06 10:47 . 2008-04-06 10:47 <DIR> d-------- C:\Documents and Settings\Luboš Štefan\.Nokia
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d--h----- C:\Program Files\Zero G Registry
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d-------- C:\Nokia
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d-------- C:\Documents and Settings\LUBO35~1\.Nokia
2008-04-06 10:12 . 2008-04-06 10:12 <DIR> d-------- C:\Documents and Settings\Lubo? ?352tefan
2008-04-06 10:11 . 2008-04-06 10:11 <DIR> d--h----- C:\Documents and Settings\Luboš Štefan\InstallAnywhere
2008-04-06 10:11 . 2008-04-06 10:11 <DIR> d--h----- C:\Documents and Settings\Luboš Štefan\InstallAnywhere
2008-04-03 21:44 . 2008-04-03 21:44 <DIR> d-------- C:\Hudba
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-19 18:30 --------- d-----w C:\Program Files\FlashGet
2008-04-19 15:24 --------- d-----w C:\Program Files\ICQ6
2008-04-17 17:20 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\OpenOffice.org2
2008-04-15 19:06 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-13 13:45 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\AdobeUM
2008-04-12 20:11 --------- d-----w C:\Program Files\Save
2008-04-08 18:56 --------- d-----w C:\Program Files\Java
2008-04-06 08:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-22 08:15 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\Ahead
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-17 18:22 --------- d-----w C:\Program Files\Lexmark X1100 Series
2008-03-15 18:04 --------- d-----w C:\Program Files\LS
2008-03-11 19:49 --------- d-----w C:\Program Files\freebird
2008-03-10 08:40 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\ICQ
2008-03-09 21:14 46,928 ----a-w C:\GDIPFONTCACHEV1.DAT
2008-03-09 21:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-09 21:02 --------- d-----w C:\Program Files\Bonjour
2008-03-09 20:51 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-03-01 16:36 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-03-01 09:49 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-02-29 19:21 --------- d-----w C:\Program Files\themexp
2008-02-29 19:17 --------- d-----w C:\Program Files\OneStepSearch
2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-22 06:55 20,480 ----a-w C:\WINDOWS\system32\H@tKeysH@@k.DLL
2008-02-21 12:13 --------- d-----w C:\Program Files\EA GAMES
2008-02-21 12:11 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-02-21 12:07 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-21 12:07 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\DAEMON Tools
2008-02-21 07:24 --------- d-----w C:\Program Files\DownloadToolz
2008-02-21 07:22 --------- d-----w C:\Program Files\RedTube Movie Ripper V2.1.2
2008-02-20 19:56 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\HP
2008-02-20 19:56 --------- d-----w C:\Documents and Settings\Luboš Štefan\Application Data\CyberLink
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-16 06:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 20:03 152872]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 01:09 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:56 64512]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 22:58 458752]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 22:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 22:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 22:17 118784]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 17:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 07:22 794713]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 15:14 102400]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 11:33 163840]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 10:50 40960]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 10:23 1187840]
"Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 10:10 2007088]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 11:36 57344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-16 06:00 15360]
C:\Documents and Settings\Luboç ćtefan\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-09-11 06:43:54 393216]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Rychlě zaź tek s aplikacˇ HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 09:39:30 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\mqsvc.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Nokia\\Devices\\S40_SDK_3rd_Edition\\bin\\S40_SDK_3rd_Edition_em.exe"=
"C:\\Nokia\\Devices\\S40_SDK_3rd_Edition\\bin\\emulator.exe"=
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2006-03-16 06:00]
S1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;C:\WINDOWS\system32\Drivers\5U870CAP.sys [2006-06-06 22:39]
*Newly Created Service* - CATCHME
*Newly Created Service* - MDMXSDK
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 20:31:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ???hV??????`?@?????L?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-04-19 20:32:04
ComboFix-quarantined-files.txt 2008-04-19 18:31:54
Pre-Run: 26,839,212,032 bytes free
Post-Run: 27,555,532,800 bytes free
151 --- E O F --- 2008-04-11 11:35:06
-
- Mohlo by vás zajímat
- Odpovědi
- Zobrazení
- Poslední příspěvek
-
- 0
- 3501
-
od aloe
Zobrazit poslední příspěvek
27 čer 2024 22:18
Zpět na “Windows 11, 10, 8...”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů