Je toho hodně tak kde začít:
Před týdnem mi bez nějaké příčiny(nově inst. soft atd.) přestal fungovat net(pakety odeslané/přijaté 0/0). Ostatním lidem z baráku (mají net od stejného poskytovatele) internet funguje. Usoudil jsem že to bude vir, po všemožném zkoušení a kombinací ruzných programů(vyšlo to po kombinaci vypnutí obnovy sys. SDfixu) net znova naskočil a fungoval asi tejden.
Bohužel problém se vrátil, ale nemyslím si že stejného typu. Pakety odesílám a přijímám. Kámoš mi teď vypálil ruzné programy. Ewido mi našlo win32.host.Hostfile v Keriu Personal firewall. kerio sem odinstaloval a pak přišla změna, vždy po tom co zapnu Windows net asi tak 1-2 šel. Pak zase nic. Tak jsem zkusil zakázat a hned potom zase povolit síťový adaptér a internet zase naskočil a funguje pouze zase nějakou chvíli(5 vteřin až 15 minut). Net naskočí občas také z ničeho nic. Zřejmě se něco pouští se startem síť. adaptéru a blokuje ho.
Posílám log z HJT a Combofix. Ted budu asi 3 dny pryč takže vám asi nebudu schopen odpovídat.
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:07, on 2008-03-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Fraps\FRAPS.EXE
C:\Program Files\Stardock\Object Desktop\DesktopX\DesktopX.exe
C:\Program Files\Stardock\Object Desktop\DesktopX\DXWidget.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
c:\wamp\apache2\bin\httpd.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\wamp\apache2\bin\httpd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mira Bilek\Plocha\Údržba PC\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [LClock] "C:\Program Files\LClock\LClock.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Fraps] C:\Fraps\FRAPS.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stickies.lnk = C:\Program Files\Stardock\Object Desktop\DesktopX\Widgets\Sticky Notes.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A176FC9-1B8A-4EC4-BAAC-EB0062D1FC09}: NameServer = 89.239.63.35,89.239.63.37
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
--
End of file - 10472 bytes
Combo fix
ComboFix 08-03-07.4 - Mira Bilek 2008-03-08 19:52:16.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.531 [GMT 1:00]
Running from: C:\Documents and Settings\Mira Bilek\Plocha\Údržba PC\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
.
((((((((((((((((((((((((( Files Created from 2008-02-08 to 2008-03-08 )))))))))))))))))))))))))))))))
.
2008-03-08 19:30 . 2008-03-08 19:30 <DIR> d-------- C:\Program Files\RootKit Hook Analyzer
2008-03-08 19:30 . 2007-07-07 00:39 19,248 --a------ C:\WINDOWS\system32\drivers\rspsc32.sys
2008-03-08 17:55 . 2008-03-08 17:55 26 --a------ C:\WINDOWS\Lic.xxx
2008-03-08 17:14 . 2004-08-17 14:49 577,024 --a--c--- C:\WINDOWS\system32\dllcache\user32.dll
2008-03-08 16:49 . 2008-03-08 16:52 1,312,941 --a------ C:\SDFix.exe
2008-03-08 16:28 . 2008-03-08 16:28 <DIR> d-------- C:\Documents and Settings\Mira Bilek\Data aplikací\Comodo
2008-03-08 16:28 . 2008-03-08 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Comodo
2008-03-08 15:09 . 2007-10-15 11:28 222 --a------ C:\boot.ini.comodofirewall
2008-03-08 15:08 . 2008-03-08 15:08 <DIR> d-------- C:\Program Files\Comodo
2008-03-08 12:09 . 2008-03-08 17:31 <DIR> d-------- C:\SDFix
2008-03-08 11:54 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-08 11:54 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-08 11:54 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-08 11:54 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-08 11:54 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-08 11:27 . 2008-03-08 11:27 <DIR> d-------- C:\Program Files\Kerio
2008-03-07 21:39 . 2004-08-17 14:49 226,304 --a------ C:\WINDOWS\R.COM
2008-03-07 21:39 . 2004-08-17 14:49 223,232 --a------ C:\WINDOWS\system32\T.COM
2008-03-07 21:21 . 2008-03-07 21:21 <DIR> d-------- C:\Documents and Settings\Mira Bilek\Data aplikací\Lavasoft
2008-03-07 21:20 . 2008-03-07 21:20 <DIR> d-------- C:\Program Files\Lavasoft
2008-03-07 19:36 . 2008-03-08 15:52 <DIR> d-------- C:\Program Files\ewido anti-malware
2008-03-07 18:47 . 2008-03-08 13:08 1,842 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-04 17:59 . 2008-03-04 17:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-04 17:59 . 2008-03-04 17:59 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-03 15:05 . 2008-03-03 15:05 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\ATI
2008-03-03 15:04 . 2008-03-03 15:04 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-03-03 07:19 . 2008-03-03 07:17 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-03 07:19 . 2008-03-03 07:19 2,547 --a------ C:\WINDOWS\unins000.dat
2008-03-02 20:10 . 2008-03-02 20:10 <DIR> d-------- C:\Program Files\BestGameEver
2008-03-02 16:49 . 2008-03-02 16:49 <DIR> d-------- C:\Program Files\RapidSpool
2008-03-02 16:49 . 2003-09-23 06:00 1,066,176 --a------ C:\WINDOWS\system32\MSCOMCTL32.OCX
2008-03-02 16:49 . 2000-05-22 06:00 1,066,176 --a------ C:\WINDOWS\system32\MSCOMCT3N.OCX
2008-03-02 16:49 . 2008-02-10 10:57 164,156 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-03-02 16:49 . 2002-12-05 18:58 109,248 --a------ C:\WINDOWS\system32\MSWINSCN.OCX
2008-03-02 16:49 . 2008-02-10 10:57 108,348 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
2008-03-02 16:49 . 2007-11-15 23:32 92,672 --a------ C:\WINDOWS\system32\dijpg.dll
2008-03-01 11:48 . 2008-03-01 11:48 <DIR> d-------- C:\WINDOWS\system32\Futuremark
2008-03-01 11:23 . 2008-03-01 11:23 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-02-29 17:26 . 2008-03-01 11:48 <DIR> d-------- C:\Program Files\AquaMark3
2008-02-29 17:22 . 1999-10-21 09:12 20,400 --a------ C:\WINDOWS\system32\drivers\Entech.sys
2008-02-29 17:22 . 2001-11-19 18:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys
2008-02-29 17:21 . 2008-02-29 17:21 <DIR> d-------- C:\Program Files\Futuremark
2008-02-27 19:44 . 2008-02-27 19:44 42 --a------ C:\WINDOWS\system32\RegistryGenius.lie
2008-02-27 19:43 . 2008-02-29 14:26 <DIR> d-------- C:\Program Files\Registry Genius
2008-02-27 17:17 . 2008-03-07 21:43 <DIR> d-------- C:\Program Files\r2 Studios
2008-02-26 19:58 . 2001-07-05 17:19 164 -r------- C:\WINDOWS\avrack.ini
2008-02-26 16:30 . 2008-02-26 17:16 <DIR> d-------- C:\Program Files\Realtek AC97
2008-02-26 15:28 . 2008-02-26 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\{2811FC85-344C-4990-B727-1F355BFAEE0E}
2008-02-23 17:00 . 2008-02-23 17:00 <DIR> d-------- C:\Program Files\Any Video Converter
2008-02-23 17:00 . 2008-02-23 17:00 <DIR> d-------- C:\Documents and Settings\Mira Bilek\Data aplikací\Any Video Converter
2008-02-22 12:10 . 2008-02-22 12:10 <DIR> d-------- C:\Documents and Settings\Mira Bilek\Data aplikací\Publish Providers
2008-02-22 12:10 . 2008-03-04 20:07 156 --a------ C:\WINDOWS\Twunk001.MTX
2008-02-22 12:10 . 2008-03-04 20:07 2 --a------ C:\WINDOWS\Twain001.Mtx
2008-02-22 12:10 . 2008-02-22 12:10 0 --a------ C:\WINDOWS\Twunk002.MTX
2008-02-22 12:01 . 2002-12-17 16:23 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll
2008-02-22 12:01 . 2002-10-20 14:05 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll
2008-02-22 12:00 . 2008-02-22 12:00 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2008-02-22 12:00 . 2008-02-22 12:09 <DIR> d-------- C:\Documents and Settings\Mira Bilek\Data aplikací\Sony
2008-02-22 11:59 . 2008-02-22 11:59 <DIR> d-------- C:\Program Files\Vstplugins
2008-02-22 11:59 . 2008-02-22 11:59 <DIR> d-------- C:\Program Files\Sony
2008-02-22 11:59 . 2008-02-22 12:00 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Sony
2008-02-22 11:58 . 2008-02-22 11:58 <DIR> d-------- C:\Program Files\Sony Setup
2008-02-21 10:35 . 2008-02-21 16:17 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikac
2008-02-21 10:34 . 2008-02-21 10:59 455 --a------ C:\WINDOWS\VFO.VST
2008-02-21 10:34 . 2008-02-21 10:34 40 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-02-21 10:23 . 2008-02-21 10:23 <DIR> d-------- C:\Program Files\SmartSound Software
2008-02-21 10:23 . 2008-02-21 11:11 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
2008-02-21 10:23 . 2003-11-25 05:02 196,096 --a------ C:\WINDOWS\system32\macd32.dll
2008-02-21 10:23 . 2003-11-25 05:02 138,752 --a------ C:\WINDOWS\system32\mase32.dll
2008-02-21 10:23 . 2003-11-25 05:02 136,192 --a------ C:\WINDOWS\system32\mamc32.dll
2008-02-21 10:23 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-02-21 10:23 . 2003-11-25 05:02 57,856 --a------ C:\WINDOWS\system32\masd32.dll
2008-02-21 10:23 . 2003-11-25 05:02 27,648 --a------ C:\WINDOWS\system32\ma32.dll
2008-02-21 10:23 . 2008-02-21 17:08 1,208 --a------ C:\WINDOWS\VFO.INI
2008-02-21 10:21 . 2008-02-21 10:21 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio
2008-02-21 10:21 . 2003-11-21 16:48 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2008-02-21 10:21 . 2003-11-21 16:48 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2008-02-21 10:21 . 2003-11-21 16:48 61,440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL
2008-02-21 10:21 . 2003-11-21 16:48 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2008-02-21 10:21 . 2003-11-21 16:48 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2008-02-21 10:21 . 2004-01-23 16:44 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll
2008-02-21 10:21 . 2003-11-21 16:48 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2008-02-21 10:21 . 2003-11-21 16:48 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2008-02-21 10:21 . 2003-11-21 16:48 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2008-02-21 10:21 . 2003-11-21 16:48 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2008-02-21 10:20 . 2008-02-21 10:24 <DIR> d-------- C:\Program Files\Pinnacle
2008-02-21 10:20 . 2008-02-21 10:34 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
2008-02-21 10:20 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-02-21 09:35 . 2008-02-21 09:35 <DIR> d-------- C:\Program Files\GeoVid
2008-02-21 09:35 . 2004-12-20 10:10 61,440 --a------ C:\WINDOWS\system32\xvid.ax
2008-02-21 09:32 . 2008-02-21 09:32 <DIR> d-------- C:\Program Files\HyCam2
2008-02-20 14:17 . 2008-02-21 07:42 <DIR> d-------- C:\Documents and Settings\Mira Bilek\Data aplikací\SecondLife
2008-02-20 14:17 . 2008-02-20 14:17 <DIR> d-------- C:\Documents and Settings\Mira Bilek\Data aplikacĂ
2008-02-20 14:16 . 2008-03-02 18:02 <DIR> d-------- C:\Program Files\SecondLife
2008-02-10 19:10 . 2008-02-10 19:27 362 --a------ C:\WINDOWS\settings.cfg
2008-02-10 13:19 . 2008-02-10 13:19 280 --a------ C:\WINDOWS\game.ini
2008-02-08 16:53 . 2008-02-08 16:53 <DIR> d-------- C:\Program Files\Common Files\Thraex Software
2008-02-08 16:53 . 2008-02-20 10:32 <DIR> d-------- C:\PacSteamT
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-08 18:47 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-03-08 18:21 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-03-08 14:54 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-03-08 14:52 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-03-05 06:15 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\HLSW
2008-03-05 06:04 --------- d-----w C:\Program Files\Steam
2008-03-04 19:13 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-04 19:13 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-03-03 14:01 --------- d-----w C:\Program Files\ATI Technologies
2008-03-03 13:42 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-01 19:14 --------- d-----w C:\Program Files\Winamp
2008-03-01 14:31 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-03-01 10:48 --------- d-----w C:\Program Files\Folder Lock
2008-02-29 16:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-26 18:58 --------- d-----w C:\Program Files\AvRack
2008-02-26 17:06 --------- d-----w C:\Program Files\Crawler
2008-02-26 16:16 --------- d-----w C:\Program Files\Azureus
2008-02-26 16:16 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\Azureus
2008-02-26 14:28 --------- d-----w C:\Program Files\Stardock
2008-02-22 17:40 340,136 ----a-w C:\Documents and Settings\Mira Bilek\Data aplikací\GDIPFONTCACHEV1.DAT
2008-02-20 08:33 --------- d-----w C:\Program Files\Spyware Terminator
2008-02-15 13:08 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-02-10 12:12 --------- d-----w C:\Program Files\Activision
2008-02-10 11:49 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\teamspeak2
2008-02-10 09:53 --------- d-----w C:\Program Files\Qtrax_20080125
2008-02-08 08:48 --------- d-----w C:\Program Files\ESET
2008-02-08 08:02 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\Skype
2008-02-08 07:00 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\skypePM
2008-02-07 16:42 --------- d-----w C:\Program Files\Total Video Converter
2008-02-07 16:35 --------- d-----w C:\Program Files\WM Converter
2008-02-07 16:20 --------- d-----w C:\Program Files\FDRLab
2008-02-06 12:45 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2008-02-06 12:45 --------- d-----w C:\Program Files\Skype
2008-02-06 12:45 --------- d-----w C:\Program Files\Common Files\Skype
2008-02-06 12:45 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Skype
2008-02-06 12:40 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\Hamachi
2008-02-06 08:42 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-02-06 08:42 --------- d-----w C:\Program Files\Hamachi
2008-02-05 12:32 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2008-02-05 12:02 --------- d-----w C:\Program Files\TrackMania Nations
2008-02-04 18:57 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\Qtrax1
2008-02-04 18:57 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\SongbirdVLC
2008-02-03 09:33 --------- d-----w C:\Program Files\Yamicsoft
2008-01-26 20:43 --------- d-----w C:\Program Files\Call of Duty
2008-01-25 18:54 --------- d-----w C:\Program Files\Valve Hammer Editor
2008-01-25 08:15 --------- d-----w C:\Program Files\wormsarm
2008-01-25 06:03 --------- d-----w C:\Program Files\Lavalys
2008-01-24 19:34 138,624 ----a-w C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-22 21:38 2,845,696 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-01-22 20:44 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-01-22 20:43 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-01-22 20:39 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-01-22 20:36 9,949,184 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-01-22 20:35 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-01-22 20:35 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-01-22 20:35 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-01-22 20:35 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-01-22 20:35 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-01-22 20:34 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-01-22 20:33 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-01-22 20:25 3,121,920 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-01-22 20:14 1,664,256 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-01-22 20:04 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-01-22 20:01 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-01-22 19:59 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-01-22 19:58 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-01-22 19:58 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-01-22 19:57 163,840 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-01-22 19:53 503,808 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-01-22 17:14 --------- d-----w C:\Program Files\EA SPORTS
2008-01-22 15:36 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2008-01-22 15:31 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-22 15:31 --------- d-----w C:\Program Files\Bonjour
2008-01-22 15:20 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-01-22 13:42 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-01-19 19:00 --------- d-----w C:\Program Files\Java
2008-01-19 18:59 --------- d-----w C:\Program Files\Common Files\Java
2008-01-18 19:19 --------- d-----w C:\Program Files\Counter-Strike Source
2008-01-16 17:21 --------- d-----w C:\Program Files\Medvěd Míša - Cesta kolem světa
2008-01-16 17:10 --------- d-----w C:\Program Files\Medvěd Míša ve vesmíru
2008-01-16 17:08 --------- d-----w C:\Program Files\Výprava do Květinové země
2008-01-16 17:06 --------- d-----w C:\Program Files\Žabka Kuňkalka na Kouzelné louce
2008-01-15 18:10 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\Move Networks
2008-01-15 05:52 --------- d-----w C:\Program Files\GamePark
2008-01-10 17:50 --------- d-----w C:\Documents and Settings\Mira Bilek\Data aplikací\AutoTransfer
2007-12-15 07:16 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-12-12 14:55 22,328 ----a-w C:\Documents and Settings\Mira Bilek\Data aplikací\PnkBstrK.sys
2007-04-23 16:54 47,360 ----a-w C:\Documents and Settings\Mira Bilek\Data aplikací\pcouffin.sys
2007-02-04 19:12 0 ----a-w C:\Program Files\PrimeUpload.png
2006-11-29 18:16 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-11-08 13:03 506 --sha-w C:\Program Files\USDownloader.exe.manifest
2006-06-07 09:36 32 ----a-r C:\Documents and Settings\All Users\hash.dat
.
------- Sigcheck -------
420233500e9379081ccc81a5ced304c3 C:\WINDOWS\system32\ntkrnlpa.exe
-c----w 1,947,776 2002-09-20 16:17:54 C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe
------w 2,059,008 2004-08-17 13:45:30 C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
----a-w 2,068,480 2004-08-17 13:45:30 C:\WINDOWS\system32\ntkrnlpa.exe
----a-w 2,059,008 2004-08-17 13:45:30 C:\WINDOWS\system32\VITrans\ntkrnlpa.exe
79e42050c2490a6d42339b73c8d646cc C:\WINDOWS\system32\ntoskrnl.exe
-c----w 2,042,112 2002-09-20 15:12:28 C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
------w 2,183,168 2004-08-17 13:45:38 C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
----a-w 2,192,640 2004-08-17 13:45:38 C:\WINDOWS\system32\ntoskrnl.exe
----a-w 2,183,168 2004-08-17 13:45:38 C:\WINDOWS\system32\VITrans\ntoskrnl.exe
eff9b7d4e4ae0ee895e0172ac54218d9 C:\WINDOWS\explorer.exe
----a-w 1,422,848 2004-08-17 13:49:24 C:\WINDOWS\explorer.exe
-c----w 1,004,544 2002-09-20 16:05:24 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
------w 1,032,704 2004-08-17 13:49:24 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
----a-w 1,032,704 2004-08-17 13:49:24 C:\WINDOWS\system32\VITrans\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Fraps"="C:\Fraps\FRAPS.EXE" [2006-12-19 14:02 2842624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-05-17 11:48 77824 C:\WINDOWS\soundman.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2006-06-13 17:52 921600]
"ledpointer"="CNYHKey.exe" [2002-10-04 09:05 532992 C:\WINDOWS\CNYHKey.exe]
"CHotkey"="mHotkey.exe" [2002-07-29 11:54 473088 C:\WINDOWS\mHotkey.exe]
"LClock"="C:\Program Files\LClock\LClock.exe" [2004-09-20 01:27 65536]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-03-08 15:07 1115728]
C:\Documents and Settings\Mira Bilek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 18:16:50 113664]
Stickies.lnk - C:\Program Files\Stardock\Object Desktop\DesktopX\Widgets\Sticky Notes.exe [2007-02-16 12:36:55 88576]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoAutoTrayNotify"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll 2005-01-31 15:13 49152 C:\PROGRA~1\COMMON~1\stardock\MCPStub.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\BitLord\\BitLord.exe"=
"C:\\Program Files\\Panzer Elite Action\\Panzer Elite Action\\pea.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars Demo\\etqwded.exe"=
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Steam\\Steam.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Worms 3D\\worms\\WORMS3D\\bin\\Worms3D.exe"=
"C:\\Program Files\\Codemasters\\Overlord\\Overlord.exe"=
"C:\\Documents and Settings\\Mira Bilek\\Plocha\\Hry\\fpscore-invex-beta\\fpscore.exe"=
"C:\\Program Files\\Counter-Strike Source\\srcds.exe"=
"C:\\Program Files\\Call of Duty\\CoDUOMP.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars Demo\\etqw.exe"=
"C:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"C:\\Program Files\\HLSW\\hlsw.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2 1.3\\CoD2MP_s.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\TrackMania Nations\\TmNationsESWC.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15986:TCP"= 15986:TCP:BitComet 15986 TCP
"15986:UDP"= 15986:UDP:BitComet 15986 UDP
R0 nvcchflt;NVIDIA Disk Cache Filter Driver;C:\WINDOWS\system32\DRIVERS\nvcchflt.sys [2005-02-11 11:11]
R1 ewido security suite driver;ewido security suite driver;C:\Program Files\ewido anti-malware\guard.sys [2004-11-22 15:15]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-24 20:34]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 16:51]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 22:08]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 22:08]
S2 wampapache;wampapache;"c:\wamp\apache2\bin\httpd.exe" -k runservice []
S2 wampmysqld;wampmysqld;c:\wamp\mysql\bin\mysqld-nt.exe [2007-07-06 12:14]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S4 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\autorun.exe
\Shell\dxinstall\command - G:\.\directx\dxsetup.exe
\Shell\readme\command - notepad readme.txt
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command - H:\setup\rsrc\Autorun.exe
\Shell\dinstall\command - H:\Directx\dxsetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - I:\Launcher.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c9ce40a-bfa4-11dc-976f-000129d58d73}]
\Shell\AutoRun\command - J:\AutoTransfer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{06F2D958-FED1-1F97-0408-050105070405}]
C:\WINDOWS\system32\system32.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-08 19:57:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
disk error: C:\WINDOWS\
**************************************************************************
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe"
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Eset\pr_imon.dll
.
Completion time: 2008-03-08 19:59:13
ComboFix-quarantined-files.txt 2008-03-08 18:58:21
ComboFix2.txt 2008-03-08 11:54:57
Nejde internet-prosím o kontrolu logů
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 5 hostů