díky moc
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:24, on 17.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ftusbsrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Compal\Smart Battery\SMBTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Stickies\stickies.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2db66063-bb98-466a-aa0d-3e7acf5ed853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMBTray] C:\Program Files\Compal\Smart Battery\SMBTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Task Catcher] C:\PROGRA~1\Task Catcher\tasktrap.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [\\TOWER\EPSON DX8400_local] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\DOCUME~1\Radek\Temp\E_SC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Nseries.PCSync] "C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: rncsys32.exe
O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7e6a20fb-153f-402c-a84b-1a64e1955d3d} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - (no file)
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5680527234
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: cisvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: USB over Network (Client) service (ftusbsrvc) - FabulaTech - C:\WINDOWS\system32\ftusbsrvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe
--
End of file - 12830 bytes
Prosím o kontrolu logu Vyřešeno
Re: Prosím o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:24, on 17.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ftusbsrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Compal\Smart Battery\SMBTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Stickies\stickies.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2db66063-bb98-466a-aa0d-3e7acf5ed853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMBTray] C:\Program Files\Compal\Smart Battery\SMBTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Task Catcher] C:\PROGRA~1\Task Catcher\tasktrap.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [\\TOWER\EPSON DX8400_local] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\DOCUME~1\Radek\Temp\E_SC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Nseries.PCSync] "C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: rncsys32.exe
O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7e6a20fb-153f-402c-a84b-1a64e1955d3d} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - (no file)
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5680527234
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: cisvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: USB over Network (Client) service (ftusbsrvc) - FabulaTech - C:\WINDOWS\system32\ftusbsrvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe
--
End of file - 12830 bytes
Scan saved at 21:05:24, on 17.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ftusbsrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Compal\Smart Battery\SMBTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Stickies\stickies.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2db66063-bb98-466a-aa0d-3e7acf5ed853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMBTray] C:\Program Files\Compal\Smart Battery\SMBTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Task Catcher] C:\PROGRA~1\Task Catcher\tasktrap.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [\\TOWER\EPSON DX8400_local] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\DOCUME~1\Radek\Temp\E_SC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Nseries.PCSync] "C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: rncsys32.exe
O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7e6a20fb-153f-402c-a84b-1a64e1955d3d} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - (no file)
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5680527234
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: cisvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: USB over Network (Client) service (ftusbsrvc) - FabulaTech - C:\WINDOWS\system32\ftusbsrvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe
--
End of file - 12830 bytes
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
rncsys32.exe
Najdi mi tento soubor v počítači a napiš mi jeho cestu.
Najdi mi tento soubor v počítači a napiš mi jeho cestu.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad
a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
ulož si ho na plochu jako-název remove.bat a ulož ho jako typ
všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.
Otevře se Dosovské okno a zavře. Restartuj comp.
a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
sc config cisvc start= disabled
sc stop cisvc
sc delete cisvculož si ho na plochu jako-název remove.bat a ulož ho jako typ
všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.
Otevře se Dosovské okno a zavře. Restartuj comp.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu
C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění\rncsys32.exe
Re: Prosím o kontrolu logu
remove.bat jsem spustil a restartoval comp...
Mám ale jeden dost závažný problém. Spravuju celou řadu webů a všechny se mi opakovaně infikují nějakým backdoor trojanem. Nevím vůbec čím to je. Do každého indexu.php/html mi to vždycky přidá buď na konec nebo za tag body iframe, který odkazuje přes port 8080 na stažení různých virů. Adresy, z kterých se to stahuje se postupně mění.
jeden z virů je TrojanDownloader.Bredolab.AA a taky TrojanDownloader.Swif.C
změnil jsem všechna hesla na FTP, nemám je uložená v TC, opakovaně nahrávám na server čisté originální soubory, ale stejně se to po několika hodinách zase infikuje. Jsem z toho zoufalý, protože teď jedny ze stránek nutně potřebujeme, neb jsme rozjeli reklamní kampaň. Jejich adresa je www.jeepjam.cz
Aktuálně infikované stránky jsou např. www.dasamasaze.cz
Prosím pomoc, vážně nevím, co s tím.
Mám ale jeden dost závažný problém. Spravuju celou řadu webů a všechny se mi opakovaně infikují nějakým backdoor trojanem. Nevím vůbec čím to je. Do každého indexu.php/html mi to vždycky přidá buď na konec nebo za tag body iframe, který odkazuje přes port 8080 na stažení různých virů. Adresy, z kterých se to stahuje se postupně mění.
jeden z virů je TrojanDownloader.Bredolab.AA a taky TrojanDownloader.Swif.C
změnil jsem všechna hesla na FTP, nemám je uložená v TC, opakovaně nahrávám na server čisté originální soubory, ale stejně se to po několika hodinách zase infikuje. Jsem z toho zoufalý, protože teď jedny ze stránek nutně potřebujeme, neb jsme rozjeli reklamní kampaň. Jejich adresa je www.jeepjam.cz
Aktuálně infikované stránky jsou např. www.dasamasaze.cz
Prosím pomoc, vážně nevím, co s tím.
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Udělej ten *bat, to zmizí chybějící služba z HJT. Ten soubor je Trojan. Doufám že tam jen jeden.(rncsys32.exe)
****************************************************************************************************************************************
Vypni Body obnovení, otevři Taskmgr (CTRL+Alt+Del) a ten proces vypni. Pak zapni Body obnovení. Zkontroluj poté v Taskmgr zda neběží.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:
KillAll::
File::
C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění\rncsys32.exe
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
****************************************************************************************************************************************
Vypni Body obnovení, otevři Taskmgr (CTRL+Alt+Del) a ten proces vypni. Pak zapni Body obnovení. Zkontroluj poté v Taskmgr zda neběží.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:
KillAll::
File::
C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění\rncsys32.exe
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu
Dobře, udělal jsem, co jsi řekl.
tady je LOG z CF
ComboFix 09-06-16.01 - Radek 17.06.2009 22:15.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3070.2305 [GMT 2:00]
Spuštěný z: c:\documents and settings\Radek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Radek\Plocha\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FILE ::
"c:\documents and settings\Radek\Nabídka Start\Programy\Po spuštění\rncsys32.exe"
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-05-17 do 2009-06-17 )))))))))))))))))))))))))))))))
.
2009-06-16 19:42 . 2009-06-16 19:42 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-06-16 19:42 . 2009-06-16 19:42 548864 ----a-w- c:\windows\system32\msvcp80.dll
2009-06-16 19:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2009-06-16 19:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2009-06-16 19:42 . 2009-06-16 19:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-06-16 18:36 . 2009-06-16 18:36 -------- d-----w- c:\program files\Trend Micro
2009-06-16 17:19 . 2009-06-16 17:19 -------- d-----w- c:\program files\Sweet Home 3D
2009-06-16 16:35 . 2009-06-16 16:55 -------- d-----w- c:\program files\SpywareBlaster
2009-06-16 16:35 . 2009-06-16 16:35 -------- d-----w- c:\program files\CCleaner
2009-06-16 16:28 . 2009-06-16 16:28 -------- d-----w- c:\program files\Task Catcher
2009-06-16 16:27 . 2009-06-16 16:31 -------- d-----w- c:\program files\RegScrubXP
2009-06-08 19:08 . 2009-06-08 19:18 -------- d-----w- c:\program files\translator09
2009-06-04 13:28 . 2009-06-04 13:28 286720 ----a-w- c:\windows\system32\swb_uninst.exe
2009-06-04 13:28 . 2009-06-04 13:28 -------- d-----w- c:\program files\CV Curriculum vitae CREATOR
2009-05-19 19:20 . 2009-05-19 19:20 -------- d-sh--w- c:\documents and settings\All Users\DRM
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-16 17:24 . 2008-06-28 21:48 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-16 16:46 . 2008-06-28 23:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-26 11:20 . 2008-07-22 09:40 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2008-06-28 23:39 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-17 21:39 . 2009-05-17 10:04 -------- d-----w- c:\program files\Scriptocean
2009-05-07 15:33 . 2004-08-18 12:00 346624 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:47 . 2004-08-18 12:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:47 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-25 19:48 . 2008-09-28 20:01 -------- d-----w- c:\program files\Advanced IP Scanner
2009-04-25 19:41 . 2008-06-27 23:29 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-25 19:40 . 2009-04-25 19:40 -------- d-----w- c:\program files\Adobe Media Player
2009-04-25 19:02 . 2008-06-27 16:49 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-22 14:27 . 2008-06-27 23:45 -------- d-----w- c:\program files\Azureus
2009-04-19 19:52 . 2004-08-18 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-19 14:06 . 2009-01-06 20:55 -------- d-----w- c:\program files\Common Files\Nokia
2009-04-19 14:06 . 2009-01-06 19:55 -------- d-----w- c:\program files\Nokia
2009-04-17 09:01 . 2004-08-18 12:00 76442 ----a-w- c:\windows\system32\perfc005.dat
2009-04-17 09:01 . 2004-08-18 12:00 425138 ----a-w- c:\windows\system32\perfh005.dat
2009-04-15 14:54 . 2004-08-18 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-08 20:50 . 2008-06-29 09:55 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-04-08 20:50 . 2008-06-29 09:55 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-04-08 20:49 . 2008-06-29 09:55 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2008-09-06 12:13 . 2008-09-06 12:13 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-03-28 17:54 . 2008-07-29 15:00 865792 ------w- c:\program files\mozilla firefox\components\pbgk1_8.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-06-16_20.20.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-28 15:19 . 2008-07-09 07:36 18296 c:\windows\system32\spmsg.dll
- 2008-06-28 15:19 . 2007-11-30 12:39 18296 c:\windows\system32\spmsg.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\pngfilt.dll
+ 2007-08-13 16:54 . 2009-04-29 04:47 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:54 . 2009-02-20 17:13 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 27648 c:\windows\system32\jsproxy.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 27648 c:\windows\system32\jsproxy.dll
+ 2007-08-13 16:39 . 2009-04-28 09:04 13824 c:\windows\system32\ieudinit.exe
- 2007-08-13 16:39 . 2009-02-20 10:20 13824 c:\windows\system32\ieudinit.exe
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\iernonce.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\iernonce.dll
- 2004-08-18 12:00 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-18 12:00 . 2009-04-28 09:04 70656 c:\windows\system32\ie4uinit.exe
+ 2007-08-13 16:36 . 2009-04-29 04:47 63488 c:\windows\system32\icardie.dll
- 2007-08-13 16:36 . 2009-02-20 17:13 63488 c:\windows\system32\icardie.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-06-28 17:05 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-06-28 17:05 . 2009-04-28 09:04 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-02-20 17:13 . 2009-04-29 04:47 78336 c:\windows\system32\dllcache\ieencode.dll
- 2009-02-20 17:13 . 2009-02-20 17:13 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-18 12:00 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-18 12:00 . 2009-04-28 09:04 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-06-28 17:05 . 2009-04-29 04:47 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-06-27 18:38 . 2009-06-17 18:22 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2006-10-26 19:13 . 2006-10-26 19:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XL12CNVP.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 55056 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SCANOST.EXE
+ 2006-10-26 18:55 . 2006-10-26 18:55 76576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RM.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 39208 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RECALL.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 53048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLVBA.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 21312 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MLSHEXT.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 35160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DUMPSTER.DLL
+ 2009-06-17 18:18 . 2009-02-20 17:13 44544 c:\windows\ie7updates\KB969897-IE7\pngfilt.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 52224 c:\windows\ie7updates\KB969897-IE7\msfeedsbs.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 27648 c:\windows\ie7updates\KB969897-IE7\jsproxy.dll
+ 2009-06-17 18:18 . 2009-02-20 10:20 13824 c:\windows\ie7updates\KB969897-IE7\ieudinit.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 44544 c:\windows\ie7updates\KB969897-IE7\iernonce.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 78336 c:\windows\ie7updates\KB969897-IE7\ieencode.dll
+ 2009-06-17 18:18 . 2009-02-20 10:20 70656 c:\windows\ie7updates\KB969897-IE7\ie4uinit.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 63488 c:\windows\ie7updates\KB969897-IE7\icardie.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 233472 c:\windows\system32\webcheck.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 233472 c:\windows\system32\webcheck.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 105984 c:\windows\system32\url.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 105984 c:\windows\system32\url.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 102912 c:\windows\system32\occache.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 102912 c:\windows\system32\occache.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 671232 c:\windows\system32\mstime.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 671232 c:\windows\system32\mstime.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 193024 c:\windows\system32\msrating.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 193024 c:\windows\system32\msrating.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 477696 c:\windows\system32\mshtmled.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 477696 c:\windows\system32\mshtmled.dll
- 2007-08-13 16:54 . 2009-02-20 17:13 459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 16:54 . 2009-04-29 04:47 459264 c:\windows\system32\msfeeds.dll
- 2007-08-13 16:34 . 2009-02-20 17:13 268288 c:\windows\system32\iertutil.dll
+ 2007-08-13 16:34 . 2009-04-29 04:47 268288 c:\windows\system32\iertutil.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 385024 c:\windows\system32\iedkcs32.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 385024 c:\windows\system32\iedkcs32.dll
- 2007-07-11 10:27 . 2009-02-20 17:13 383488 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 10:27 . 2009-04-29 04:47 383488 c:\windows\system32\ieapfltr.dll
+ 2004-08-18 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 230400 c:\windows\system32\ieaksie.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 133120 c:\windows\system32\extmgr.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 133120 c:\windows\system32\extmgr.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 827392 c:\windows\system32\dllcache\wininet.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 105984 c:\windows\system32\dllcache\url.dll
+ 2009-04-15 14:54 . 2009-04-15 14:54 585216 c:\windows\system32\dllcache\rpcrt4.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 102912 c:\windows\system32\dllcache\occache.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-05-07 15:33 . 2009-05-07 15:33 346624 c:\windows\system32\dllcache\localspl.dll
+ 2008-06-27 16:30 . 2009-04-25 05:27 636088 c:\windows\system32\dllcache\iexplore.exe
+ 2008-06-28 17:05 . 2009-04-29 04:47 268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 268288 c:\windows\system32\dllcache\iertutil.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 383488 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-18 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 133120 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 124928 c:\windows\system32\advpack.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 124928 c:\windows\system32\advpack.dll
- 2008-06-27 18:38 . 2009-05-14 06:05 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2006-10-27 13:16 . 2006-10-27 13:16 408880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RTFHTML.DLL
+ 2006-10-27 13:16 . 2006-10-27 13:16 138512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLCTL.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 254776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLKFSTUB.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 154960 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ENVELOPE.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 116544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EMABLT32.DLL
+ 2009-06-17 18:18 . 2009-03-03 00:14 826368 c:\windows\ie7updates\KB969897-IE7\wininet.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 233472 c:\windows\ie7updates\KB969897-IE7\webcheck.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 105984 c:\windows\ie7updates\KB969897-IE7\url.dll
+ 2009-06-17 18:18 . 2008-07-09 07:36 391032 c:\windows\ie7updates\KB969897-IE7\spuninst\updspapi.dll
+ 2009-06-17 18:18 . 2008-07-09 07:36 233848 c:\windows\ie7updates\KB969897-IE7\spuninst\spuninst.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 102912 c:\windows\ie7updates\KB969897-IE7\occache.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 671232 c:\windows\ie7updates\KB969897-IE7\mstime.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 193024 c:\windows\ie7updates\KB969897-IE7\msrating.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 477696 c:\windows\ie7updates\KB969897-IE7\mshtmled.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 459264 c:\windows\ie7updates\KB969897-IE7\msfeeds.dll
+ 2009-06-17 18:18 . 2009-02-28 04:54 636072 c:\windows\ie7updates\KB969897-IE7\iexplore.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 268288 c:\windows\ie7updates\KB969897-IE7\iertutil.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 385024 c:\windows\ie7updates\KB969897-IE7\iedkcs32.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 383488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dll
+ 2009-06-17 18:18 . 2009-02-20 05:14 161792 c:\windows\ie7updates\KB969897-IE7\ieakui.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 230400 c:\windows\ie7updates\KB969897-IE7\ieaksie.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 153088 c:\windows\ie7updates\KB969897-IE7\ieakeng.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 133120 c:\windows\ie7updates\KB969897-IE7\extmgr.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 214528 c:\windows\ie7updates\KB969897-IE7\dxtrans.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 347136 c:\windows\ie7updates\KB969897-IE7\dxtmsft.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 124928 c:\windows\ie7updates\KB969897-IE7\advpack.dll
+ 2009-04-22 16:05 . 2009-04-22 16:05 406640 c:\windows\Downloaded Program Files\fslauncher.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 1159680 c:\windows\system32\urlmon.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 3596288 c:\windows\system32\mshtml.dll
- 2007-08-13 16:54 . 2009-02-20 17:13 6066176 c:\windows\system32\ieframe.dll
+ 2007-08-13 16:54 . 2009-04-29 04:47 6066176 c:\windows\system32\ieframe.dll
+ 2008-06-27 18:25 . 2009-06-17 18:56 2448024 c:\windows\system32\FNTCACHE.DAT
- 2008-06-27 18:25 . 2009-06-16 16:47 2448024 c:\windows\system32\FNTCACHE.DAT
+ 2008-10-14 20:58 . 2009-04-19 19:52 1847168 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-18 12:00 . 2009-04-29 04:47 1159680 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 3596288 c:\windows\system32\dllcache\mshtml.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 6066176 c:\windows\system32\dllcache\ieframe.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 6066176 c:\windows\system32\dllcache\ieframe.dll
+ 2008-06-27 18:38 . 2009-06-17 18:22 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 1160192 c:\windows\ie7updates\KB969897-IE7\urlmon.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 3595264 c:\windows\ie7updates\KB969897-IE7\mshtml.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 6066176 c:\windows\ie7updates\KB969897-IE7\ieframe.dll
+ 2009-06-17 18:18 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dat
+ 2008-06-28 08:41 . 2009-06-01 16:51 23635392 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-03-28 17:59 2953216 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-03-28 17:59 2953216 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TaskSwitchXP"="c:\program files\TaskSwitchXP\TaskSwitchXP.exe" [2007-05-09 106904]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"\\TOWER\EPSON DX8400_local"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]
"Nseries.PCSync"="c:\program files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe" [2007-11-07 1294336]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2009-06-08 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WLSS"="c:\program files\Compal\Wireless Select Switch\WLSS.exe" [2007-04-23 190000]
"Wow Video&Audio"="c:\program files\Compal\Wow Video&Audio\WVAMain.exe" [2007-05-03 951856]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-06-01 974848]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-03-28 49168]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-09 13533184]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-09 86016]
"SMBTray"="c:\program files\Compal\Smart Battery\SMBTray.exe" [2007-06-04 521776]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-06 29744]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Task Catcher"="c:\progra~1\Task Catcher\tasktrap.exe" [2005-11-14 136760]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-06-13 16377344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-04-29 124928]
c:\documents and settings\Radek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Stickies.lnk - c:\program files\Stickies\stickies.exe [2008-1-16 757760]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2008-6-28 274432]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\install\THEMES_XP\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-28 17:46 90112 ----a-w- c:\windows\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\HRY\\DOD\\hl.exe"=
"d:\\HRY\\MEDIEVAL\\Medieval_TW.exe"=
"d:\\HRY\\CS\\hl.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"d:\\HRY\\Bitva o Středozem\\game.dat"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [27.6.2008 18:52 9856]
R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [28.6.2008 12:58 140800]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [28.6.2008 12:58 5504]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [6.4.2006 22:09 31104]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 8:21 468224]
R2 ftusbsrvc;USB over Network (Client) service;c:\windows\system32\ftusbsrvc.exe [20.11.2008 13:37 471040]
R2 Smart Watchdog;Smart Watchdog Service;c:\program files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe [14.5.2007 23:18 118784]
R3 ftusbhub;Virtual USB Bus;c:\windows\system32\drivers\ftusbbus.sys [20.11.2008 13:36 36224]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [21.7.2008 0:15 36608]
S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\system32\ASNDIS5.sys [6.9.2008 21:30 16269]
S3 CamFilter;CamFilter;c:\windows\system32\drivers\Camfilter.sys [11.5.2007 15:56 16640]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [6.9.2008 14:13 29744]
S3 Ktp;Elantech Touchpad;c:\windows\system32\drivers\Ktp.sys [27.6.2008 18:49 27776]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.1.2009 1:53 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.1.2009 1:53 8320]
.
Obsah adresáře 'Naplánované úlohy'
2009-06-17 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-02 20:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: {{7e6a20fb-153f-402c-a84b-1a64e1955d3d} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-17 22:18
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1935655697-1547161642-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1200)
c:\windows\system32\vrlogon.dll
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\remote.dll
c:\program files\Protector Suite QL\crypto.dll
- - - - - - - > 'lsass.exe'(1260)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
- - - - - - - > 'explorer.exe'(2156)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infra.dll
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Stardock\Object Desktop\IconPackager\iprepair.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Protector Suite QL\psqltray.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe
.
**************************************************************************
.
Celkový čas: 2009-06-17 22:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-06-17 20:21
ComboFix2.txt 2009-06-17 17:44
ComboFix3.txt 2009-06-17 16:06
ComboFix4.txt 2009-06-16 20:22
Před spuštěním: 8 660 021 248
Po spuštění: 8 646 295 552
419 --- E O F --- 2009-06-17 18:22
tady je LOG z CF
ComboFix 09-06-16.01 - Radek 17.06.2009 22:15.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3070.2305 [GMT 2:00]
Spuštěný z: c:\documents and settings\Radek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Radek\Plocha\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FILE ::
"c:\documents and settings\Radek\Nabídka Start\Programy\Po spuštění\rncsys32.exe"
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-05-17 do 2009-06-17 )))))))))))))))))))))))))))))))
.
2009-06-16 19:42 . 2009-06-16 19:42 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-06-16 19:42 . 2009-06-16 19:42 548864 ----a-w- c:\windows\system32\msvcp80.dll
2009-06-16 19:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2009-06-16 19:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2009-06-16 19:42 . 2009-06-16 19:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-06-16 18:36 . 2009-06-16 18:36 -------- d-----w- c:\program files\Trend Micro
2009-06-16 17:19 . 2009-06-16 17:19 -------- d-----w- c:\program files\Sweet Home 3D
2009-06-16 16:35 . 2009-06-16 16:55 -------- d-----w- c:\program files\SpywareBlaster
2009-06-16 16:35 . 2009-06-16 16:35 -------- d-----w- c:\program files\CCleaner
2009-06-16 16:28 . 2009-06-16 16:28 -------- d-----w- c:\program files\Task Catcher
2009-06-16 16:27 . 2009-06-16 16:31 -------- d-----w- c:\program files\RegScrubXP
2009-06-08 19:08 . 2009-06-08 19:18 -------- d-----w- c:\program files\translator09
2009-06-04 13:28 . 2009-06-04 13:28 286720 ----a-w- c:\windows\system32\swb_uninst.exe
2009-06-04 13:28 . 2009-06-04 13:28 -------- d-----w- c:\program files\CV Curriculum vitae CREATOR
2009-05-19 19:20 . 2009-05-19 19:20 -------- d-sh--w- c:\documents and settings\All Users\DRM
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-16 17:24 . 2008-06-28 21:48 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-16 16:46 . 2008-06-28 23:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-26 11:20 . 2008-07-22 09:40 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2008-06-28 23:39 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-17 21:39 . 2009-05-17 10:04 -------- d-----w- c:\program files\Scriptocean
2009-05-07 15:33 . 2004-08-18 12:00 346624 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:47 . 2004-08-18 12:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:47 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-25 19:48 . 2008-09-28 20:01 -------- d-----w- c:\program files\Advanced IP Scanner
2009-04-25 19:41 . 2008-06-27 23:29 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-25 19:40 . 2009-04-25 19:40 -------- d-----w- c:\program files\Adobe Media Player
2009-04-25 19:02 . 2008-06-27 16:49 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-22 14:27 . 2008-06-27 23:45 -------- d-----w- c:\program files\Azureus
2009-04-19 19:52 . 2004-08-18 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-19 14:06 . 2009-01-06 20:55 -------- d-----w- c:\program files\Common Files\Nokia
2009-04-19 14:06 . 2009-01-06 19:55 -------- d-----w- c:\program files\Nokia
2009-04-17 09:01 . 2004-08-18 12:00 76442 ----a-w- c:\windows\system32\perfc005.dat
2009-04-17 09:01 . 2004-08-18 12:00 425138 ----a-w- c:\windows\system32\perfh005.dat
2009-04-15 14:54 . 2004-08-18 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-08 20:50 . 2008-06-29 09:55 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-04-08 20:50 . 2008-06-29 09:55 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-04-08 20:49 . 2008-06-29 09:55 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2008-09-06 12:13 . 2008-09-06 12:13 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-03-28 17:54 . 2008-07-29 15:00 865792 ------w- c:\program files\mozilla firefox\components\pbgk1_8.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-06-16_20.20.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-28 15:19 . 2008-07-09 07:36 18296 c:\windows\system32\spmsg.dll
- 2008-06-28 15:19 . 2007-11-30 12:39 18296 c:\windows\system32\spmsg.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\pngfilt.dll
+ 2007-08-13 16:54 . 2009-04-29 04:47 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:54 . 2009-02-20 17:13 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 27648 c:\windows\system32\jsproxy.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 27648 c:\windows\system32\jsproxy.dll
+ 2007-08-13 16:39 . 2009-04-28 09:04 13824 c:\windows\system32\ieudinit.exe
- 2007-08-13 16:39 . 2009-02-20 10:20 13824 c:\windows\system32\ieudinit.exe
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\iernonce.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\iernonce.dll
- 2004-08-18 12:00 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-18 12:00 . 2009-04-28 09:04 70656 c:\windows\system32\ie4uinit.exe
+ 2007-08-13 16:36 . 2009-04-29 04:47 63488 c:\windows\system32\icardie.dll
- 2007-08-13 16:36 . 2009-02-20 17:13 63488 c:\windows\system32\icardie.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-06-28 17:05 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-06-28 17:05 . 2009-04-28 09:04 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2004-08-18 12:00 . 2009-04-29 04:47 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-02-20 17:13 . 2009-04-29 04:47 78336 c:\windows\system32\dllcache\ieencode.dll
- 2009-02-20 17:13 . 2009-02-20 17:13 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-18 12:00 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-18 12:00 . 2009-04-28 09:04 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-06-28 17:05 . 2009-04-29 04:47 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-06-27 18:38 . 2009-06-17 18:22 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2006-10-26 19:13 . 2006-10-26 19:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XL12CNVP.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 55056 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SCANOST.EXE
+ 2006-10-26 18:55 . 2006-10-26 18:55 76576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RM.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 39208 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RECALL.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 53048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLVBA.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 21312 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MLSHEXT.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 35160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DUMPSTER.DLL
+ 2009-06-17 18:18 . 2009-02-20 17:13 44544 c:\windows\ie7updates\KB969897-IE7\pngfilt.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 52224 c:\windows\ie7updates\KB969897-IE7\msfeedsbs.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 27648 c:\windows\ie7updates\KB969897-IE7\jsproxy.dll
+ 2009-06-17 18:18 . 2009-02-20 10:20 13824 c:\windows\ie7updates\KB969897-IE7\ieudinit.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 44544 c:\windows\ie7updates\KB969897-IE7\iernonce.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 78336 c:\windows\ie7updates\KB969897-IE7\ieencode.dll
+ 2009-06-17 18:18 . 2009-02-20 10:20 70656 c:\windows\ie7updates\KB969897-IE7\ie4uinit.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 63488 c:\windows\ie7updates\KB969897-IE7\icardie.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 233472 c:\windows\system32\webcheck.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 233472 c:\windows\system32\webcheck.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 105984 c:\windows\system32\url.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 105984 c:\windows\system32\url.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 102912 c:\windows\system32\occache.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 102912 c:\windows\system32\occache.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 671232 c:\windows\system32\mstime.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 671232 c:\windows\system32\mstime.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 193024 c:\windows\system32\msrating.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 193024 c:\windows\system32\msrating.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 477696 c:\windows\system32\mshtmled.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 477696 c:\windows\system32\mshtmled.dll
- 2007-08-13 16:54 . 2009-02-20 17:13 459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 16:54 . 2009-04-29 04:47 459264 c:\windows\system32\msfeeds.dll
- 2007-08-13 16:34 . 2009-02-20 17:13 268288 c:\windows\system32\iertutil.dll
+ 2007-08-13 16:34 . 2009-04-29 04:47 268288 c:\windows\system32\iertutil.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 385024 c:\windows\system32\iedkcs32.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 385024 c:\windows\system32\iedkcs32.dll
- 2007-07-11 10:27 . 2009-02-20 17:13 383488 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 10:27 . 2009-04-29 04:47 383488 c:\windows\system32\ieapfltr.dll
+ 2004-08-18 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 230400 c:\windows\system32\ieaksie.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 133120 c:\windows\system32\extmgr.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 133120 c:\windows\system32\extmgr.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 827392 c:\windows\system32\dllcache\wininet.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 105984 c:\windows\system32\dllcache\url.dll
+ 2009-04-15 14:54 . 2009-04-15 14:54 585216 c:\windows\system32\dllcache\rpcrt4.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 102912 c:\windows\system32\dllcache\occache.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-05-07 15:33 . 2009-05-07 15:33 346624 c:\windows\system32\dllcache\localspl.dll
+ 2008-06-27 16:30 . 2009-04-25 05:27 636088 c:\windows\system32\dllcache\iexplore.exe
+ 2008-06-28 17:05 . 2009-04-29 04:47 268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 268288 c:\windows\system32\dllcache\iertutil.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 383488 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-18 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 133120 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-18 12:00 . 2009-02-20 17:13 124928 c:\windows\system32\advpack.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 124928 c:\windows\system32\advpack.dll
- 2008-06-27 18:38 . 2009-05-14 06:05 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2006-10-27 13:16 . 2006-10-27 13:16 408880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RTFHTML.DLL
+ 2006-10-27 13:16 . 2006-10-27 13:16 138512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLCTL.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 254776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLKFSTUB.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 154960 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ENVELOPE.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 116544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EMABLT32.DLL
+ 2009-06-17 18:18 . 2009-03-03 00:14 826368 c:\windows\ie7updates\KB969897-IE7\wininet.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 233472 c:\windows\ie7updates\KB969897-IE7\webcheck.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 105984 c:\windows\ie7updates\KB969897-IE7\url.dll
+ 2009-06-17 18:18 . 2008-07-09 07:36 391032 c:\windows\ie7updates\KB969897-IE7\spuninst\updspapi.dll
+ 2009-06-17 18:18 . 2008-07-09 07:36 233848 c:\windows\ie7updates\KB969897-IE7\spuninst\spuninst.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 102912 c:\windows\ie7updates\KB969897-IE7\occache.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 671232 c:\windows\ie7updates\KB969897-IE7\mstime.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 193024 c:\windows\ie7updates\KB969897-IE7\msrating.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 477696 c:\windows\ie7updates\KB969897-IE7\mshtmled.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 459264 c:\windows\ie7updates\KB969897-IE7\msfeeds.dll
+ 2009-06-17 18:18 . 2009-02-28 04:54 636072 c:\windows\ie7updates\KB969897-IE7\iexplore.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 268288 c:\windows\ie7updates\KB969897-IE7\iertutil.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 385024 c:\windows\ie7updates\KB969897-IE7\iedkcs32.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 383488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dll
+ 2009-06-17 18:18 . 2009-02-20 05:14 161792 c:\windows\ie7updates\KB969897-IE7\ieakui.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 230400 c:\windows\ie7updates\KB969897-IE7\ieaksie.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 153088 c:\windows\ie7updates\KB969897-IE7\ieakeng.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 133120 c:\windows\ie7updates\KB969897-IE7\extmgr.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 214528 c:\windows\ie7updates\KB969897-IE7\dxtrans.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 347136 c:\windows\ie7updates\KB969897-IE7\dxtmsft.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 124928 c:\windows\ie7updates\KB969897-IE7\advpack.dll
+ 2009-04-22 16:05 . 2009-04-22 16:05 406640 c:\windows\Downloaded Program Files\fslauncher.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 1159680 c:\windows\system32\urlmon.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 3596288 c:\windows\system32\mshtml.dll
- 2007-08-13 16:54 . 2009-02-20 17:13 6066176 c:\windows\system32\ieframe.dll
+ 2007-08-13 16:54 . 2009-04-29 04:47 6066176 c:\windows\system32\ieframe.dll
+ 2008-06-27 18:25 . 2009-06-17 18:56 2448024 c:\windows\system32\FNTCACHE.DAT
- 2008-06-27 18:25 . 2009-06-16 16:47 2448024 c:\windows\system32\FNTCACHE.DAT
+ 2008-10-14 20:58 . 2009-04-19 19:52 1847168 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-18 12:00 . 2009-04-29 04:47 1159680 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-18 12:00 . 2009-04-29 04:47 3596288 c:\windows\system32\dllcache\mshtml.dll
+ 2008-06-28 17:05 . 2009-04-29 04:47 6066176 c:\windows\system32\dllcache\ieframe.dll
- 2008-06-28 17:05 . 2009-02-20 17:13 6066176 c:\windows\system32\dllcache\ieframe.dll
+ 2008-06-27 18:38 . 2009-06-17 18:22 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-06-27 18:38 . 2009-05-14 06:05 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-06-27 18:38 . 2009-06-17 18:22 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-06-17 18:18 . 2009-02-20 17:13 1160192 c:\windows\ie7updates\KB969897-IE7\urlmon.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 3595264 c:\windows\ie7updates\KB969897-IE7\mshtml.dll
+ 2009-06-17 18:18 . 2009-02-20 17:13 6066176 c:\windows\ie7updates\KB969897-IE7\ieframe.dll
+ 2009-06-17 18:18 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dat
+ 2008-06-28 08:41 . 2009-06-01 16:51 23635392 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-03-28 17:59 2953216 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-03-28 17:59 2953216 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TaskSwitchXP"="c:\program files\TaskSwitchXP\TaskSwitchXP.exe" [2007-05-09 106904]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"\\TOWER\EPSON DX8400_local"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]
"Nseries.PCSync"="c:\program files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe" [2007-11-07 1294336]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2009-06-08 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WLSS"="c:\program files\Compal\Wireless Select Switch\WLSS.exe" [2007-04-23 190000]
"Wow Video&Audio"="c:\program files\Compal\Wow Video&Audio\WVAMain.exe" [2007-05-03 951856]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-06-01 974848]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-03-28 49168]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-09 13533184]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-09 86016]
"SMBTray"="c:\program files\Compal\Smart Battery\SMBTray.exe" [2007-06-04 521776]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-06 29744]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Task Catcher"="c:\progra~1\Task Catcher\tasktrap.exe" [2005-11-14 136760]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-06-13 16377344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-04-29 124928]
c:\documents and settings\Radek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Stickies.lnk - c:\program files\Stickies\stickies.exe [2008-1-16 757760]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2008-6-28 274432]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\install\THEMES_XP\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-28 17:46 90112 ----a-w- c:\windows\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\HRY\\DOD\\hl.exe"=
"d:\\HRY\\MEDIEVAL\\Medieval_TW.exe"=
"d:\\HRY\\CS\\hl.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"d:\\HRY\\Bitva o Středozem\\game.dat"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [27.6.2008 18:52 9856]
R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [28.6.2008 12:58 140800]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [28.6.2008 12:58 5504]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [6.4.2006 22:09 31104]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 8:21 468224]
R2 ftusbsrvc;USB over Network (Client) service;c:\windows\system32\ftusbsrvc.exe [20.11.2008 13:37 471040]
R2 Smart Watchdog;Smart Watchdog Service;c:\program files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe [14.5.2007 23:18 118784]
R3 ftusbhub;Virtual USB Bus;c:\windows\system32\drivers\ftusbbus.sys [20.11.2008 13:36 36224]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [21.7.2008 0:15 36608]
S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\system32\ASNDIS5.sys [6.9.2008 21:30 16269]
S3 CamFilter;CamFilter;c:\windows\system32\drivers\Camfilter.sys [11.5.2007 15:56 16640]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [6.9.2008 14:13 29744]
S3 Ktp;Elantech Touchpad;c:\windows\system32\drivers\Ktp.sys [27.6.2008 18:49 27776]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.1.2009 1:53 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.1.2009 1:53 8320]
.
Obsah adresáře 'Naplánované úlohy'
2009-06-17 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-02 20:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: {{7e6a20fb-153f-402c-a84b-1a64e1955d3d} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{cc963627-b1dc-40e0-b52a-cf21ee748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-17 22:18
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1935655697-1547161642-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1200)
c:\windows\system32\vrlogon.dll
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\remote.dll
c:\program files\Protector Suite QL\crypto.dll
- - - - - - - > 'lsass.exe'(1260)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
- - - - - - - > 'explorer.exe'(2156)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infra.dll
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Stardock\Object Desktop\IconPackager\iprepair.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Protector Suite QL\psqltray.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe
.
**************************************************************************
.
Celkový čas: 2009-06-17 22:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-06-17 20:21
ComboFix2.txt 2009-06-17 17:44
ComboFix3.txt 2009-06-17 16:06
ComboFix4.txt 2009-06-16 20:22
Před spuštěním: 8 660 021 248
Po spuštění: 8 646 295 552
419 --- E O F --- 2009-06-17 18:22
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Je tam ještě ten soubor?
CF ho neoznačil jako výmaz. Pokud by tam byl, zkus ho vymazat v nouzáku.
Jinde by už zmizel, zady se drží jak klíště.
CF ho neoznačil jako výmaz. Pokud by tam byl, zkus ho vymazat v nouzáku.
Jinde by už zmizel, zady se drží jak klíště.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu
Ten soubor jsem už nikde nenašel. Takže by měl být smazaný. Doufejme.
Můžu to ověřit ještě nějak jinak? V tom umístění již není, ale není ještě někde jinde?
díky moc
Můžu to ověřit ještě nějak jinak? V tom umístění již není, ale není ještě někde jinde?
díky moc
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu
Vypni Body obnovení a vlož sem log z HJT
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu
chvíli trvalo, než jsem našel, kde vypnout body obnovení :)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:07:01, on 17.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Compal\Smart Battery\SMBTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ftusbsrvc.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2db66063-bb98-466a-aa0d-3e7acf5ed853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMBTray] C:\Program Files\Compal\Smart Battery\SMBTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Task Catcher] C:\PROGRA~1\Task Catcher\tasktrap.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [\\TOWER\EPSON DX8400_local] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\DOCUME~1\Radek\Temp\E_SC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Nseries.PCSync] "C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7e6a20fb-153f-402c-a84b-1a64e1955d3d} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - (no file)
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5680527234
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: USB over Network (Client) service (ftusbsrvc) - FabulaTech - C:\WINDOWS\system32\ftusbsrvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe
--
End of file - 12968 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:07:01, on 17.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Compal\Smart Battery\SMBTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ftusbsrvc.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2db66063-bb98-466a-aa0d-3e7acf5ed853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe
O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMBTray] C:\Program Files\Compal\Smart Battery\SMBTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Task Catcher] C:\PROGRA~1\Task Catcher\tasktrap.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [\\TOWER\EPSON DX8400_local] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\DOCUME~1\Radek\Temp\E_SC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Nseries.PCSync] "C:\Program Files\Nokia\Nseries System Utilities\System Utilities\PcSync2.exe" /NoDialog
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7e6a20fb-153f-402c-a84b-1a64e1955d3d} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - (no file)
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {cc963627-b1dc-40e0-b52a-cf21ee748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {cc963627-b1dc-40e0-b52a-cf21ee748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {cc963627-b1dc-40e0-b52a-cf21ee748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {cc963627-b1dc-40e0-b52a-cf21ee748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5680527234
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: USB over Network (Client) service (ftusbsrvc) - FabulaTech - C:\WINDOWS\system32\ftusbsrvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe
--
End of file - 12968 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 81 hostů