Prosím o kontrolu logu (nestabilita systému)

mara362 · Příspěvekod **mara362** » 23 říj 2009 16:51

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:46:50, on 23.10.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\World of Warcraft\Repair.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S214C.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 5190 bytes

Reklama

Damned · Příspěvekod **Damned** » 23 říj 2009 17:04

Odinstaluj si Alcohol, nebo DAEMOn. Ponech si je jeden. Někdy se může stát, že pokud jsou oba na jednom systému, může to způsobovat problém.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

mara362 · Příspěvekod **mara362** » 23 říj 2009 18:18

Malwarebytes nic nenašel a alcohol jsem odinstaloval. co dále? :huh:

Damned · Příspěvekod **Damned** » 23 říj 2009 18:31

V čem spočívá ta nestabilita?

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

mara362 · Příspěvekod **mara362** » 23 říj 2009 20:14

Např. v tom, že často padá Opera nebo jsem to zaregistroval u WoW. Prostě znenadání to hodí error a hra se ukončí. Jiné aplikace drží. Pokud se ovšem tohle vše dá považovat za nestabilitu. Stává se to posledních pár dní, před tím bylo vše bez problémů. systém mám měsíc starý, pravidelně čištěný Ad-Awarem a CCleanerem. hodím sem log z combofixu hned jak bude hotov.

Damned · Příspěvekod **Damned** » 23 říj 2009 20:19

Jasně

mara362 · Příspěvekod **mara362** » 23 říj 2009 20:34

ComboFix 09-10-22.01 - Marek 23.10.2009 20:28.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.661 [GMT 2:00]
Spuštěný z: c:\documents and settings\Marek\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ieuinit.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-09-23 do 2009-10-23 )))))))))))))))))))))))))))))))
.

2009-10-23 15:51 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-23 15:51 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-23 15:51 . 2009-10-23 15:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-21 21:51 . 2009-10-21 22:06 -------- d-----w- c:\program files\TalonSoft
2009-10-20 15:07 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2009-10-20 15:06 . 2008-09-24 08:40 4122368 ----a-r- c:\windows\system32\drivers\alcxwdm.sys
2009-10-20 15:06 . 2009-10-20 15:06 -------- d-----w- c:\program files\Realtek AC97
2009-10-20 15:06 . 2006-12-08 13:20 10528768 ----a-w- c:\windows\system32\RTLCPL.exe
2009-10-20 15:06 . 2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
2009-10-20 15:06 . 2006-10-18 00:53 147456 ----a-w- c:\windows\system32\RtlCPAPI.dll
2009-10-20 15:06 . 2006-07-31 09:27 217088 ----a-w- c:\windows\Alcrmv.exe
2009-10-20 15:06 . 2006-07-31 09:19 315392 ----a-w- c:\windows\alcupd.exe
2009-10-17 19:02 . 1997-01-18 08:40 299520 ----a-w- c:\windows\uninst.exe
2009-10-16 18:14 . 2009-10-16 18:14 -------- d-----w- c:\program files\Codemasters
2009-10-11 18:07 . 2009-10-11 18:08 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-10-11 18:04 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-10-11 18:04 . 2005-12-09 01:03 71168 ----a-w- c:\windows\system32\E_FLBBEE.DLL
2009-10-11 18:04 . 2005-04-11 01:01 62976 ----a-w- c:\windows\system32\E_FD4BBEE.DLL
2009-10-11 18:04 . 2004-08-03 20:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-10-11 18:04 . 2004-08-03 20:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-10-11 18:02 . 2009-10-11 18:09 -------- d-----w- c:\program files\epson
2009-10-11 18:02 . 2005-02-24 22:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2009-10-11 18:02 . 2005-02-24 22:00 29696 ----a-w- c:\windows\system32\escwiad.dll
2009-10-11 18:02 . 2005-02-24 22:00 22016 ----a-w- c:\windows\system32\esccmd.dll
2009-10-10 18:25 . 2009-10-10 18:25 -------- d-----w- c:\program files\CyberLink
2009-10-09 21:02 . 2009-10-09 21:02 -------- d-----w- c:\program files\Common Files\DirectX
2009-10-09 20:50 . 2009-10-10 09:50 -------- d-----w- c:\windows\SxsCaPendDel
2009-10-09 20:46 . 2009-10-21 19:29 -------- d-----w- c:\program files\EA GAMES
2009-09-29 18:59 . 2009-09-29 18:59 -------- d-----w- c:\program files\PowerISO
2009-09-28 19:03 . 2009-09-28 19:14 -------- d-----w- c:\program files\VirtualBus
2009-09-28 18:28 . 2009-09-28 18:28 -------- d-----w- c:\program files\ACDSee32
2009-09-28 18:06 . 2009-09-28 18:06 -------- d-----w- c:\program files\uTorrent
2009-09-23 19:57 . 2009-09-23 19:57 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-23 14:52 . 2009-09-19 15:41 -------- d-----w- c:\program files\World of Warcraft
2009-10-22 10:34 . 2009-09-19 11:17 -------- d-----w- c:\program files\Java
2009-10-20 15:06 . 2009-09-19 10:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-17 19:02 . 2009-09-30 13:31 -------- d-----w- c:\program files\LucasArts
2009-10-11 17:49 . 2009-09-19 17:56 -------- d-----w- c:\program files\ESET
2009-10-07 22:42 . 2009-09-30 10:37 -------- d-----w- c:\program files\Microsoft Games
2009-10-07 12:16 . 2009-10-07 12:16 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-07 12:01 . 2009-10-07 12:01 -------- d-----w- c:\program files\THQ
2009-10-07 11:05 . 2009-09-19 10:22 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-06 20:59 . 2009-10-06 20:59 -------- d-----w- c:\program files\thriXXX
2009-10-05 21:10 . 2009-10-05 21:10 -------- d-----w- c:\program files\Phenomedia AG
2009-10-04 11:50 . 2009-10-04 11:50 -------- d-----w- c:\program files\Alcohol Soft
2009-10-03 08:56 . 2009-09-19 11:24 -------- d-----w- c:\program files\Winamp
2009-10-02 22:08 . 2009-10-02 21:00 -------- d-----w- c:\program files\TVUPlayer
2009-09-30 11:10 . 2009-09-30 11:10 -------- d-----w- c:\program files\MSXML 4.0
2009-09-23 12:55 . 2009-09-19 18:06 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-21 22:21 . 2009-09-19 17:58 -------- d-----w- c:\program files\MyPhoneExplorer
2009-09-21 19:42 . 2009-09-21 19:42 -------- d-----w- c:\program files\AviSynth 2.5
2009-09-21 19:41 . 2009-09-21 19:41 -------- d-----w- c:\program files\1stbenison
2009-09-19 22:42 . 2009-09-19 21:55 -------- d-----w- c:\program files\FlatOut2
2009-09-19 19:36 . 2009-09-19 19:36 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-09-19 19:36 . 2009-09-19 19:36 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-09-19 19:34 . 2009-09-19 17:52 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-19 18:05 . 2009-09-19 18:05 -------- d-----w- c:\program files\Curse
2009-09-19 18:05 . 2009-09-19 18:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-19 18:04 . 2009-09-19 18:04 -------- d-----w- c:\program files\Skype
2009-09-19 18:04 . 2009-09-19 18:04 -------- d-----w- c:\program files\Common Files\Skype
2009-09-19 18:00 . 2009-09-19 18:00 -------- d-----w- c:\program files\Lavasoft
2009-09-19 17:59 . 2009-09-19 17:58 -------- d-----w- c:\program files\Hamachi
2009-09-19 17:58 . 2009-09-19 17:58 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-09-19 17:58 . 2009-09-19 17:58 -------- d-----w- c:\program files\PSPad editor
2009-09-19 17:56 . 2009-09-19 17:56 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2009-09-19 17:56 . 2009-09-19 17:56 298104 ----a-w- c:\windows\system32\imon.dll
2009-09-19 17:56 . 2009-09-19 17:56 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Western Digital Technologies
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Uniblue
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Trend Micro
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\themes
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Tetris
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\sgc_3d_sim
2009-09-19 15:41 . 2009-09-19 15:40 -------- d-----w- c:\program files\QIP
2009-09-19 15:40 . 2009-09-19 15:40 -------- d-----w- c:\program files\Psi
2009-09-19 15:40 . 2009-09-19 15:39 -------- d-----w- c:\program files\Mafia
2009-09-19 15:39 . 2009-09-19 15:39 -------- d-----w- c:\program files\HyperSnap 6
2009-09-19 15:38 . 2009-09-19 15:38 -------- d-----w- c:\program files\eRightSoft
2009-09-19 15:38 . 2009-09-19 15:38 -------- d-----w- c:\program files\Corel
2009-09-19 14:34 . 2009-09-19 14:34 -------- d-----w- c:\program files\Webteh
2009-09-19 11:52 . 2009-09-19 11:52 -------- d-----w- c:\program files\A4Tech
2009-09-19 11:19 . 2009-09-19 11:19 -------- d-----w- c:\program files\Opera
2009-09-19 11:18 . 2009-09-19 11:18 -------- d-----w- c:\program files\mpegable
2009-09-19 11:18 . 2009-09-19 11:18 47104 ------w- c:\windows\AKDeInstall.exe
2009-09-19 11:18 . 2009-09-19 11:18 -------- d-----w- c:\program files\Sun
2009-09-19 11:17 . 2009-09-19 11:17 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-19 11:16 . 2009-09-19 11:16 -------- d-----w- c:\program files\IObit
2009-09-19 11:15 . 2009-09-19 11:15 -------- d-----w- c:\program files\CCleaner
2009-09-19 11:14 . 2009-09-19 11:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-19 11:06 . 2009-09-19 11:06 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-19 10:30 . 2009-09-19 10:25 -------- d-----w- c:\program files\ATI Technologies
2009-09-19 10:28 . 2009-09-19 10:28 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-09-19 10:28 . 2001-10-25 14:00 68736 ----a-w- c:\windows\system32\perfc005.dat
2009-09-19 10:28 . 2001-10-25 14:00 389664 ----a-w- c:\windows\system32\perfh005.dat
2009-09-19 10:20 . 2009-09-19 10:20 -------- d-----w- c:\program files\SiSLan
2009-09-19 10:11 . 2009-09-19 10:11 -------- d-----w- c:\program files\microsoft frontpage
2009-09-19 10:07 . 2009-09-19 10:07 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-03 09:17 . 2009-09-21 15:07 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-07-31 13:23 . 2009-09-19 11:18 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- c:\windows\system32\drivers\scdemu.sys
2005-05-13 15:12 . 2005-05-13 15:12 217073 --sha-r- c:\windows\meta4.exe
2005-10-24 09:13 . 2005-10-24 09:13 66560 --sha-r- c:\windows\MOTA113.exe
2005-10-13 19:27 . 2005-10-13 19:27 422400 --sha-r- c:\windows\x2.64.exe
2005-10-07 17:14 . 2005-10-07 17:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2005-07-14 10:31 . 2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 13:32 . 2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 . 2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2006-04-27 08:24 . 2006-04-27 08:24 2945024 --sha-r- c:\windows\system32\Smab.dll
2005-02-28 11:16 . 2005-02-28 11:16 240128 --sha-r- c:\windows\system32\x.264.exe
2004-01-24 22:00 . 2004-01-24 22:00 217088 --sha-r- c:\windows\system32\yv12vfw.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2008-03-06 241664]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-09-19 949376]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Garrysmod\\hl2.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\Psi\\psi.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\Half-Life\\hl.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Games\\Worms Armageddon - New Edition\\WA.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\LucasArts\\Star Wars JK II Jedi Outcast\\GameData\\jk2mp.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"c:\\Half-Life\\hlds.exe"=
"c:\\Half-Life\\hltv.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\World of Warcraft\\Repair.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [19.9.2009 20:06 64288]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [19.9.2009 19:56 15424]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24.9.2009 13:17 1170768]
S3 IODRV;IODRV;\??\d:\iodrv.sys --> d:\IODrv.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2009-10-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:51]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-23 20:31
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-10-23 20:31
ComboFix-quarantined-files.txt 2009-10-23 18:31

Před spuštěním: Volných bajtů: 47 698 087 936
Po spuštění: Volných bajtů: 47 674 028 032

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 57652B99687F7993C5C777E826D85379

edit: k tomu antiviru.. snažil jsem se ho vypnout, ale úplně vypnout nešel. povypínal jsem alespoň ochrany AMON, DMON, IMON .... :(
jo a ještě mi to po skončení hodilo na plochu ikonku IE

Damned · Příspěvekod **Damned** » 23 říj 2009 20:57

ComboFix nastavuje některá nastavení do výchozích.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\ezsidmv.dat
c:\windows\system32\emptyregdb.dat
c:\windows\meta4.exe
c:\windows\MOTA113.exe
c:\windows\x2.64.exe
c:\windows\system32\x.264.exe
d:\IODrv.sys

Folder::
c:\windows\SxsCaPendDel
c:\program files\DAEMON Tools Toolbar
C:\Program Files\Alcohol Soft

Driver::
IODRV;IODRV
IODRV

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

mara362 · Příspěvekod **mara362** » 23 říj 2009 21:19

ComboFix 09-10-22.01 - Marek 23.10.2009 21:08.2.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.632 [GMT 2:00]
Spuštěný z: c:\documents and settings\Marek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Marek\Plocha\CFScript.txt
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

FILE ::
"c:\windows\meta4.exe"
"c:\windows\MOTA113.exe"
"c:\windows\system32\emptyregdb.dat"
"c:\windows\system32\ezsidmv.dat"
"c:\windows\system32\x.264.exe"
"c:\windows\x2.64.exe"
"d:\IODrv.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Alcohol Soft
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091004-135106.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091004-135458.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091004-143752.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091005-152441.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091006-175332.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091007-130102.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091007-190129.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091008-134015.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091009-142652.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091010-115021.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091011-104518.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091011-201541.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091012-183136.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091013-155443.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091014-132245.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091015-122905.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091016-124144.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091017-115112.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091018-121706.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091018-155929.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091019-160502.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091020-153532.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091020-170518.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091020-170851.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091020-204307.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091021-165503.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091022-122835.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091022-190834.log
c:\program files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20091023-154258.log
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.bmp
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\cond000.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond001.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond003.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond004.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond005.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond006.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond007.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond008.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond009.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond010.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond011.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond019.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond020.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond021.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond022.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond023.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond024.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond025.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond026.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond037.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond038.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond039.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond040.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond041.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond046.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond048.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond050.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond051.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond052.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond053.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond054.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond055.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond056.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond057.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond058.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond059.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond060.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond061.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond062.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond063.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond064.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond065.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond066.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond067.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond068.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond069.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond075.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond076.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond077.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond078.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond079.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond080.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond084.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond085.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond086.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond087.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond088.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond089.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond090.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond091.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond092.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond093.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond094.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond095.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond108.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond109.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond110.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond111.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond112.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond113.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond120.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond121.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond122.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond126.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond127.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond128.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond129.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond130.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond131.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond132.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond133.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond134.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond135.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond136.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond137.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond138.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond140.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond141.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond142.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond143.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond148.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond149.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond152.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond154.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond155.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond156.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond157.gif
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\noW.gif
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\time.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
c:\windows\meta4.exe
c:\windows\MOTA113.exe
c:\windows\SxsCaPendDel
c:\windows\system32\emptyregdb.dat
c:\windows\system32\ezsidmv.dat
c:\windows\system32\x.264.exe
c:\windows\x2.64.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IODRV
-------\Service_IODRV

((((((((((((((((((((((((( Soubory vytvořené od 2009-09-23 do 2009-10-23 )))))))))))))))))))))))))))))))
.

2009-10-23 15:51 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-23 15:51 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-23 15:51 . 2009-10-23 15:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-21 21:51 . 2009-10-21 22:06 -------- d-----w- c:\program files\TalonSoft
2009-10-20 15:07 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2009-10-20 15:06 . 2008-09-24 08:40 4122368 ----a-r- c:\windows\system32\drivers\alcxwdm.sys
2009-10-20 15:06 . 2009-10-20 15:06 -------- d-----w- c:\program files\Realtek AC97
2009-10-20 15:06 . 2006-12-08 13:20 10528768 ----a-w- c:\windows\system32\RTLCPL.exe
2009-10-20 15:06 . 2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
2009-10-20 15:06 . 2006-10-18 00:53 147456 ----a-w- c:\windows\system32\RtlCPAPI.dll
2009-10-20 15:06 . 2006-07-31 09:27 217088 ----a-w- c:\windows\Alcrmv.exe
2009-10-20 15:06 . 2006-07-31 09:19 315392 ----a-w- c:\windows\alcupd.exe
2009-10-17 19:02 . 1997-01-18 08:40 299520 ----a-w- c:\windows\uninst.exe
2009-10-16 18:14 . 2009-10-16 18:14 -------- d-----w- c:\program files\Codemasters
2009-10-11 18:07 . 2009-10-11 18:08 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2009-10-11 18:04 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-10-11 18:04 . 2005-12-09 01:03 71168 ----a-w- c:\windows\system32\E_FLBBEE.DLL
2009-10-11 18:04 . 2005-04-11 01:01 62976 ----a-w- c:\windows\system32\E_FD4BBEE.DLL
2009-10-11 18:04 . 2004-08-03 20:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-10-11 18:04 . 2004-08-03 20:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-10-11 18:02 . 2009-10-11 18:09 -------- d-----w- c:\program files\epson
2009-10-11 18:02 . 2005-02-24 22:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2009-10-11 18:02 . 2005-02-24 22:00 29696 ----a-w- c:\windows\system32\escwiad.dll
2009-10-11 18:02 . 2005-02-24 22:00 22016 ----a-w- c:\windows\system32\esccmd.dll
2009-10-10 18:25 . 2009-10-10 18:25 -------- d-----w- c:\program files\CyberLink
2009-10-09 21:02 . 2009-10-09 21:02 -------- d-----w- c:\program files\Common Files\DirectX
2009-10-09 20:46 . 2009-10-21 19:29 -------- d-----w- c:\program files\EA GAMES
2009-10-07 12:16 . 2009-10-07 12:16 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-07 12:01 . 2009-10-07 12:01 -------- d-----w- c:\program files\THQ
2009-10-06 20:59 . 2009-10-06 20:59 -------- d-----w- c:\program files\thriXXX
2009-10-05 21:10 . 2009-10-05 21:10 -------- d-----w- c:\program files\Phenomedia AG
2009-10-05 21:10 . 1998-11-17 11:44 328704 ----a-w- c:\windows\IsUn0407.exe
2009-10-02 21:00 . 2009-10-02 21:00 -------- d-----w- c:\documents and settings\Marek\LocalLow
2009-10-02 21:00 . 2009-10-02 22:08 -------- d-----w- c:\program files\TVUPlayer
2009-09-30 13:31 . 2009-10-17 19:02 -------- d-----w- c:\program files\LucasArts
2009-09-30 11:10 . 2009-09-30 11:10 -------- d-----w- c:\program files\MSXML 4.0
2009-09-30 10:37 . 2009-10-07 22:42 -------- d-----w- c:\program files\Microsoft Games
2009-09-29 18:59 . 2009-09-29 18:59 -------- d-----w- c:\program files\PowerISO
2009-09-28 19:03 . 2009-09-28 19:14 -------- d-----w- c:\program files\VirtualBus
2009-09-28 18:28 . 2009-09-28 18:28 -------- d-----w- c:\program files\ACDSee32
2009-09-28 18:06 . 2009-09-28 18:06 -------- d-----w- c:\program files\uTorrent
2009-09-23 19:57 . 2009-09-23 19:57 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-23 18:36 . 2009-09-19 17:56 -------- d-----w- c:\program files\ESET
2009-10-23 14:52 . 2009-09-19 15:41 -------- d-----w- c:\program files\World of Warcraft
2009-10-22 10:34 . 2009-09-19 11:17 -------- d-----w- c:\program files\Java
2009-10-20 15:06 . 2009-09-19 10:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-07 11:05 . 2009-09-19 10:22 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-03 08:56 . 2009-09-19 11:24 -------- d-----w- c:\program files\Winamp
2009-09-23 12:55 . 2009-09-19 18:06 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-21 22:21 . 2009-09-19 17:58 -------- d-----w- c:\program files\MyPhoneExplorer
2009-09-21 19:42 . 2009-09-21 19:42 -------- d-----w- c:\program files\AviSynth 2.5
2009-09-21 19:41 . 2009-09-21 19:41 -------- d-----w- c:\program files\1stbenison
2009-09-19 22:42 . 2009-09-19 21:55 -------- d-----w- c:\program files\FlatOut2
2009-09-19 19:36 . 2009-09-19 19:36 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-09-19 19:34 . 2009-09-19 17:52 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-19 18:05 . 2009-09-19 18:05 -------- d-----w- c:\program files\Curse
2009-09-19 18:04 . 2009-09-19 18:04 -------- d-----w- c:\program files\Skype
2009-09-19 18:04 . 2009-09-19 18:04 -------- d-----w- c:\program files\Common Files\Skype
2009-09-19 18:00 . 2009-09-19 18:00 -------- d-----w- c:\program files\Lavasoft
2009-09-19 17:59 . 2009-09-19 17:58 -------- d-----w- c:\program files\Hamachi
2009-09-19 17:58 . 2009-09-19 17:58 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-09-19 17:58 . 2009-09-19 17:58 -------- d-----w- c:\program files\PSPad editor
2009-09-19 17:56 . 2009-09-19 17:56 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2009-09-19 17:56 . 2009-09-19 17:56 298104 ----a-w- c:\windows\system32\imon.dll
2009-09-19 17:56 . 2009-09-19 17:56 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Western Digital Technologies
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Uniblue
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Trend Micro
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\themes
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\Tetris
2009-09-19 15:41 . 2009-09-19 15:41 -------- d-----w- c:\program files\sgc_3d_sim
2009-09-19 15:41 . 2009-09-19 15:40 -------- d-----w- c:\program files\QIP
2009-09-19 15:40 . 2009-09-19 15:40 -------- d-----w- c:\program files\Psi
2009-09-19 15:40 . 2009-09-19 15:39 -------- d-----w- c:\program files\Mafia
2009-09-19 15:39 . 2009-09-19 15:39 -------- d-----w- c:\program files\HyperSnap 6
2009-09-19 15:38 . 2009-09-19 15:38 -------- d-----w- c:\program files\eRightSoft
2009-09-19 15:38 . 2009-09-19 15:38 -------- d-----w- c:\program files\Corel
2009-09-19 14:34 . 2009-09-19 14:34 -------- d-----w- c:\program files\Webteh
2009-09-19 11:52 . 2009-09-19 11:52 -------- d-----w- c:\program files\A4Tech
2009-09-19 11:19 . 2009-09-19 11:19 -------- d-----w- c:\program files\Opera
2009-09-19 11:18 . 2009-09-19 11:18 -------- d-----w- c:\program files\mpegable
2009-09-19 11:18 . 2009-09-19 11:18 47104 ------w- c:\windows\AKDeInstall.exe
2009-09-19 11:18 . 2009-09-19 11:18 -------- d-----w- c:\program files\Sun
2009-09-19 11:17 . 2009-09-19 11:17 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-19 11:16 . 2009-09-19 11:16 -------- d-----w- c:\program files\IObit
2009-09-19 11:15 . 2009-09-19 11:15 -------- d-----w- c:\program files\CCleaner
2009-09-19 11:14 . 2009-09-19 11:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-19 11:06 . 2009-09-19 11:06 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-19 10:30 . 2009-09-19 10:25 -------- d-----w- c:\program files\ATI Technologies
2009-09-19 10:28 . 2009-09-19 10:28 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-09-19 10:28 . 2001-10-25 14:00 68736 ----a-w- c:\windows\system32\perfc005.dat
2009-09-19 10:28 . 2001-10-25 14:00 389664 ----a-w- c:\windows\system32\perfh005.dat
2009-09-19 10:20 . 2009-09-19 10:20 -------- d-----w- c:\program files\SiSLan
2009-09-19 10:11 . 2009-09-19 10:11 -------- d-----w- c:\program files\microsoft frontpage
2009-09-03 09:17 . 2009-09-21 15:07 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-07-31 13:23 . 2009-09-19 11:18 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- c:\windows\system32\drivers\scdemu.sys
2005-10-07 17:14 . 2005-10-07 17:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2005-07-14 10:31 . 2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 13:32 . 2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 . 2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2006-04-27 08:24 . 2006-04-27 08:24 2945024 --sha-r- c:\windows\system32\Smab.dll
2004-01-24 22:00 . 2004-01-24 22:00 217088 --sha-r- c:\windows\system32\yv12vfw.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-23_18.31.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-23 19:15 . 2009-10-23 19:15 16384 c:\windows\temp\Perflib_Perfdata_5e0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2008-03-06 241664]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-09-19 949376]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Garrysmod\\hl2.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\Psi\\psi.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\Half-Life\\hl.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Games\\Worms Armageddon - New Edition\\WA.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\LucasArts\\Star Wars JK II Jedi Outcast\\GameData\\jk2mp.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"c:\\Half-Life\\hlds.exe"=
"c:\\Half-Life\\hltv.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\World of Warcraft\\Repair.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [19.9.2009 20:06 64288]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [19.9.2009 19:56 15424]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24.9.2009 13:17 1170768]
.
Obsah adresáře 'Naplánované úlohy'

2009-10-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:51]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-23 21:15
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(772)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\combofix\CF21540.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Celkový čas: 2009-10-23 21:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-10-23 19:17
ComboFix2.txt 2009-10-23 18:31

Před spuštěním: Volných bajtů: 47 587 631 104
Po spuštění: Volných bajtů: 47 504 564 224

- - End Of File - - A4782598BB3246C2E5746C3B5F55CF24

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:19:04, on 23.10.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

--
End of file - 4782 bytes

Damned · Příspěvekod **Damned** » 23 říj 2009 21:45

Měl by si to mít z mé strany v pořádku.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
*****************************************************************************************************************************************
Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

Vyčisti systém CCleanerem a použij i T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.

ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se. :bigups:

mara362 · Příspěvekod **mara362** » 23 říj 2009 22:01

hotovo. vše se zdá býti v pořádku, díky moc

Prosím o kontrolu logu (nestabilita systému) Vyřešeno

Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému)

Re: Prosím o kontrolu logu (nestabilita systému) Vyřešeno

Kdo je online