Zdravím můj problém je takový že mi zničeho nic hodnota procesoru zmizla z 1.75 GhZ na 1.05 a sní zmizely FPS ve hře CoD 2...
HJT: Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:53:09, on 11.7.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files\HotKey\hotkey.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\HotKey\OSD.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AMD\RAIDXpert\_jvm\bin\java.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66029
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66029
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [HotKey] C:\Program Files\HotKey\hotkey.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Livestation] C:\Program Files\Livestation\Livestation.exe -startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown owner - C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 16752 bytes
prosím o kontrolu logu-problem s procesorem Vyřešeno
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: prosím o kontrolu logu-problem s procesorem
Odinstaluj si:
ICQ6Toolbar
AskTBar (Ask Toolbar, AskBarDis)
****************************************************************************************************************************************
Spusť HJT, vypni prohlížeče, odpoj se od internetu a fixni (zatrhnout políčko před hodnotou, zmáčknout
"Fix checked"):
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66029
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66029
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66029
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
ICQ6Toolbar
AskTBar (Ask Toolbar, AskBarDis)
****************************************************************************************************************************************
Spusť HJT, vypni prohlížeče, odpoj se od internetu a fixni (zatrhnout políčko před hodnotou, zmáčknout
"Fix checked"):
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66029
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66029
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66029
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: prosím o kontrolu logu-problem s procesorem
ok mallware mam skusim
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: prosím o kontrolu logu-problem s procesorem
Nezkoušej, udělej, máš tam hezkou sbírku.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: prosím o kontrolu logu-problem s procesorem
OK fixnul jsem to co sem měl pak jsem to projel Mallwarem bylo tam toho dost :(( ikdyž jsem projižděl asi před tydnem tak ja vždycky zapomenu aktualizovat :X
Tady je LOG:
Malwarebytes' Anti-Malware 1.38
Verze databáze: 2409
Windows 5.1.2600 Service Pack 2
11.7.2009 20:15:23
mbam-log-2009-07-11 (20-15-15).txt
Typ skenu: Rychlý sken
Objektu skenováno: 98892
Uplynulý cas: 9 minute(s), 52 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 5
Infikované hodnoty registru: 1
Infikované položky dat registru: 2
Infikované složky: 17
Infikované soubory: 133
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Bind (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport (Adware.ShopperReports) -> No action taken.
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
c:\documents and settings\PC\Data aplikací\Zango (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\IESkins (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOI (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOI\static (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOL (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOL\static (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\1 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> No action taken.
Infikované soubory:
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\1406215.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\2048078.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\3404705.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\3720434.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\104622 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\14271 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\15652 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\21669 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\26656 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\271110 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\278016 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\29115 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\29547 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\35006 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\35047 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\42208 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\44228 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\459089 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\471072 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\50887 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\59287 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\64495 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\64517 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\66836 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\744884 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\8120 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\82292 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\83463 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\84449 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\93899 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\98677 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\ustat\380b.dat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Mails.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_weather.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\icons2.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\linkpathlegal.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\progress.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\t2_bg.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\theweb.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\top7.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\tsd_bg.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\progress.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> No action taken.
Tady je LOG:
Malwarebytes' Anti-Malware 1.38
Verze databáze: 2409
Windows 5.1.2600 Service Pack 2
11.7.2009 20:15:23
mbam-log-2009-07-11 (20-15-15).txt
Typ skenu: Rychlý sken
Objektu skenováno: 98892
Uplynulý cas: 9 minute(s), 52 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 5
Infikované hodnoty registru: 1
Infikované položky dat registru: 2
Infikované složky: 17
Infikované soubory: 133
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Bind (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport (Adware.ShopperReports) -> No action taken.
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
c:\documents and settings\PC\Data aplikací\Zango (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\IESkins (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOI (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOI\static (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOL (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\HostOL\static (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\1 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> No action taken.
Infikované soubory:
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\1406215.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\2048078.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\3404705.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\3720434.sdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\104622 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\14271 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\15652 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\21669 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\26656 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\271110 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\278016 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\29115 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\29547 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\35006 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\35047 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\42208 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\44228 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\459089 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\471072 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\50887 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\59287 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\64495 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\64517 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\66836 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\744884 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\8120 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\82292 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\83463 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\84449 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\93899 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\tooltipxml\98677 (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\dynamic\ustat\380b.dat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_Mails.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\d_icons_weather.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\icons2.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\linkpathlegal.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\progress.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\t2_bg.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\theweb.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\top7.cdf (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\tsd_bg.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\progress.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> No action taken.
c:\documents and settings\PC\data aplikací\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> No action taken.
Re: prosím o kontrolu logu-problem s procesorem
Odstranil sem ty viry a pořád ukazuje PROCESOR 1.05 :(
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: prosím o kontrolu logu-problem s procesorem
Nepospíchej.
Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: prosím o kontrolu logu-problem s procesorem
MBam LOG:
Malwarebytes' Anti-Malware 1.38
Verze databáze: 2409
Windows 5.1.2600 Service Pack 2
12.7.2009 0:56:15
mbam-log-2009-07-12 (00-56-15).txt
Typ skenu: Úplný sken (C:\|D:\|)
Objektu skenováno: 251118
Uplynulý cas: 2 hour(s), 15 minute(s), 13 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
žádnej vir... zaatím jdu spát,ráno udělám stím druhým programem
Malwarebytes' Anti-Malware 1.38
Verze databáze: 2409
Windows 5.1.2600 Service Pack 2
12.7.2009 0:56:15
mbam-log-2009-07-12 (00-56-15).txt
Typ skenu: Úplný sken (C:\|D:\|)
Objektu skenováno: 251118
Uplynulý cas: 2 hour(s), 15 minute(s), 13 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
žádnej vir... zaatím jdu spát,ráno udělám stím druhým programem
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: prosím o kontrolu logu-problem s procesorem
Dobrá, zejtra tu taky budu. 
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: prosím o kontrolu logu-problem s procesorem
Combofix log:v
ComboFix 09-07-11.01 - PC 12.07.2009 10:39.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1477 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
c:\recycler\S-1-5-21-1078081533-1004336348-725345543-1003
c:\windows\Installer\164a9a.msi
D:\Autorun.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-06-12 do 2009-07-12 )))))))))))))))))))))))))))))))
.
2009-07-11 16:52 . 2009-07-11 16:52 -------- d-----w- c:\program files\Trend Micro
2009-07-11 10:38 . 2009-07-11 10:38 -------- d-----w- C:\ATI
2009-07-10 20:58 . 2009-07-10 20:58 -------- d-----w- c:\program files\Moyea
2009-07-05 20:56 . 2009-07-05 20:56 -------- d-----w- c:\program files\Tencent
2009-07-05 20:52 . 2009-07-05 20:52 -------- d-----w- c:\program files\Viewpoint
2009-07-05 20:51 . 2009-07-07 10:55 -------- d-----w- c:\program files\Common Files\AOL
2009-07-05 14:41 . 2009-07-05 14:41 -------- d-----w- c:\program files\QIP
2009-07-05 11:16 . 2009-07-05 11:16 -------- d-----w- c:\program files\Defraggler
2009-07-04 16:59 . 2009-07-11 12:24 -------- d-----w- c:\program files\Graffiti Studio 2.0
2009-07-03 09:13 . 2009-07-03 09:13 -------- d-----w- c:\program files\TeamViewer
2009-07-03 09:12 . 2009-07-03 09:12 -------- d-----w- c:\documents and settings\PC\temp
2009-07-02 18:55 . 2009-07-02 18:55 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-06-28 19:14 . 2009-06-28 19:24 -------- d-----w- c:\program files\ICQ6.5
2009-06-28 13:07 . 2009-06-28 13:07 -------- d-----w- c:\program files\Miranda IM
2009-06-28 12:29 . 2009-06-28 19:22 -------- d-----w- c:\program files\ICQ6
2009-06-28 10:28 . 2009-06-28 10:28 -------- d-----w- c:\program files\hotkey
2009-06-28 10:23 . 2006-07-12 02:48 17408 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2009-06-28 10:21 . 2009-06-28 10:21 -------- d-----w- C:\Genius
2009-06-25 18:27 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-25 18:27 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-25 18:26 . 2009-06-25 18:26 -------- d-----w- c:\program files\iPod
2009-06-25 18:26 . 2009-06-25 18:27 -------- d-----w- c:\program files\iTunes
2009-06-25 18:25 . 2009-06-25 18:25 -------- d-----w- c:\program files\Bonjour
2009-06-25 18:14 . 2009-06-25 18:15 -------- d-----w- c:\program files\QuickTime
2009-06-23 20:01 . 2009-06-23 20:01 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-22 15:23 . 2009-06-22 15:23 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Real
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Common Files\Real
2009-06-20 11:18 . 2009-06-20 11:18 -------- d-----w- c:\program files\Metin2_CZ
2009-06-16 17:36 . 2009-07-12 08:00 -------- d-----w- c:\program files\Steam
2009-06-15 10:35 . 2009-06-15 10:36 -------- d-----w- c:\program files\VentriloMIX
2009-06-15 10:25 . 2009-06-15 10:25 -------- d-----w- c:\program files\VentSrv
2009-06-14 21:22 . 2009-06-14 21:22 -------- d-----w- c:\program files\PhotoDreamr
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 19:57 . 2009-02-08 21:30 -------- d-----w- c:\program files\PokerStars
2009-07-11 17:40 . 2008-12-20 10:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-10 20:57 . 2008-10-15 19:02 -------- d-----w- c:\program files\WM Converter
2009-07-10 20:26 . 2007-09-18 14:23 137928 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-10 20:25 . 2007-10-08 13:40 189768 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-09 09:40 . 2008-11-08 18:24 -------- d-s---w- c:\program files\Xfire
2009-06-30 10:21 . 2008-12-23 10:16 -------- d-----w- c:\program files\SweetIM
2009-06-29 18:36 . 2007-09-17 08:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-29 11:08 . 2008-12-12 21:38 -------- d-----w- c:\program files\ICQ6Toolbar
2009-06-27 18:50 . 2007-10-06 22:35 -------- d-----w- c:\program files\BitComet
2009-06-26 18:39 . 2009-05-31 19:09 -------- d-----w- c:\program files\Valve
2009-06-25 18:26 . 2008-04-22 15:57 -------- d-----w- c:\program files\Common Files\Apple
2009-06-23 20:01 . 2008-03-28 18:08 -------- d-----w- c:\program files\DivX
2009-06-22 15:22 . 2003-03-17 21:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-19 20:32 . 2008-10-03 20:45 -------- d-s---w- c:\program files\HLSW
2009-06-18 21:10 . 2008-08-12 17:29 -------- d-----w- c:\program files\mIRC
2009-06-17 09:27 . 2008-12-20 10:12 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 09:27 . 2008-12-20 10:12 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-16 11:53 . 2007-09-17 10:09 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-15 10:36 . 2009-05-08 22:28 -------- d-----w- c:\program files\Ventrilo
2009-06-15 10:36 . 2008-01-04 16:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-12 20:20 . 2008-09-04 15:43 -------- d-----w- c:\program files\Spyware Terminator
2009-06-12 16:20 . 2007-09-17 09:30 -------- d-----w- c:\program files\Lavalys
2009-06-12 13:20 . 2008-06-17 15:16 -------- d-----w- c:\program files\Electronic Arts
2009-06-11 22:09 . 2009-06-11 22:09 -------- d-----w- c:\program files\PC Info
2009-06-10 13:31 . 2007-09-27 12:23 -------- d-----w- c:\program files\GamePark
2009-06-09 21:43 . 2008-04-26 08:06 -------- d-----w- c:\program files\SiSoftware
2009-06-09 14:50 . 2009-06-09 13:47 -------- d-----w- c:\program files\Disney Interactive Studios
2009-06-09 13:47 . 2009-06-08 21:26 -------- d-----w- c:\program files\RegCleaner
2009-06-09 13:47 . 2009-06-09 13:47 -------- d-----w- c:\program files\Common Files\Skype
2009-06-09 13:47 . 2007-09-17 16:18 -------- d-----w- c:\program files\Skype
2009-06-08 21:30 . 2009-06-08 21:30 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-08 09:58 . 2008-08-01 16:58 -------- d-----w- c:\program files\SystemRequirementsLab
2009-06-07 21:46 . 2009-06-07 21:37 -------- d-----w- c:\program files\Cool CENZURA
2009-05-29 13:59 . 2009-05-29 13:59 -------- d-----w- c:\program files\Aspyr Media, Inc
2009-05-26 20:23 . 2007-10-06 22:36 -------- d-----w- c:\program files\Google
2009-05-24 15:34 . 2009-05-24 15:34 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-05-24 15:34 . 2009-05-24 15:34 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\OpenAL
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\Livestation
2009-05-21 12:15 . 2009-05-21 12:15 -------- d-----w- c:\program files\Velvetmatter
2009-05-16 15:12 . 2009-05-15 22:11 -------- d-----w- c:\program files\Garena
2009-05-06 13:47 . 2004-08-18 12:00 78060 ----a-w- c:\windows\system32\perfc005.dat
2009-05-06 13:47 . 2004-08-18 12:00 412618 ----a-w- c:\windows\system32\perfh005.dat
2009-05-01 11:24 . 2009-05-01 11:24 30464 ----a-w- c:\program files\XFire1101CZ.rar
2009-04-21 20:42 . 2008-08-29 16:45 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2008-11-27 16:22 . 2009-05-01 11:24 139600 ----a-w- c:\program files\xfire_lang_cz.dll
2009-06-12 15:48 . 2009-05-16 15:03 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-05-20 12:36 1258808 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-18 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"Google Update"="c:\documents and settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-12-02 133104]
"Livestation"="c:\program files\Livestation\Livestation.exe" [2009-03-30 2027520]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-26 39408]
"Steam"="c:\program files\Steam\Steam.exe" [2009-06-16 1217784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\Winampa.exe" [2003-04-02 12288]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-08 1783808]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-22 198160]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"HotKey"="c:\program files\HotKey\hotkey.exe" [2008-03-06 86016]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2008-11-29 625952]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-4-18 534016]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\MSI\\MyGuard Live\\MyGuard Live.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ubi.com\\Core\\GS4.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Ubi Soft\\IL2 Sturmovik\\il2.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\ua_lsp_inst.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Documents and Settings\\PC\\Dokumenty\\StrongDC.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX_dx10.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Documents and Settings\\PC\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"d:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"d:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Graffiti Studio 2.0\\Graffiti Studio.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21312:TCP"= 21312:TCP:*:Disabled:aaa
"27618:TCP"= 27618:TCP:BitComet 27618 TCP
"27618:UDP"= 27618:UDP:BitComet 27618 UDP
"9809:TCP"= 9809:TCP:BitComet 9809 TCP
"9809:UDP"= 9809:UDP:BitComet 9809 UDP
"5353:TCP"= 5353:TCP:Adobe CSI CS4
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [13.9.2007 10:48 77312]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 19:56 34312]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [6.5.2008 19:03 11776]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [4.9.2008 17:43 141312]
R2 AMDRAIDXpert;AMD RAIDXpert;c:\program files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe [29.9.2003 8:30 110592]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [10.6.2008 19:53 468224]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [30.12.2007 19:11 9728]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [25.6.2009 9:22 185640]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [5.7.2009 22:52 24652]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [28.6.2009 12:23 17408]
S1 MUsbFltr;WayTechUSBFilterDriver; [x]
S1 UsbFltr;WayTechUSBFilterDriver; [x]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2.8.2005 23:10 32512]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 16:21 30720]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3B6F3917-0B5C-9D48-4C95-15D496D553DB}]
c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP\FRAPS2~1.EXE
.
Obsah adresáře 'Naplánované úlohy'
2009-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-07-12 c:\windows\Tasks\User_Feed_Synchronization-{1A97B1E1-ADC6-496D-A5D3-4912F730985C}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
2009-07-12 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 20:18]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-ICQ - ~c:\program files\ICQ6\ICQ.exe
SafeBoot-AVG Anti-Spyware Driver
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
LSP: xfire_lsp_9028.dll
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - component: c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-12 10:45
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
C:\sccfg.sys 20 bytes
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:74,a9,d3,fe,fb,10,50,54,a6,e6,20,1b,0b,16,4d,19,ef,42,4b,69,a1,80,f4,
53,a2,4b,87,7b,9a,f2,34,43,4c,02,d0,14,02,07,37,19,08,a4,d7,87,46,15,97,60,\
"??"=hex:6e,b9,a4,6b,ab,9d,63,2f,a3,2b,9b,27,1d,dd,69,4e
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:c4,2d,64,f7,fb,94,16,01,6f,12,32,98,1d,22,84,62,b3,92,db,24,90,
72,7a,8e,3b,36,2d,23,67,66,c7,54,ae,74,67,e0,6d,f4,a5,a5,2b,a4,27,49,4d,4a,\
"rkeysecu"=hex:fd,b2,2a,6e,4d,9d,14,e9,6d,ca,26,27,9a,d1,aa,18
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(824)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(880)
c:\windows\system32\xfire_lsp_9028.dll
.
Celkový čas: 2009-07-12 10:49
ComboFix-quarantined-files.txt 2009-07-12 08:48
Před spuštěním: 1 680 277 504
Po spuštění: 3 650 195 456
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
278 --- E O F --- 2009-05-07 22:39
ComboFix 09-07-11.01 - PC 12.07.2009 10:39.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1477 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
c:\recycler\S-1-5-21-1078081533-1004336348-725345543-1003
c:\windows\Installer\164a9a.msi
D:\Autorun.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-06-12 do 2009-07-12 )))))))))))))))))))))))))))))))
.
2009-07-11 16:52 . 2009-07-11 16:52 -------- d-----w- c:\program files\Trend Micro
2009-07-11 10:38 . 2009-07-11 10:38 -------- d-----w- C:\ATI
2009-07-10 20:58 . 2009-07-10 20:58 -------- d-----w- c:\program files\Moyea
2009-07-05 20:56 . 2009-07-05 20:56 -------- d-----w- c:\program files\Tencent
2009-07-05 20:52 . 2009-07-05 20:52 -------- d-----w- c:\program files\Viewpoint
2009-07-05 20:51 . 2009-07-07 10:55 -------- d-----w- c:\program files\Common Files\AOL
2009-07-05 14:41 . 2009-07-05 14:41 -------- d-----w- c:\program files\QIP
2009-07-05 11:16 . 2009-07-05 11:16 -------- d-----w- c:\program files\Defraggler
2009-07-04 16:59 . 2009-07-11 12:24 -------- d-----w- c:\program files\Graffiti Studio 2.0
2009-07-03 09:13 . 2009-07-03 09:13 -------- d-----w- c:\program files\TeamViewer
2009-07-03 09:12 . 2009-07-03 09:12 -------- d-----w- c:\documents and settings\PC\temp
2009-07-02 18:55 . 2009-07-02 18:55 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-06-28 19:14 . 2009-06-28 19:24 -------- d-----w- c:\program files\ICQ6.5
2009-06-28 13:07 . 2009-06-28 13:07 -------- d-----w- c:\program files\Miranda IM
2009-06-28 12:29 . 2009-06-28 19:22 -------- d-----w- c:\program files\ICQ6
2009-06-28 10:28 . 2009-06-28 10:28 -------- d-----w- c:\program files\hotkey
2009-06-28 10:23 . 2006-07-12 02:48 17408 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2009-06-28 10:21 . 2009-06-28 10:21 -------- d-----w- C:\Genius
2009-06-25 18:27 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-25 18:27 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-25 18:26 . 2009-06-25 18:26 -------- d-----w- c:\program files\iPod
2009-06-25 18:26 . 2009-06-25 18:27 -------- d-----w- c:\program files\iTunes
2009-06-25 18:25 . 2009-06-25 18:25 -------- d-----w- c:\program files\Bonjour
2009-06-25 18:14 . 2009-06-25 18:15 -------- d-----w- c:\program files\QuickTime
2009-06-23 20:01 . 2009-06-23 20:01 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-22 15:23 . 2009-06-22 15:23 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Real
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Common Files\Real
2009-06-20 11:18 . 2009-06-20 11:18 -------- d-----w- c:\program files\Metin2_CZ
2009-06-16 17:36 . 2009-07-12 08:00 -------- d-----w- c:\program files\Steam
2009-06-15 10:35 . 2009-06-15 10:36 -------- d-----w- c:\program files\VentriloMIX
2009-06-15 10:25 . 2009-06-15 10:25 -------- d-----w- c:\program files\VentSrv
2009-06-14 21:22 . 2009-06-14 21:22 -------- d-----w- c:\program files\PhotoDreamr
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 19:57 . 2009-02-08 21:30 -------- d-----w- c:\program files\PokerStars
2009-07-11 17:40 . 2008-12-20 10:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-10 20:57 . 2008-10-15 19:02 -------- d-----w- c:\program files\WM Converter
2009-07-10 20:26 . 2007-09-18 14:23 137928 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-10 20:25 . 2007-10-08 13:40 189768 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-09 09:40 . 2008-11-08 18:24 -------- d-s---w- c:\program files\Xfire
2009-06-30 10:21 . 2008-12-23 10:16 -------- d-----w- c:\program files\SweetIM
2009-06-29 18:36 . 2007-09-17 08:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-29 11:08 . 2008-12-12 21:38 -------- d-----w- c:\program files\ICQ6Toolbar
2009-06-27 18:50 . 2007-10-06 22:35 -------- d-----w- c:\program files\BitComet
2009-06-26 18:39 . 2009-05-31 19:09 -------- d-----w- c:\program files\Valve
2009-06-25 18:26 . 2008-04-22 15:57 -------- d-----w- c:\program files\Common Files\Apple
2009-06-23 20:01 . 2008-03-28 18:08 -------- d-----w- c:\program files\DivX
2009-06-22 15:22 . 2003-03-17 21:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-19 20:32 . 2008-10-03 20:45 -------- d-s---w- c:\program files\HLSW
2009-06-18 21:10 . 2008-08-12 17:29 -------- d-----w- c:\program files\mIRC
2009-06-17 09:27 . 2008-12-20 10:12 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 09:27 . 2008-12-20 10:12 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-16 11:53 . 2007-09-17 10:09 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-15 10:36 . 2009-05-08 22:28 -------- d-----w- c:\program files\Ventrilo
2009-06-15 10:36 . 2008-01-04 16:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-12 20:20 . 2008-09-04 15:43 -------- d-----w- c:\program files\Spyware Terminator
2009-06-12 16:20 . 2007-09-17 09:30 -------- d-----w- c:\program files\Lavalys
2009-06-12 13:20 . 2008-06-17 15:16 -------- d-----w- c:\program files\Electronic Arts
2009-06-11 22:09 . 2009-06-11 22:09 -------- d-----w- c:\program files\PC Info
2009-06-10 13:31 . 2007-09-27 12:23 -------- d-----w- c:\program files\GamePark
2009-06-09 21:43 . 2008-04-26 08:06 -------- d-----w- c:\program files\SiSoftware
2009-06-09 14:50 . 2009-06-09 13:47 -------- d-----w- c:\program files\Disney Interactive Studios
2009-06-09 13:47 . 2009-06-08 21:26 -------- d-----w- c:\program files\RegCleaner
2009-06-09 13:47 . 2009-06-09 13:47 -------- d-----w- c:\program files\Common Files\Skype
2009-06-09 13:47 . 2007-09-17 16:18 -------- d-----w- c:\program files\Skype
2009-06-08 21:30 . 2009-06-08 21:30 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-08 09:58 . 2008-08-01 16:58 -------- d-----w- c:\program files\SystemRequirementsLab
2009-06-07 21:46 . 2009-06-07 21:37 -------- d-----w- c:\program files\Cool CENZURA
2009-05-29 13:59 . 2009-05-29 13:59 -------- d-----w- c:\program files\Aspyr Media, Inc
2009-05-26 20:23 . 2007-10-06 22:36 -------- d-----w- c:\program files\Google
2009-05-24 15:34 . 2009-05-24 15:34 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-05-24 15:34 . 2009-05-24 15:34 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\OpenAL
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\Livestation
2009-05-21 12:15 . 2009-05-21 12:15 -------- d-----w- c:\program files\Velvetmatter
2009-05-16 15:12 . 2009-05-15 22:11 -------- d-----w- c:\program files\Garena
2009-05-06 13:47 . 2004-08-18 12:00 78060 ----a-w- c:\windows\system32\perfc005.dat
2009-05-06 13:47 . 2004-08-18 12:00 412618 ----a-w- c:\windows\system32\perfh005.dat
2009-05-01 11:24 . 2009-05-01 11:24 30464 ----a-w- c:\program files\XFire1101CZ.rar
2009-04-21 20:42 . 2008-08-29 16:45 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2008-11-27 16:22 . 2009-05-01 11:24 139600 ----a-w- c:\program files\xfire_lang_cz.dll
2009-06-12 15:48 . 2009-05-16 15:03 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-05-20 12:36 1258808 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-18 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"Google Update"="c:\documents and settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-12-02 133104]
"Livestation"="c:\program files\Livestation\Livestation.exe" [2009-03-30 2027520]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-26 39408]
"Steam"="c:\program files\Steam\Steam.exe" [2009-06-16 1217784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\Winampa.exe" [2003-04-02 12288]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-08 1783808]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-22 198160]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"HotKey"="c:\program files\HotKey\hotkey.exe" [2008-03-06 86016]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2008-11-29 625952]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-4-18 534016]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\MSI\\MyGuard Live\\MyGuard Live.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ubi.com\\Core\\GS4.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Ubi Soft\\IL2 Sturmovik\\il2.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\ua_lsp_inst.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Documents and Settings\\PC\\Dokumenty\\StrongDC.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX_dx10.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Documents and Settings\\PC\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"d:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"d:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Graffiti Studio 2.0\\Graffiti Studio.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21312:TCP"= 21312:TCP:*:Disabled:aaa
"27618:TCP"= 27618:TCP:BitComet 27618 TCP
"27618:UDP"= 27618:UDP:BitComet 27618 UDP
"9809:TCP"= 9809:TCP:BitComet 9809 TCP
"9809:UDP"= 9809:UDP:BitComet 9809 UDP
"5353:TCP"= 5353:TCP:Adobe CSI CS4
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [13.9.2007 10:48 77312]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 19:56 34312]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [6.5.2008 19:03 11776]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [4.9.2008 17:43 141312]
R2 AMDRAIDXpert;AMD RAIDXpert;c:\program files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe [29.9.2003 8:30 110592]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [10.6.2008 19:53 468224]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [30.12.2007 19:11 9728]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [25.6.2009 9:22 185640]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [5.7.2009 22:52 24652]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [28.6.2009 12:23 17408]
S1 MUsbFltr;WayTechUSBFilterDriver; [x]
S1 UsbFltr;WayTechUSBFilterDriver; [x]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2.8.2005 23:10 32512]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 16:21 30720]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3B6F3917-0B5C-9D48-4C95-15D496D553DB}]
c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP\FRAPS2~1.EXE
.
Obsah adresáře 'Naplánované úlohy'
2009-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-07-12 c:\windows\Tasks\User_Feed_Synchronization-{1A97B1E1-ADC6-496D-A5D3-4912F730985C}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
2009-07-12 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 20:18]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-ICQ - ~c:\program files\ICQ6\ICQ.exe
SafeBoot-AVG Anti-Spyware Driver
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
LSP: xfire_lsp_9028.dll
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - component: c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-12 10:45
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
C:\sccfg.sys 20 bytes
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:74,a9,d3,fe,fb,10,50,54,a6,e6,20,1b,0b,16,4d,19,ef,42,4b,69,a1,80,f4,
53,a2,4b,87,7b,9a,f2,34,43,4c,02,d0,14,02,07,37,19,08,a4,d7,87,46,15,97,60,\
"??"=hex:6e,b9,a4,6b,ab,9d,63,2f,a3,2b,9b,27,1d,dd,69,4e
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:c4,2d,64,f7,fb,94,16,01,6f,12,32,98,1d,22,84,62,b3,92,db,24,90,
72,7a,8e,3b,36,2d,23,67,66,c7,54,ae,74,67,e0,6d,f4,a5,a5,2b,a4,27,49,4d,4a,\
"rkeysecu"=hex:fd,b2,2a,6e,4d,9d,14,e9,6d,ca,26,27,9a,d1,aa,18
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(824)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(880)
c:\windows\system32\xfire_lsp_9028.dll
.
Celkový čas: 2009-07-12 10:49
ComboFix-quarantined-files.txt 2009-07-12 08:48
Před spuštěním: 1 680 277 504
Po spuštění: 3 650 195 456
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
278 --- E O F --- 2009-05-07 22:39
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: prosím o kontrolu logu-problem s procesorem
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:
File::
c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP
C:\sccfg.sys
Folder::
c:\program files\ICQ6Toolbar
c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP
Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"=dword:0000000
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3B6F3917-0B5C-9D48-4C95-15D496D553DB}]
Driver::
MUsbFltr;WayTechUSBFilterDriver
MUsbFltr
UsbFltr;WayTechUSBFilterDriver
UsbFltr
sccfg
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače
Zkopíruj do něj následující celý text označený zeleně:
File::
c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP
C:\sccfg.sys
Folder::
c:\program files\ICQ6Toolbar
c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP
Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"=dword:0000000
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3B6F3917-0B5C-9D48-4C95-15D496D553DB}]
Driver::
MUsbFltr;WayTechUSBFilterDriver
MUsbFltr
UsbFltr;WayTechUSBFilterDriver
UsbFltr
sccfg
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: prosím o kontrolu logu-problem s procesorem
CombofiX:
ComboFix 09-07-11.01 - PC 12.07.2009 20:14.2.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1498 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FILE ::
"c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP"
"C:\sccfg.sys"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_MUsbFltr
-------\Service_UsbFltr
((((((((((((((((((((((((( Soubory vytvořené od 2009-06-12 do 2009-07-12 )))))))))))))))))))))))))))))))
.
2009-07-11 16:52 . 2009-07-11 16:52 -------- d-----w- c:\program files\Trend Micro
2009-07-11 10:38 . 2009-07-11 10:38 -------- d-----w- C:\ATI
2009-07-10 20:58 . 2009-07-10 20:58 -------- d-----w- c:\program files\Moyea
2009-07-05 20:56 . 2009-07-05 20:56 -------- d-----w- c:\program files\Tencent
2009-07-05 20:52 . 2009-07-05 20:52 -------- d-----w- c:\program files\Viewpoint
2009-07-05 20:51 . 2009-07-07 10:55 -------- d-----w- c:\program files\Common Files\AOL
2009-07-05 14:41 . 2009-07-05 14:41 -------- d-----w- c:\program files\QIP
2009-07-05 11:16 . 2009-07-05 11:16 -------- d-----w- c:\program files\Defraggler
2009-07-04 16:59 . 2009-07-11 12:24 -------- d-----w- c:\program files\Graffiti Studio 2.0
2009-07-03 09:13 . 2009-07-03 09:13 -------- d-----w- c:\program files\TeamViewer
2009-07-03 09:12 . 2009-07-03 09:12 -------- d-----w- c:\documents and settings\PC\temp
2009-07-02 18:55 . 2009-07-02 18:55 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-06-28 19:14 . 2009-06-28 19:24 -------- d-----w- c:\program files\ICQ6.5
2009-06-28 13:07 . 2009-06-28 13:07 -------- d-----w- c:\program files\Miranda IM
2009-06-28 12:29 . 2009-06-28 19:22 -------- d-----w- c:\program files\ICQ6
2009-06-28 10:28 . 2009-06-28 10:28 -------- d-----w- c:\program files\hotkey
2009-06-28 10:23 . 2006-07-12 02:48 17408 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2009-06-28 10:21 . 2009-06-28 10:21 -------- d-----w- C:\Genius
2009-06-25 18:27 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-25 18:27 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-25 18:26 . 2009-06-25 18:26 -------- d-----w- c:\program files\iPod
2009-06-25 18:26 . 2009-06-25 18:27 -------- d-----w- c:\program files\iTunes
2009-06-25 18:25 . 2009-06-25 18:25 -------- d-----w- c:\program files\Bonjour
2009-06-25 18:14 . 2009-06-25 18:15 -------- d-----w- c:\program files\QuickTime
2009-06-23 20:01 . 2009-06-23 20:01 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-22 15:23 . 2009-06-22 15:23 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Real
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Common Files\Real
2009-06-20 11:18 . 2009-06-20 11:18 -------- d-----w- c:\program files\Metin2_CZ
2009-06-16 17:36 . 2009-07-12 18:22 -------- d-----w- c:\program files\Steam
2009-06-15 10:35 . 2009-06-15 10:36 -------- d-----w- c:\program files\VentriloMIX
2009-06-15 10:25 . 2009-06-15 10:25 -------- d-----w- c:\program files\VentSrv
2009-06-14 21:22 . 2009-06-14 21:22 -------- d-----w- c:\program files\PhotoDreamr
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 19:57 . 2009-02-08 21:30 -------- d-----w- c:\program files\PokerStars
2009-07-11 17:40 . 2008-12-20 10:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-10 20:57 . 2008-10-15 19:02 -------- d-----w- c:\program files\WM Converter
2009-07-10 20:26 . 2007-09-18 14:23 137928 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-10 20:25 . 2007-10-08 13:40 189768 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-09 09:40 . 2008-11-08 18:24 -------- d-s---w- c:\program files\Xfire
2009-06-30 10:21 . 2008-12-23 10:16 -------- d-----w- c:\program files\SweetIM
2009-06-29 18:36 . 2007-09-17 08:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-27 18:50 . 2007-10-06 22:35 -------- d-----w- c:\program files\BitComet
2009-06-26 18:39 . 2009-05-31 19:09 -------- d-----w- c:\program files\Valve
2009-06-25 18:26 . 2008-04-22 15:57 -------- d-----w- c:\program files\Common Files\Apple
2009-06-23 20:01 . 2008-03-28 18:08 -------- d-----w- c:\program files\DivX
2009-06-22 15:22 . 2003-03-17 21:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-19 20:32 . 2008-10-03 20:45 -------- d-s---w- c:\program files\HLSW
2009-06-18 21:10 . 2008-08-12 17:29 -------- d-----w- c:\program files\mIRC
2009-06-17 09:27 . 2008-12-20 10:12 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 09:27 . 2008-12-20 10:12 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-16 11:53 . 2007-09-17 10:09 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-15 10:36 . 2009-05-08 22:28 -------- d-----w- c:\program files\Ventrilo
2009-06-15 10:36 . 2008-01-04 16:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-12 20:20 . 2008-09-04 15:43 -------- d-----w- c:\program files\Spyware Terminator
2009-06-12 16:20 . 2007-09-17 09:30 -------- d-----w- c:\program files\Lavalys
2009-06-12 13:20 . 2008-06-17 15:16 -------- d-----w- c:\program files\Electronic Arts
2009-06-11 22:09 . 2009-06-11 22:09 -------- d-----w- c:\program files\PC Info
2009-06-10 13:31 . 2007-09-27 12:23 -------- d-----w- c:\program files\GamePark
2009-06-09 21:43 . 2008-04-26 08:06 -------- d-----w- c:\program files\SiSoftware
2009-06-09 14:50 . 2009-06-09 13:47 -------- d-----w- c:\program files\Disney Interactive Studios
2009-06-09 13:47 . 2009-06-08 21:26 -------- d-----w- c:\program files\RegCleaner
2009-06-09 13:47 . 2009-06-09 13:47 -------- d-----w- c:\program files\Common Files\Skype
2009-06-09 13:47 . 2007-09-17 16:18 -------- d-----w- c:\program files\Skype
2009-06-08 21:30 . 2009-06-08 21:30 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-08 09:58 . 2008-08-01 16:58 -------- d-----w- c:\program files\SystemRequirementsLab
2009-06-07 21:46 . 2009-06-07 21:37 -------- d-----w- c:\program files\Cool CENZURA
2009-05-29 13:59 . 2009-05-29 13:59 -------- d-----w- c:\program files\Aspyr Media, Inc
2009-05-26 20:23 . 2007-10-06 22:36 -------- d-----w- c:\program files\Google
2009-05-24 15:34 . 2009-05-24 15:34 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-05-24 15:34 . 2009-05-24 15:34 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\OpenAL
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\Livestation
2009-05-21 12:15 . 2009-05-21 12:15 -------- d-----w- c:\program files\Velvetmatter
2009-05-16 15:12 . 2009-05-15 22:11 -------- d-----w- c:\program files\Garena
2009-05-06 13:47 . 2004-08-18 12:00 78060 ----a-w- c:\windows\system32\perfc005.dat
2009-05-06 13:47 . 2004-08-18 12:00 412618 ----a-w- c:\windows\system32\perfh005.dat
2009-05-01 11:24 . 2009-05-01 11:24 30464 ----a-w- c:\program files\XFire1101CZ.rar
2009-04-21 20:42 . 2008-08-29 16:45 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2008-11-27 16:22 . 2009-05-01 11:24 139600 ----a-w- c:\program files\xfire_lang_cz.dll
2009-06-12 15:48 . 2009-05-16 15:03 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-07-12_08.45.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 18:23 . 2009-07-12 18:23 16384 c:\windows\Temp\Perflib_Perfdata_bb4.dat
+ 2009-07-12 18:23 . 2009-07-12 18:23 16384 c:\windows\Temp\Perflib_Perfdata_b10.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-05-20 12:36 1258808 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-18 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"Google Update"="c:\documents and settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-12-02 133104]
"Livestation"="c:\program files\Livestation\Livestation.exe" [2009-03-30 2027520]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-26 39408]
"Steam"="c:\program files\Steam\Steam.exe" [2009-06-16 1217784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\Winampa.exe" [2003-04-02 12288]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-08 1783808]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-22 198160]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"HotKey"="c:\program files\HotKey\hotkey.exe" [2008-03-06 86016]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2008-11-29 625952]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-4-18 534016]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\MSI\\MyGuard Live\\MyGuard Live.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ubi.com\\Core\\GS4.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Ubi Soft\\IL2 Sturmovik\\il2.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\ua_lsp_inst.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Documents and Settings\\PC\\Dokumenty\\StrongDC.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX_dx10.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Documents and Settings\\PC\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"d:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"d:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Graffiti Studio 2.0\\Graffiti Studio.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21312:TCP"= 21312:TCP:*:Disabled:aaa
"27618:TCP"= 27618:TCP:BitComet 27618 TCP
"27618:UDP"= 27618:UDP:BitComet 27618 UDP
"9809:TCP"= 9809:TCP:BitComet 9809 TCP
"9809:UDP"= 9809:UDP:BitComet 9809 UDP
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [13.9.2007 10:48 77312]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 19:56 34312]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [6.5.2008 19:03 11776]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [4.9.2008 17:43 141312]
R2 AMDRAIDXpert;AMD RAIDXpert;c:\program files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe [29.9.2003 8:30 110592]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [10.6.2008 19:53 468224]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [30.12.2007 19:11 9728]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [25.6.2009 9:22 185640]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [5.7.2009 22:52 24652]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [28.6.2009 12:23 17408]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2.8.2005 23:10 32512]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 16:21 30720]
.
Obsah adresáře 'Naplánované úlohy'
2009-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-07-12 c:\windows\Tasks\User_Feed_Synchronization-{1A97B1E1-ADC6-496D-A5D3-4912F730985C}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
2009-07-12 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 20:18]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
LSP: xfire_lsp_9028.dll
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - component: c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-12 20:26
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
C:\sccfg.sys 20 bytes
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:74,a9,d3,fe,fb,10,50,54,a6,e6,20,1b,0b,16,4d,19,ef,42,4b,69,a1,80,f4,
53,a2,4b,87,7b,9a,f2,34,43,4c,02,d0,14,02,07,37,19,08,a4,d7,87,46,15,97,60,\
"??"=hex:6e,b9,a4,6b,ab,9d,63,2f,a3,2b,9b,27,1d,dd,69,4e
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:c4,2d,64,f7,fb,94,16,01,6f,12,32,98,1d,22,84,62,b3,92,db,24,90,
72,7a,8e,3b,36,2d,23,67,66,c7,54,ae,74,67,e0,6d,f4,a5,a5,2b,a4,27,49,4d,4a,\
"rkeysecu"=hex:fd,b2,2a,6e,4d,9d,14,e9,6d,ca,26,27,9a,d1,aa,18
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(828)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(884)
c:\windows\system32\xfire_lsp_9028.dll
- - - - - - - > 'explorer.exe'(1872)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\msi.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\documents and settings\PC\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
c:\windows\system32\netdde.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\clipsrv.exe
c:\program files\AMD\RAIDXpert\_jvm\bin\java.exe
c:\program files\Common Files\Nokia\MPAPI\MPAPI3s.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2009-07-12 20:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-07-12 18:30
ComboFix2.txt 2009-07-12 08:49
Před spuštěním: 3 709 493 248
Po spuštění: 3 570 155 520
Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
309 --- E O F --- 2009-05-07 22:39
HJT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:38, on 12.7.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HotKey\hotkey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\AMD\RAIDXpert\_jvm\bin\java.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [HotKey] C:\Program Files\HotKey\hotkey.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Livestation] C:\Program Files\Livestation\Livestation.exe -startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS4\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown owner - C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 12531 bytes
ComboFix 09-07-11.01 - PC 12.07.2009 20:14.2.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1498 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FILE ::
"c:\docume~1\PC\LOCALS~1\Temp\IXP000.TMP"
"C:\sccfg.sys"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_MUsbFltr
-------\Service_UsbFltr
((((((((((((((((((((((((( Soubory vytvořené od 2009-06-12 do 2009-07-12 )))))))))))))))))))))))))))))))
.
2009-07-11 16:52 . 2009-07-11 16:52 -------- d-----w- c:\program files\Trend Micro
2009-07-11 10:38 . 2009-07-11 10:38 -------- d-----w- C:\ATI
2009-07-10 20:58 . 2009-07-10 20:58 -------- d-----w- c:\program files\Moyea
2009-07-05 20:56 . 2009-07-05 20:56 -------- d-----w- c:\program files\Tencent
2009-07-05 20:52 . 2009-07-05 20:52 -------- d-----w- c:\program files\Viewpoint
2009-07-05 20:51 . 2009-07-07 10:55 -------- d-----w- c:\program files\Common Files\AOL
2009-07-05 14:41 . 2009-07-05 14:41 -------- d-----w- c:\program files\QIP
2009-07-05 11:16 . 2009-07-05 11:16 -------- d-----w- c:\program files\Defraggler
2009-07-04 16:59 . 2009-07-11 12:24 -------- d-----w- c:\program files\Graffiti Studio 2.0
2009-07-03 09:13 . 2009-07-03 09:13 -------- d-----w- c:\program files\TeamViewer
2009-07-03 09:12 . 2009-07-03 09:12 -------- d-----w- c:\documents and settings\PC\temp
2009-07-02 18:55 . 2009-07-02 18:55 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-06-28 19:14 . 2009-06-28 19:24 -------- d-----w- c:\program files\ICQ6.5
2009-06-28 13:07 . 2009-06-28 13:07 -------- d-----w- c:\program files\Miranda IM
2009-06-28 12:29 . 2009-06-28 19:22 -------- d-----w- c:\program files\ICQ6
2009-06-28 10:28 . 2009-06-28 10:28 -------- d-----w- c:\program files\hotkey
2009-06-28 10:23 . 2006-07-12 02:48 17408 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2009-06-28 10:21 . 2009-06-28 10:21 -------- d-----w- C:\Genius
2009-06-25 18:27 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-25 18:27 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-25 18:26 . 2009-06-25 18:26 -------- d-----w- c:\program files\iPod
2009-06-25 18:26 . 2009-06-25 18:27 -------- d-----w- c:\program files\iTunes
2009-06-25 18:25 . 2009-06-25 18:25 -------- d-----w- c:\program files\Bonjour
2009-06-25 18:14 . 2009-06-25 18:15 -------- d-----w- c:\program files\QuickTime
2009-06-23 20:01 . 2009-06-23 20:01 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-22 15:23 . 2009-06-22 15:23 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Real
2009-06-22 15:22 . 2009-06-22 15:22 -------- d-----w- c:\program files\Common Files\Real
2009-06-20 11:18 . 2009-06-20 11:18 -------- d-----w- c:\program files\Metin2_CZ
2009-06-16 17:36 . 2009-07-12 18:22 -------- d-----w- c:\program files\Steam
2009-06-15 10:35 . 2009-06-15 10:36 -------- d-----w- c:\program files\VentriloMIX
2009-06-15 10:25 . 2009-06-15 10:25 -------- d-----w- c:\program files\VentSrv
2009-06-14 21:22 . 2009-06-14 21:22 -------- d-----w- c:\program files\PhotoDreamr
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 19:57 . 2009-02-08 21:30 -------- d-----w- c:\program files\PokerStars
2009-07-11 17:40 . 2008-12-20 10:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-10 20:57 . 2008-10-15 19:02 -------- d-----w- c:\program files\WM Converter
2009-07-10 20:26 . 2007-09-18 14:23 137928 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-10 20:25 . 2007-10-08 13:40 189768 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-09 09:40 . 2008-11-08 18:24 -------- d-s---w- c:\program files\Xfire
2009-06-30 10:21 . 2008-12-23 10:16 -------- d-----w- c:\program files\SweetIM
2009-06-29 18:36 . 2007-09-17 08:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-27 18:50 . 2007-10-06 22:35 -------- d-----w- c:\program files\BitComet
2009-06-26 18:39 . 2009-05-31 19:09 -------- d-----w- c:\program files\Valve
2009-06-25 18:26 . 2008-04-22 15:57 -------- d-----w- c:\program files\Common Files\Apple
2009-06-23 20:01 . 2008-03-28 18:08 -------- d-----w- c:\program files\DivX
2009-06-22 15:22 . 2003-03-17 21:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-19 20:32 . 2008-10-03 20:45 -------- d-s---w- c:\program files\HLSW
2009-06-18 21:10 . 2008-08-12 17:29 -------- d-----w- c:\program files\mIRC
2009-06-17 09:27 . 2008-12-20 10:12 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 09:27 . 2008-12-20 10:12 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-16 11:53 . 2007-09-17 10:09 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-15 10:36 . 2009-05-08 22:28 -------- d-----w- c:\program files\Ventrilo
2009-06-15 10:36 . 2008-01-04 16:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-12 20:20 . 2008-09-04 15:43 -------- d-----w- c:\program files\Spyware Terminator
2009-06-12 16:20 . 2007-09-17 09:30 -------- d-----w- c:\program files\Lavalys
2009-06-12 13:20 . 2008-06-17 15:16 -------- d-----w- c:\program files\Electronic Arts
2009-06-11 22:09 . 2009-06-11 22:09 -------- d-----w- c:\program files\PC Info
2009-06-10 13:31 . 2007-09-27 12:23 -------- d-----w- c:\program files\GamePark
2009-06-09 21:43 . 2008-04-26 08:06 -------- d-----w- c:\program files\SiSoftware
2009-06-09 14:50 . 2009-06-09 13:47 -------- d-----w- c:\program files\Disney Interactive Studios
2009-06-09 13:47 . 2009-06-08 21:26 -------- d-----w- c:\program files\RegCleaner
2009-06-09 13:47 . 2009-06-09 13:47 -------- d-----w- c:\program files\Common Files\Skype
2009-06-09 13:47 . 2007-09-17 16:18 -------- d-----w- c:\program files\Skype
2009-06-08 21:30 . 2009-06-08 21:30 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-08 09:58 . 2008-08-01 16:58 -------- d-----w- c:\program files\SystemRequirementsLab
2009-06-07 21:46 . 2009-06-07 21:37 -------- d-----w- c:\program files\Cool CENZURA
2009-05-29 13:59 . 2009-05-29 13:59 -------- d-----w- c:\program files\Aspyr Media, Inc
2009-05-26 20:23 . 2007-10-06 22:36 -------- d-----w- c:\program files\Google
2009-05-24 15:34 . 2009-05-24 15:34 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-05-24 15:34 . 2009-05-24 15:34 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\OpenAL
2009-05-24 15:34 . 2009-05-24 15:34 -------- d-----w- c:\program files\Livestation
2009-05-21 12:15 . 2009-05-21 12:15 -------- d-----w- c:\program files\Velvetmatter
2009-05-16 15:12 . 2009-05-15 22:11 -------- d-----w- c:\program files\Garena
2009-05-06 13:47 . 2004-08-18 12:00 78060 ----a-w- c:\windows\system32\perfc005.dat
2009-05-06 13:47 . 2004-08-18 12:00 412618 ----a-w- c:\windows\system32\perfh005.dat
2009-05-01 11:24 . 2009-05-01 11:24 30464 ----a-w- c:\program files\XFire1101CZ.rar
2009-04-21 20:42 . 2008-08-29 16:45 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2008-11-27 16:22 . 2009-05-01 11:24 139600 ----a-w- c:\program files\xfire_lang_cz.dll
2009-06-12 15:48 . 2009-05-16 15:03 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-07-12_08.45.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 18:23 . 2009-07-12 18:23 16384 c:\windows\Temp\Perflib_Perfdata_bb4.dat
+ 2009-07-12 18:23 . 2009-07-12 18:23 16384 c:\windows\Temp\Perflib_Perfdata_b10.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-05-20 12:36 1258808 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-18 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"Google Update"="c:\documents and settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-12-02 133104]
"Livestation"="c:\program files\Livestation\Livestation.exe" [2009-03-30 2027520]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-26 39408]
"Steam"="c:\program files\Steam\Steam.exe" [2009-06-16 1217784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\Winampa.exe" [2003-04-02 12288]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-08 1783808]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-22 198160]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"HotKey"="c:\program files\HotKey\hotkey.exe" [2008-03-06 86016]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2008-11-29 625952]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-4-18 534016]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\MSI\\MyGuard Live\\MyGuard Live.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ubi.com\\Core\\GS4.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Ubi Soft\\IL2 Sturmovik\\il2.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\ua_lsp_inst.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Documents and Settings\\PC\\Dokumenty\\StrongDC.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX_dx10.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Documents and Settings\\PC\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"d:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"d:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Graffiti Studio 2.0\\Graffiti Studio.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21312:TCP"= 21312:TCP:*:Disabled:aaa
"27618:TCP"= 27618:TCP:BitComet 27618 TCP
"27618:UDP"= 27618:UDP:BitComet 27618 UDP
"9809:TCP"= 9809:TCP:BitComet 9809 TCP
"9809:UDP"= 9809:UDP:BitComet 9809 UDP
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [13.9.2007 10:48 77312]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 19:56 34312]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [6.5.2008 19:03 11776]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [4.9.2008 17:43 141312]
R2 AMDRAIDXpert;AMD RAIDXpert;c:\program files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe [29.9.2003 8:30 110592]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [10.6.2008 19:53 468224]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [30.12.2007 19:11 9728]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [25.6.2009 9:22 185640]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [5.7.2009 22:52 24652]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [28.6.2009 12:23 17408]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2.8.2005 23:10 32512]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 16:21 30720]
.
Obsah adresáře 'Naplánované úlohy'
2009-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-07-12 c:\windows\Tasks\User_Feed_Synchronization-{1A97B1E1-ADC6-496D-A5D3-4912F730985C}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
2009-07-12 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 20:18]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
LSP: xfire_lsp_9028.dll
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.aol.com/aolcom/search?inv ... -us&query=
FF - component: c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\v1ulvikv.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-12 20:26
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
C:\sccfg.sys 20 bytes
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:74,a9,d3,fe,fb,10,50,54,a6,e6,20,1b,0b,16,4d,19,ef,42,4b,69,a1,80,f4,
53,a2,4b,87,7b,9a,f2,34,43,4c,02,d0,14,02,07,37,19,08,a4,d7,87,46,15,97,60,\
"??"=hex:6e,b9,a4,6b,ab,9d,63,2f,a3,2b,9b,27,1d,dd,69,4e
[HKEY_USERS\S-1-5-21-1960408961-412668190-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:c4,2d,64,f7,fb,94,16,01,6f,12,32,98,1d,22,84,62,b3,92,db,24,90,
72,7a,8e,3b,36,2d,23,67,66,c7,54,ae,74,67,e0,6d,f4,a5,a5,2b,a4,27,49,4d,4a,\
"rkeysecu"=hex:fd,b2,2a,6e,4d,9d,14,e9,6d,ca,26,27,9a,d1,aa,18
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(828)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(884)
c:\windows\system32\xfire_lsp_9028.dll
- - - - - - - > 'explorer.exe'(1872)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\msi.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\documents and settings\PC\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
c:\windows\system32\netdde.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\clipsrv.exe
c:\program files\AMD\RAIDXpert\_jvm\bin\java.exe
c:\program files\Common Files\Nokia\MPAPI\MPAPI3s.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2009-07-12 20:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-07-12 18:30
ComboFix2.txt 2009-07-12 08:49
Před spuštěním: 3 709 493 248
Po spuštění: 3 570 155 520
Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
309 --- E O F --- 2009-05-07 22:39
HJT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:38, on 12.7.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HotKey\hotkey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\AMD\RAIDXpert\_jvm\bin\java.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [HotKey] C:\Program Files\HotKey\hotkey.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Livestation] C:\Program Files\Livestation\Livestation.exe -startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O17 - HKLM\System\CS4\Services\Tcpip\..\{4064728C-D16E-42EA-AD85-BC11AECC6DA8}: NameServer = 81.200.48.11,81.200.48.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown owner - C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 12531 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 26 hostů