Ahoj,mám menší problém,při otevírání složek s filmy,složky padají,nebo se PC zasekne.Ten samý problém mám s WMplayer11 a taky mi blbne INT.prohlížeč.Zobrazují se mi na stránce zpřeházené texty,nebo nesmyslné.MBAM ani AVAST nic nenašli.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:35, on 19.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\ProgDVB\ProgDVBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Games\Game Alarm\Updater.exe
C:\Games\Game Alarm\gamealarm.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Crawler Screensaver - {CDAFD956-97BE-443D-8EF7-F4F094EB5766} - C:\Program Files\Crawler\SSaver\CSSaver.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6669472D-419A-407C-9F8D-0C3BD382DC2B}: NameServer = 160.218.43.200 194.228.211.33
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProgDVB Scheduler Service (ProgDVBService) - Unknown owner - C:\Program Files\ProgDVB\ProgDVBService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 8436 bytes
prosím o kontrolu logu Vyřešeno
Re: prosím o kontrolu logu
Ahoj,
odkdy ten problém máš, neinstaloval jsi nějaký nový program?
Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.
odkdy ten problém máš, neinstaloval jsi nějaký nový program?
Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.
Re: prosím o kontrolu logu
Od 17.1. akorát mi na jedné stránce hlásilo,žemám starý flash přehrávač a nabízelo to novější verzi,tak jsem to potvrdil a následně mi na obrazovce začal běžet nějaký SCAN PALADIN,aniž bych ho chtěl stáhnout a spustit,nešel vypnout,tak jsem restartoval PC a zkusil jsem scan MBAM,ale nic nenašel.
Re: prosím o kontrolu logu
ComboFix 11-01-18.04 - Pc 19.01.2011 21:44:18.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1181 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pc\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-19 do 2011-01-19 )))))))))))))))))))))))))))))))
.
2011-01-19 19:16 . 2011-01-19 19:16 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-19 15:29 . 2011-01-19 15:29 -------- d-----w- c:\program files\Microsoft Security Essentials
2011-01-19 15:28 . 2011-01-19 15:28 -------- d-----w- c:\documents and settings\Pc\Data aplikací\FreeFileOpener
2011-01-19 15:25 . 2011-01-19 15:32 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\OpenAL
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Ventrilo
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-01-19 15:23 . 2011-01-19 15:24 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\GetMiro Toolbar
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\FreeApps
2011-01-19 14:13 . 2011-01-19 18:55 4724 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-01-19 14:11 . 2011-01-19 14:11 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-19 12:10 . 2001-08-17 19:11 20928 -c--a-w- c:\windows\system32\dllcache\SET4D8.tmp
2011-01-19 12:08 . 2001-10-24 10:51 714698 -c--a-w- c:\windows\system32\dllcache\SET3C2.tmp
2011-01-19 08:13 . 2011-01-19 08:13 -------- d-----w- c:\program files\DigiPen
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Digiarty
2011-01-18 16:48 . 2011-01-11 09:36 66944 ----a-w- c:\windows\system32\drivers\thdudf.sys
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\program files\Digiarty
2011-01-18 10:57 . 2011-01-19 15:28 -------- d-----w- c:\program files\DFX
2011-01-18 10:41 . 2011-01-18 10:41 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IsolatedStorage
2011-01-18 10:41 . 2011-01-19 15:28 -------- d-----w- c:\program files\Free File Opener
2011-01-18 10:26 . 2003-03-25 04:49 98304 ----a-w- c:\windows\system32\startup.cpl
2011-01-18 10:26 . 2003-03-25 04:49 106544 ----a-w- c:\windows\system32\tweakui.cpl
2011-01-18 10:25 . 2011-01-19 15:28 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2011-01-17 18:28 . 2011-01-17 18:28 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-17 13:35 . 2011-01-19 15:27 -------- d-----w- c:\documents and settings\Administrator
2011-01-13 22:45 . 2011-01-19 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Trymedia
2011-01-12 23:44 . 2011-01-12 23:44 -------- d-----w- c:\program files\EA GAMES
2011-01-12 12:43 . 2011-01-19 15:26 -------- d-----w- c:\program files\Euro Truck Simulator
2011-01-12 09:26 . 2011-01-19 15:10 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-01-12 09:24 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\Data aplikací\DAEMON Tools Lite
2011-01-12 09:24 . 2011-01-12 18:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-10 10:01 . 2011-01-10 10:03 -------- d-----w- C:\Games
2011-01-09 23:25 . 2011-01-09 23:25 -------- d-----w- c:\program files\Kickbach Studios
2011-01-09 22:51 . 2011-01-09 22:51 -------- d-----w- c:\program files\GameTop.com
2011-01-09 21:07 . 2011-01-09 21:07 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-09 21:07 . 2011-01-09 21:07 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-09 15:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-09 15:29 . 2011-01-19 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-09 15:29 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-09 09:49 . 2011-01-17 16:33 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-09 08:30 . 2011-01-09 08:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-01-08 23:40 . 2011-01-17 16:34 -------- d-----w- c:\program files\Promosoft Corporation
2011-01-08 22:36 . 2011-01-08 22:36 -------- d-----w- c:\program files\Blaze Audio
2011-01-04 20:25 . 2011-01-04 20:25 -------- d-----w- C:\Nexon
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\treeskp.sys
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\sbacknt.bin
2011-01-02 11:21 . 2011-01-02 11:21 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\SoundSpectrum
2011-01-01 22:26 . 2011-01-02 11:20 -------- d-----w- c:\program files\Glary Utilities
2011-01-01 21:53 . 2011-01-02 11:20 -------- d-----w- c:\program files\Wise PC Engineer
2011-01-01 19:07 . 2011-01-19 15:24 -------- d-----w- c:\documents and settings\Pc\Data aplikací\SoundSpectrum
2011-01-01 18:59 . 2011-01-01 18:59 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\program files\Common Files\DFX
2011-01-01 18:30 . 2010-09-10 17:49 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2011-01-01 18:30 . 2011-01-19 15:24 -------- d-----w- c:\program files\SoundSpectrum
2011-01-01 00:18 . 2011-01-01 00:48 -------- d-----w- c:\documents and settings\Pc\DoctorWeb
2010-12-31 00:43 . 2010-12-31 00:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Macrovision
2010-12-31 00:00 . 2010-12-31 00:01 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IObit
2010-12-30 15:39 . 2010-12-30 15:40 -------- d-----w- c:\documents and settings\Pc\KBCertifikat
2010-12-30 14:36 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\kbpki
2010-12-29 22:33 . 2010-12-29 22:33 -------- d-----w- c:\documents and settings\Pc\Data aplikací\GRETECH
2010-12-29 22:11 . 2010-12-29 22:11 -------- d-----w- c:\program files\CCleaner
2010-12-29 21:50 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-12-29 21:21 . 2008-04-14 07:52 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-12-29 21:21 . 2008-04-14 07:52 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-12-29 21:21 . 2001-10-24 11:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-12-29 21:21 . 2001-10-24 11:25 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-12-29 21:21 . 2001-10-24 11:25 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-12-29 21:21 . 2001-08-18 05:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-12-29 21:21 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-12-29 21:19 . 2008-04-13 21:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2010-12-29 21:18 . 2001-08-17 20:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2010-12-29 21:17 . 2001-10-24 11:25 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-12-29 21:16 . 2001-08-17 21:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-12-29 21:15 . 2001-08-17 20:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-12-29 21:14 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2010-12-29 21:13 . 2001-10-24 11:25 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-12-29 21:12 . 2001-07-21 21:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-12-29 21:11 . 2001-10-24 11:24 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2010-12-29 21:10 . 2001-10-24 11:25 9728 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-12-29 21:09 . 2001-10-24 11:25 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2010-12-29 21:08 . 2001-08-17 19:11 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2010-12-29 21:07 . 2001-08-17 19:12 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-12-29 21:06 . 2001-10-24 11:24 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-12-29 21:05 . 2008-04-14 12:00 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-12-29 21:04 . 2001-10-24 11:23 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2010-12-29 21:03 . 2001-10-24 10:46 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2010-12-29 21:02 . 2001-08-17 19:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2010-12-29 21:01 . 2001-08-17 21:05 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2010-12-29 21:00 . 2001-08-17 20:28 542879 -c--a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-12-29 20:59 . 2001-10-24 11:24 83968 -c--a-w- c:\windows\system32\dllcache\hpgt21.dll
2010-12-29 20:58 . 2001-08-17 19:14 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-12-29 20:58 . 2001-08-17 19:14 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2010-12-29 20:58 . 2008-04-13 21:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-12-29 20:56 . 2001-08-17 19:19 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2010-12-29 20:55 . 2008-04-14 12:00 20192 -c--a-w- c:\windows\system32\dllcache\dpti2o.sys
2010-12-29 20:54 . 2001-08-17 19:12 63208 -c--a-w- c:\windows\system32\dllcache\dc21x4.sys
2010-12-29 20:53 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-12-29 20:52 . 2001-10-24 10:49 39552 -c--a-w- c:\windows\system32\dllcache\brparwdm.sys
2010-12-29 20:51 . 2001-08-17 19:49 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys
2010-12-29 20:50 . 2001-10-24 11:24 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-12-29 13:07 . 2010-12-29 13:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\TS3Client
2010-12-29 11:59 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2010-12-29 11:59 . 2010-11-11 12:27 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-12-29 11:59 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-12-29 11:59 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2010-12-29 11:59 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2010-12-29 11:59 . 2011-01-19 15:24 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-12-29 11:57 . 2010-12-29 11:57 -------- d-----w- c:\program files\Conduit
2010-12-29 11:47 . 2010-12-29 16:09 -------- d-----w- c:\program files\Xfire
2010-12-29 11:35 . 2010-12-29 11:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Ventrilo
2010-12-29 10:43 . 2010-12-29 10:47 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Registry Mechanic
2010-12-29 10:41 . 2010-12-29 10:41 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2010-12-29 10:41 . 2010-12-29 20:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2010-12-29 10:39 . 2010-12-29 10:47 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-29 10:32 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2010-12-29 10:32 . 2010-11-26 17:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2010-12-23 14:37 . 1999-01-10 10:00 3584 ----a-w- c:\windows\system32\drivers\DLPortIO.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-09 17:14 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-09 17:14 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-09 17:14 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-09 17:14 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-09 17:14 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-09 17:14 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-09 17:14 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-09 17:14 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-31 20:06 . 2010-09-09 17:34 38848 ----a-w- c:\windows\avastSS.scr
2010-11-30 16:06 . 2010-09-07 13:17 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-18 18:15 . 2010-09-07 11:35 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2010-09-07 13:17 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-13 17:19 . 2010-09-25 12:39 152904 ----a-w- c:\windows\system32\vghd.scr
2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 17:15 . 2010-09-07 13:17 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2010-09-07 13:17 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2010-09-07 13:17 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2010-09-07 13:17 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2010-09-07 13:17 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2010-09-07 13:17 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2010-09-07 13:17 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2010-09-07 13:17 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2010-09-07 13:17 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:25 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-30 06:09 . 2010-10-30 06:09 675840 ----a-w- c:\windows\system32\yowindow.scr
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2010-09-07 13:16 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 106544]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\Pc\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Game Alarm.lnk - c:\games\Game Alarm\gamealarm.exe [2011-1-10 19631104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-09-27 12:49 87424 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^DesktopVideoPlayer.LNK]
backup=c:\windows\pss\DesktopVideoPlayer.LNKStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^YoWindow.lnk]
backup=c:\windows\pss\YoWindow.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGEIA PhysX SysTray]
2007-07-23 07:05 345640 ----a-w- c:\program files\AGEIA Technologies\bin\TrayIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKHOTKEY]
2007-07-12 08:25 225280 ----a-w- c:\program files\ATK Hotkey\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2007-10-17 17:04 7737344 ----a-w- c:\program files\ATKOSD2\ATKOSD2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeskMateAutoUpdate]
2010-09-26 12:18 25896 ----a-w- c:\progra~1\DESKMA~1\DeskMateAutoUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2010-04-28 22:28 3727411 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeApp]
2010-12-29 20:54 814496 ----a-w- c:\program files\FreeApps\FreeApps.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]
2006-10-14 15:37 110592 ----a-w- c:\windows\ATK0100\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-11-16 19:34 19722344 ----a-w- c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
2010-10-07 13:55 488728 ----a-w- c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-12-03 15:46 16862600 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-11-03 17:15 1833576 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-19 00:05 1242448 ----a-w- c:\program files\Steam\Steam.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\vghd\\vghd.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Microsoft Games\\MechCommander2\\Mc2Rel.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\ProgDVB\\ProgDvbNet.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Singles\\singles.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [29.12.2010 11:32 14776]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.9.2010 18:14 294608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [19.1.2011 15:11 218176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.9.2010 18:14 17744]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPortIO.sys [23.12.2010 15:37 3584]
R2 ProgDVBService;ProgDVB Scheduler Service;c:\program files\ProgDVB\ProgDvbService.exe [20.11.2010 19:57 11504]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [18.1.2011 17:48 66944]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.9.2010 2:12 27632]
S0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
S2 RadPciNT;RadPciNT;c:\windows\system32\drivers\RadPciNT.sys [24.4.2000 17:26 9417]
S3 Aken;Aken;c:\documents and settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys [17.6.2007 11:29 3712]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.12.2010 12:59 1691480]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [5.11.2010 15:34 16512]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.9.2010 2:12 13224]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [11.9.2010 15:25 384752]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
2011-01-19 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-01-01 13:13]
.
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
mStart Page = hxxp://www.msn.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {{CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\program files\Crawler\SSaver\CSSaver.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
TCP: {6669472D-419A-407C-9F8D-0C3BD382DC2B} = 160.218.43.200 194.228.211.33
FF - ProfilePath - c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://my.daemon-search.com/|http://cs. ... s:official
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - c:\program files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Silvermel and Charamel XT: silvermelxt@pardal.de - %profile%\extensions\silvermelxt@pardal.de
FF - Ext: Silvermel: silvermel@pardal.de - %profile%\extensions\silvermel@pardal.de
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: AddThis: {3e0e7d2a-070f-4a47-b019-91fe5385ba79} - %profile%\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
FF - Ext: Complete YouTube Saver: {AF445D67-154C-4c69-A17B-7F392BCC36A3} - %profile%\extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Quake2DemoUninstallKey - c:\q2demo\Uninst.isu
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-19 21:50
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
.
Celkový čas: 2011-01-19 21:53:25
ComboFix-quarantined-files.txt 2011-01-19 20:53
Před spuštěním: Volných bajtů: 140 310 056 960
Po spuštění: Volných bajtů: 140 470 616 064
- - End Of File - - 5B61D67D253009C153976AAC5797B239
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1181 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pc\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-19 do 2011-01-19 )))))))))))))))))))))))))))))))
.
2011-01-19 19:16 . 2011-01-19 19:16 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-19 15:29 . 2011-01-19 15:29 -------- d-----w- c:\program files\Microsoft Security Essentials
2011-01-19 15:28 . 2011-01-19 15:28 -------- d-----w- c:\documents and settings\Pc\Data aplikací\FreeFileOpener
2011-01-19 15:25 . 2011-01-19 15:32 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\OpenAL
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Ventrilo
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-01-19 15:23 . 2011-01-19 15:24 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\GetMiro Toolbar
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\FreeApps
2011-01-19 14:13 . 2011-01-19 18:55 4724 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-01-19 14:11 . 2011-01-19 14:11 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-19 12:10 . 2001-08-17 19:11 20928 -c--a-w- c:\windows\system32\dllcache\SET4D8.tmp
2011-01-19 12:08 . 2001-10-24 10:51 714698 -c--a-w- c:\windows\system32\dllcache\SET3C2.tmp
2011-01-19 08:13 . 2011-01-19 08:13 -------- d-----w- c:\program files\DigiPen
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Digiarty
2011-01-18 16:48 . 2011-01-11 09:36 66944 ----a-w- c:\windows\system32\drivers\thdudf.sys
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\program files\Digiarty
2011-01-18 10:57 . 2011-01-19 15:28 -------- d-----w- c:\program files\DFX
2011-01-18 10:41 . 2011-01-18 10:41 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IsolatedStorage
2011-01-18 10:41 . 2011-01-19 15:28 -------- d-----w- c:\program files\Free File Opener
2011-01-18 10:26 . 2003-03-25 04:49 98304 ----a-w- c:\windows\system32\startup.cpl
2011-01-18 10:26 . 2003-03-25 04:49 106544 ----a-w- c:\windows\system32\tweakui.cpl
2011-01-18 10:25 . 2011-01-19 15:28 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2011-01-17 18:28 . 2011-01-17 18:28 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-17 13:35 . 2011-01-19 15:27 -------- d-----w- c:\documents and settings\Administrator
2011-01-13 22:45 . 2011-01-19 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Trymedia
2011-01-12 23:44 . 2011-01-12 23:44 -------- d-----w- c:\program files\EA GAMES
2011-01-12 12:43 . 2011-01-19 15:26 -------- d-----w- c:\program files\Euro Truck Simulator
2011-01-12 09:26 . 2011-01-19 15:10 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-01-12 09:24 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\Data aplikací\DAEMON Tools Lite
2011-01-12 09:24 . 2011-01-12 18:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-10 10:01 . 2011-01-10 10:03 -------- d-----w- C:\Games
2011-01-09 23:25 . 2011-01-09 23:25 -------- d-----w- c:\program files\Kickbach Studios
2011-01-09 22:51 . 2011-01-09 22:51 -------- d-----w- c:\program files\GameTop.com
2011-01-09 21:07 . 2011-01-09 21:07 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-09 21:07 . 2011-01-09 21:07 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-09 15:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-09 15:29 . 2011-01-19 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-09 15:29 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-09 09:49 . 2011-01-17 16:33 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-09 08:30 . 2011-01-09 08:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-01-08 23:40 . 2011-01-17 16:34 -------- d-----w- c:\program files\Promosoft Corporation
2011-01-08 22:36 . 2011-01-08 22:36 -------- d-----w- c:\program files\Blaze Audio
2011-01-04 20:25 . 2011-01-04 20:25 -------- d-----w- C:\Nexon
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\treeskp.sys
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\sbacknt.bin
2011-01-02 11:21 . 2011-01-02 11:21 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\SoundSpectrum
2011-01-01 22:26 . 2011-01-02 11:20 -------- d-----w- c:\program files\Glary Utilities
2011-01-01 21:53 . 2011-01-02 11:20 -------- d-----w- c:\program files\Wise PC Engineer
2011-01-01 19:07 . 2011-01-19 15:24 -------- d-----w- c:\documents and settings\Pc\Data aplikací\SoundSpectrum
2011-01-01 18:59 . 2011-01-01 18:59 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\program files\Common Files\DFX
2011-01-01 18:30 . 2010-09-10 17:49 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2011-01-01 18:30 . 2011-01-19 15:24 -------- d-----w- c:\program files\SoundSpectrum
2011-01-01 00:18 . 2011-01-01 00:48 -------- d-----w- c:\documents and settings\Pc\DoctorWeb
2010-12-31 00:43 . 2010-12-31 00:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Macrovision
2010-12-31 00:00 . 2010-12-31 00:01 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IObit
2010-12-30 15:39 . 2010-12-30 15:40 -------- d-----w- c:\documents and settings\Pc\KBCertifikat
2010-12-30 14:36 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\kbpki
2010-12-29 22:33 . 2010-12-29 22:33 -------- d-----w- c:\documents and settings\Pc\Data aplikací\GRETECH
2010-12-29 22:11 . 2010-12-29 22:11 -------- d-----w- c:\program files\CCleaner
2010-12-29 21:50 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-12-29 21:21 . 2008-04-14 07:52 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-12-29 21:21 . 2008-04-14 07:52 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-12-29 21:21 . 2001-10-24 11:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-12-29 21:21 . 2001-10-24 11:25 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-12-29 21:21 . 2001-10-24 11:25 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-12-29 21:21 . 2001-08-18 05:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-12-29 21:21 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-12-29 21:19 . 2008-04-13 21:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2010-12-29 21:18 . 2001-08-17 20:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2010-12-29 21:17 . 2001-10-24 11:25 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-12-29 21:16 . 2001-08-17 21:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-12-29 21:15 . 2001-08-17 20:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-12-29 21:14 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2010-12-29 21:13 . 2001-10-24 11:25 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-12-29 21:12 . 2001-07-21 21:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-12-29 21:11 . 2001-10-24 11:24 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2010-12-29 21:10 . 2001-10-24 11:25 9728 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-12-29 21:09 . 2001-10-24 11:25 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2010-12-29 21:08 . 2001-08-17 19:11 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2010-12-29 21:07 . 2001-08-17 19:12 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-12-29 21:06 . 2001-10-24 11:24 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-12-29 21:05 . 2008-04-14 12:00 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-12-29 21:04 . 2001-10-24 11:23 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2010-12-29 21:03 . 2001-10-24 10:46 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2010-12-29 21:02 . 2001-08-17 19:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2010-12-29 21:01 . 2001-08-17 21:05 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2010-12-29 21:00 . 2001-08-17 20:28 542879 -c--a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-12-29 20:59 . 2001-10-24 11:24 83968 -c--a-w- c:\windows\system32\dllcache\hpgt21.dll
2010-12-29 20:58 . 2001-08-17 19:14 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-12-29 20:58 . 2001-08-17 19:14 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2010-12-29 20:58 . 2008-04-13 21:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-12-29 20:56 . 2001-08-17 19:19 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2010-12-29 20:55 . 2008-04-14 12:00 20192 -c--a-w- c:\windows\system32\dllcache\dpti2o.sys
2010-12-29 20:54 . 2001-08-17 19:12 63208 -c--a-w- c:\windows\system32\dllcache\dc21x4.sys
2010-12-29 20:53 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-12-29 20:52 . 2001-10-24 10:49 39552 -c--a-w- c:\windows\system32\dllcache\brparwdm.sys
2010-12-29 20:51 . 2001-08-17 19:49 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys
2010-12-29 20:50 . 2001-10-24 11:24 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-12-29 13:07 . 2010-12-29 13:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\TS3Client
2010-12-29 11:59 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2010-12-29 11:59 . 2010-11-11 12:27 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-12-29 11:59 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-12-29 11:59 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2010-12-29 11:59 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2010-12-29 11:59 . 2011-01-19 15:24 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-12-29 11:57 . 2010-12-29 11:57 -------- d-----w- c:\program files\Conduit
2010-12-29 11:47 . 2010-12-29 16:09 -------- d-----w- c:\program files\Xfire
2010-12-29 11:35 . 2010-12-29 11:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Ventrilo
2010-12-29 10:43 . 2010-12-29 10:47 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Registry Mechanic
2010-12-29 10:41 . 2010-12-29 10:41 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2010-12-29 10:41 . 2010-12-29 20:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2010-12-29 10:39 . 2010-12-29 10:47 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-29 10:32 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2010-12-29 10:32 . 2010-11-26 17:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2010-12-23 14:37 . 1999-01-10 10:00 3584 ----a-w- c:\windows\system32\drivers\DLPortIO.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-09 17:14 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-09 17:14 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-09 17:14 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-09 17:14 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-09 17:14 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-09 17:14 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-09 17:14 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-09 17:14 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-31 20:06 . 2010-09-09 17:34 38848 ----a-w- c:\windows\avastSS.scr
2010-11-30 16:06 . 2010-09-07 13:17 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-18 18:15 . 2010-09-07 11:35 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2010-09-07 13:17 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-13 17:19 . 2010-09-25 12:39 152904 ----a-w- c:\windows\system32\vghd.scr
2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 17:15 . 2010-09-07 13:17 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2010-09-07 13:17 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2010-09-07 13:17 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2010-09-07 13:17 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2010-09-07 13:17 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2010-09-07 13:17 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2010-09-07 13:17 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2010-09-07 13:17 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2010-09-07 13:17 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:25 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-30 06:09 . 2010-10-30 06:09 675840 ----a-w- c:\windows\system32\yowindow.scr
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2010-09-07 13:16 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 106544]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\Pc\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Game Alarm.lnk - c:\games\Game Alarm\gamealarm.exe [2011-1-10 19631104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-09-27 12:49 87424 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^DesktopVideoPlayer.LNK]
backup=c:\windows\pss\DesktopVideoPlayer.LNKStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^YoWindow.lnk]
backup=c:\windows\pss\YoWindow.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGEIA PhysX SysTray]
2007-07-23 07:05 345640 ----a-w- c:\program files\AGEIA Technologies\bin\TrayIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKHOTKEY]
2007-07-12 08:25 225280 ----a-w- c:\program files\ATK Hotkey\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2007-10-17 17:04 7737344 ----a-w- c:\program files\ATKOSD2\ATKOSD2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeskMateAutoUpdate]
2010-09-26 12:18 25896 ----a-w- c:\progra~1\DESKMA~1\DeskMateAutoUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2010-04-28 22:28 3727411 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeApp]
2010-12-29 20:54 814496 ----a-w- c:\program files\FreeApps\FreeApps.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]
2006-10-14 15:37 110592 ----a-w- c:\windows\ATK0100\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-11-16 19:34 19722344 ----a-w- c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
2010-10-07 13:55 488728 ----a-w- c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-12-03 15:46 16862600 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-11-03 17:15 1833576 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-19 00:05 1242448 ----a-w- c:\program files\Steam\Steam.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\vghd\\vghd.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Microsoft Games\\MechCommander2\\Mc2Rel.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\ProgDVB\\ProgDvbNet.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Singles\\singles.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [29.12.2010 11:32 14776]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.9.2010 18:14 294608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [19.1.2011 15:11 218176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.9.2010 18:14 17744]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPortIO.sys [23.12.2010 15:37 3584]
R2 ProgDVBService;ProgDVB Scheduler Service;c:\program files\ProgDVB\ProgDvbService.exe [20.11.2010 19:57 11504]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [18.1.2011 17:48 66944]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.9.2010 2:12 27632]
S0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
S2 RadPciNT;RadPciNT;c:\windows\system32\drivers\RadPciNT.sys [24.4.2000 17:26 9417]
S3 Aken;Aken;c:\documents and settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys [17.6.2007 11:29 3712]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.12.2010 12:59 1691480]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [5.11.2010 15:34 16512]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.9.2010 2:12 13224]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [11.9.2010 15:25 384752]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
2011-01-19 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-01-01 13:13]
.
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
mStart Page = hxxp://www.msn.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {{CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\program files\Crawler\SSaver\CSSaver.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
TCP: {6669472D-419A-407C-9F8D-0C3BD382DC2B} = 160.218.43.200 194.228.211.33
FF - ProfilePath - c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://my.daemon-search.com/|http://cs. ... s:official
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - c:\program files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Silvermel and Charamel XT: silvermelxt@pardal.de - %profile%\extensions\silvermelxt@pardal.de
FF - Ext: Silvermel: silvermel@pardal.de - %profile%\extensions\silvermel@pardal.de
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: AddThis: {3e0e7d2a-070f-4a47-b019-91fe5385ba79} - %profile%\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
FF - Ext: Complete YouTube Saver: {AF445D67-154C-4c69-A17B-7F392BCC36A3} - %profile%\extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Quake2DemoUninstallKey - c:\q2demo\Uninst.isu
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-19 21:50
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
.
Celkový čas: 2011-01-19 21:53:25
ComboFix-quarantined-files.txt 2011-01-19 20:53
Před spuštěním: Volných bajtů: 140 310 056 960
Po spuštění: Volných bajtů: 140 470 616 064
- - End Of File - - 5B61D67D253009C153976AAC5797B239
Re: prosím o kontrolu logu
Používáš pouze Avast? Ten MSE jsi neinstaloval?
Otestuj na www.virustotal.com
c:\windows\system32\drivers\thdudf.sys
Otestuj na www.virustotal.com
c:\windows\system32\drivers\thdudf.sys
Re: prosím o kontrolu logu
Instaloval,ale hned odinstaloval,protože se mi nedařila aktualizace,chtěl jsem dát pryč AVAST,protože mně nevaroval,když jsem měl kdysi vir v PC.Tak jsem chtěl zkusit ten MSE.
Re: prosím o kontrolu logu
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
thdudf.sys
Submission date:
2011-01-19 21:28:28 (UTC)
Current status:
queued queued analysing finished
Result:
0/ 41 (0.0%)
File name:
thdudf.sys
Submission date:
2011-01-19 21:28:28 (UTC)
Current status:
queued queued analysing finished
Result:
0/ 41 (0.0%)
Re: prosím o kontrolu logu
Combofix přesuň na plochu
-otevři si Poznámkový blok
-Do něj zkopíruj text z tohoto okénka
-vytvořený TXT soubor ulož jako CFScript.txt na plochu a levým myšítkem přesuň nad ikonu Combofixu, kde ho upustíš
-Po proběhnutí skenu a ukončení combofixu by se měl objevit log, vlož ho zde.
Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.
-otevři si Poznámkový blok
-Do něj zkopíruj text z tohoto okénka
Kód: Vybrat vše
Firefox::
FF - ProfilePath - c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://my.daemon-search.com/|http://cs. ... s:official
DDS::
uStart Page = my.daemon-search.com
Folder::
c:\program files\DAEMON Tools Toolbar
c:\program files\Microsoft Security Essentials
File::
c:\windows\system32\dllcache\SET4D8.tmp
c:\windows\system32\dllcache\SET3C2.tmp
-vytvořený TXT soubor ulož jako CFScript.txt na plochu a levým myšítkem přesuň nad ikonu Combofixu, kde ho upustíš
-Po proběhnutí skenu a ukončení combofixu by se měl objevit log, vlož ho zde.
Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.
Re: prosím o kontrolu logu
Výmazy byly provedeny,ale žádný restart se nekonal.
ComboFix 11-01-18.04 - Pc 19.01.2011 23:08:05.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1260 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pc\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pc\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\windows\system32\dllcache\SET3C2.tmp"
"c:\windows\system32\dllcache\SET4D8.tmp"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\Microsoft Security Essentials
c:\windows\system32\dllcache\SET3C2.tmp
c:\windows\system32\dllcache\SET4D8.tmp
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-19 do 2011-01-19 )))))))))))))))))))))))))))))))
.
2011-01-19 19:16 . 2011-01-19 19:16 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-19 15:28 . 2011-01-19 15:28 -------- d-----w- c:\documents and settings\Pc\Data aplikací\FreeFileOpener
2011-01-19 15:25 . 2011-01-19 15:32 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\OpenAL
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Ventrilo
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-01-19 15:23 . 2011-01-19 15:24 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\GetMiro Toolbar
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\FreeApps
2011-01-19 14:13 . 2011-01-19 18:55 4724 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-01-19 14:11 . 2011-01-19 14:11 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-19 08:13 . 2011-01-19 08:13 -------- d-----w- c:\program files\DigiPen
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Digiarty
2011-01-18 16:48 . 2011-01-11 09:36 66944 ----a-w- c:\windows\system32\drivers\thdudf.sys
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\program files\Digiarty
2011-01-18 10:57 . 2011-01-19 15:28 -------- d-----w- c:\program files\DFX
2011-01-18 10:41 . 2011-01-18 10:41 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IsolatedStorage
2011-01-18 10:41 . 2011-01-19 15:28 -------- d-----w- c:\program files\Free File Opener
2011-01-18 10:26 . 2003-03-25 04:49 98304 ----a-w- c:\windows\system32\startup.cpl
2011-01-18 10:26 . 2003-03-25 04:49 106544 ----a-w- c:\windows\system32\tweakui.cpl
2011-01-18 10:25 . 2011-01-19 15:28 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2011-01-17 18:28 . 2011-01-17 18:28 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-17 13:35 . 2011-01-19 15:27 -------- d-----w- c:\documents and settings\Administrator
2011-01-13 22:45 . 2011-01-19 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Trymedia
2011-01-12 23:44 . 2011-01-12 23:44 -------- d-----w- c:\program files\EA GAMES
2011-01-12 12:43 . 2011-01-19 15:26 -------- d-----w- c:\program files\Euro Truck Simulator
2011-01-12 09:24 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\Data aplikací\DAEMON Tools Lite
2011-01-12 09:24 . 2011-01-12 18:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-10 10:01 . 2011-01-10 10:03 -------- d-----w- C:\Games
2011-01-09 23:25 . 2011-01-09 23:25 -------- d-----w- c:\program files\Kickbach Studios
2011-01-09 22:51 . 2011-01-09 22:51 -------- d-----w- c:\program files\GameTop.com
2011-01-09 21:07 . 2011-01-09 21:07 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-09 21:07 . 2011-01-09 21:07 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-09 15:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-09 15:29 . 2011-01-19 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-09 15:29 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-09 09:49 . 2011-01-17 16:33 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-09 08:30 . 2011-01-09 08:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-01-08 23:40 . 2011-01-17 16:34 -------- d-----w- c:\program files\Promosoft Corporation
2011-01-08 22:36 . 2011-01-08 22:36 -------- d-----w- c:\program files\Blaze Audio
2011-01-04 20:25 . 2011-01-04 20:25 -------- d-----w- C:\Nexon
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\treeskp.sys
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\sbacknt.bin
2011-01-02 11:21 . 2011-01-02 11:21 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\SoundSpectrum
2011-01-01 22:26 . 2011-01-02 11:20 -------- d-----w- c:\program files\Glary Utilities
2011-01-01 21:53 . 2011-01-02 11:20 -------- d-----w- c:\program files\Wise PC Engineer
2011-01-01 19:07 . 2011-01-19 15:24 -------- d-----w- c:\documents and settings\Pc\Data aplikací\SoundSpectrum
2011-01-01 18:59 . 2011-01-01 18:59 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\program files\Common Files\DFX
2011-01-01 18:30 . 2010-09-10 17:49 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2011-01-01 18:30 . 2011-01-19 15:24 -------- d-----w- c:\program files\SoundSpectrum
2011-01-01 00:18 . 2011-01-01 00:48 -------- d-----w- c:\documents and settings\Pc\DoctorWeb
2010-12-31 00:43 . 2010-12-31 00:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Macrovision
2010-12-31 00:00 . 2010-12-31 00:01 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IObit
2010-12-30 15:39 . 2010-12-30 15:40 -------- d-----w- c:\documents and settings\Pc\KBCertifikat
2010-12-30 14:36 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\kbpki
2010-12-29 22:33 . 2010-12-29 22:33 -------- d-----w- c:\documents and settings\Pc\Data aplikací\GRETECH
2010-12-29 22:11 . 2010-12-29 22:11 -------- d-----w- c:\program files\CCleaner
2010-12-29 21:50 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-12-29 21:21 . 2008-04-14 07:52 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-12-29 21:21 . 2008-04-14 07:52 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-12-29 21:21 . 2001-10-24 11:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-12-29 21:21 . 2001-10-24 11:25 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-12-29 21:21 . 2001-10-24 11:25 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-12-29 21:21 . 2001-08-18 05:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-12-29 21:21 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-12-29 21:19 . 2008-04-13 21:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2010-12-29 21:18 . 2001-08-17 20:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2010-12-29 21:17 . 2001-10-24 11:25 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-12-29 21:16 . 2001-08-17 21:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-12-29 21:15 . 2001-08-17 20:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-12-29 21:14 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2010-12-29 21:13 . 2001-10-24 11:25 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-12-29 21:12 . 2001-07-21 21:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-12-29 21:11 . 2001-10-24 11:24 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2010-12-29 21:10 . 2001-10-24 11:25 9728 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-12-29 21:09 . 2001-10-24 11:25 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2010-12-29 21:08 . 2001-08-17 19:11 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2010-12-29 21:07 . 2001-08-17 19:12 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-12-29 21:06 . 2001-10-24 11:24 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-12-29 21:05 . 2008-04-14 12:00 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-12-29 21:04 . 2001-10-24 11:23 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2010-12-29 21:03 . 2001-10-24 10:46 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2010-12-29 21:02 . 2001-08-17 19:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2010-12-29 21:01 . 2001-08-17 21:05 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2010-12-29 21:00 . 2001-08-17 20:28 542879 -c--a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-12-29 20:59 . 2001-10-24 11:24 83968 -c--a-w- c:\windows\system32\dllcache\hpgt21.dll
2010-12-29 20:58 . 2001-08-17 19:14 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-12-29 20:58 . 2001-08-17 19:14 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2010-12-29 20:58 . 2008-04-13 21:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-12-29 20:56 . 2001-08-17 19:19 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2010-12-29 20:55 . 2008-04-14 12:00 20192 -c--a-w- c:\windows\system32\dllcache\dpti2o.sys
2010-12-29 20:54 . 2001-08-17 19:12 63208 -c--a-w- c:\windows\system32\dllcache\dc21x4.sys
2010-12-29 20:53 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-12-29 20:52 . 2001-10-24 10:49 39552 -c--a-w- c:\windows\system32\dllcache\brparwdm.sys
2010-12-29 20:51 . 2001-08-17 19:49 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys
2010-12-29 20:50 . 2001-10-24 11:24 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-12-29 13:07 . 2010-12-29 13:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\TS3Client
2010-12-29 11:59 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2010-12-29 11:59 . 2010-11-11 12:27 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-12-29 11:59 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-12-29 11:59 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2010-12-29 11:59 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2010-12-29 11:59 . 2011-01-19 15:24 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-12-29 11:57 . 2010-12-29 11:57 -------- d-----w- c:\program files\Conduit
2010-12-29 11:47 . 2010-12-29 16:09 -------- d-----w- c:\program files\Xfire
2010-12-29 11:35 . 2010-12-29 11:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Ventrilo
2010-12-29 10:43 . 2010-12-29 10:47 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Registry Mechanic
2010-12-29 10:41 . 2010-12-29 10:41 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2010-12-29 10:41 . 2010-12-29 20:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2010-12-29 10:39 . 2010-12-29 10:47 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-29 10:32 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2010-12-29 10:32 . 2010-11-26 17:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2010-12-23 14:37 . 1999-01-10 10:00 3584 ----a-w- c:\windows\system32\drivers\DLPortIO.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-09 17:14 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-09 17:14 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-09 17:14 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-09 17:14 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-09 17:14 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-09 17:14 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-09 17:14 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-09 17:14 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-31 20:06 . 2010-09-09 17:34 38848 ----a-w- c:\windows\avastSS.scr
2010-11-30 16:06 . 2010-09-07 13:17 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-18 18:15 . 2010-09-07 11:35 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2010-09-07 13:17 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-13 17:19 . 2010-09-25 12:39 152904 ----a-w- c:\windows\system32\vghd.scr
2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 17:15 . 2010-09-07 13:17 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2010-09-07 13:17 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2010-09-07 13:17 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2010-09-07 13:17 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2010-09-07 13:17 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2010-09-07 13:17 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2010-09-07 13:17 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2010-09-07 13:17 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2010-09-07 13:17 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:25 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-30 06:09 . 2010-10-30 06:09 675840 ----a-w- c:\windows\system32\yowindow.scr
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2010-09-07 13:16 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 106544]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\Pc\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Game Alarm.lnk - c:\games\Game Alarm\gamealarm.exe [2011-1-10 19631104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-09-27 12:49 87424 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^DesktopVideoPlayer.LNK]
backup=c:\windows\pss\DesktopVideoPlayer.LNKStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^YoWindow.lnk]
backup=c:\windows\pss\YoWindow.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGEIA PhysX SysTray]
2007-07-23 07:05 345640 ----a-w- c:\program files\AGEIA Technologies\bin\TrayIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKHOTKEY]
2007-07-12 08:25 225280 ----a-w- c:\program files\ATK Hotkey\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2007-10-17 17:04 7737344 ----a-w- c:\program files\ATKOSD2\ATKOSD2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeskMateAutoUpdate]
2010-09-26 12:18 25896 ----a-w- c:\progra~1\DESKMA~1\DeskMateAutoUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2010-04-28 22:28 3727411 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeApp]
2010-12-29 20:54 814496 ----a-w- c:\program files\FreeApps\FreeApps.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]
2006-10-14 15:37 110592 ----a-w- c:\windows\ATK0100\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-11-16 19:34 19722344 ----a-w- c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
2010-10-07 13:55 488728 ----a-w- c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-12-03 15:46 16862600 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-11-03 17:15 1833576 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-19 00:05 1242448 ----a-w- c:\program files\Steam\Steam.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\vghd\\vghd.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Microsoft Games\\MechCommander2\\Mc2Rel.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\ProgDVB\\ProgDvbNet.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Singles\\singles.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [29.12.2010 11:32 14776]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.9.2010 18:14 294608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [19.1.2011 15:11 218176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.9.2010 18:14 17744]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPortIO.sys [23.12.2010 15:37 3584]
R2 ProgDVBService;ProgDVB Scheduler Service;c:\program files\ProgDVB\ProgDvbService.exe [20.11.2010 19:57 11504]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [18.1.2011 17:48 66944]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.9.2010 2:12 27632]
S0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
S2 RadPciNT;RadPciNT;c:\windows\system32\drivers\RadPciNT.sys [24.4.2000 17:26 9417]
S3 Aken;Aken;c:\documents and settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys [17.6.2007 11:29 3712]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.12.2010 12:59 1691480]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [5.11.2010 15:34 16512]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.9.2010 2:12 13224]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [11.9.2010 15:25 384752]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
2011-01-19 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-01-01 13:13]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.msn.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {{CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\program files\Crawler\SSaver\CSSaver.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
TCP: {6669472D-419A-407C-9F8D-0C3BD382DC2B} = 160.218.43.200 194.228.211.33
FF - ProfilePath - c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - c:\program files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Silvermel and Charamel XT: silvermelxt@pardal.de - %profile%\extensions\silvermelxt@pardal.de
FF - Ext: Silvermel: silvermel@pardal.de - %profile%\extensions\silvermel@pardal.de
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: AddThis: {3e0e7d2a-070f-4a47-b019-91fe5385ba79} - %profile%\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
FF - Ext: Complete YouTube Saver: {AF445D67-154C-4c69-A17B-7F392BCC36A3} - %profile%\extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-19 23:12
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
.
Celkový čas: 2011-01-19 23:15:15
ComboFix-quarantined-files.txt 2011-01-19 22:15
ComboFix2.txt 2011-01-19 20:53
Před spuštěním: Volných bajtů: 140 492 120 064
Po spuštění: Volných bajtů: 140 463 448 064
- - End Of File - - F76B0F7BF13CD63CF93AC4791E3D1255
ComboFix 11-01-18.04 - Pc 19.01.2011 23:08:05.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1260 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pc\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pc\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\windows\system32\dllcache\SET3C2.tmp"
"c:\windows\system32\dllcache\SET4D8.tmp"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\Microsoft Security Essentials
c:\windows\system32\dllcache\SET3C2.tmp
c:\windows\system32\dllcache\SET4D8.tmp
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-19 do 2011-01-19 )))))))))))))))))))))))))))))))
.
2011-01-19 19:16 . 2011-01-19 19:16 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-19 15:28 . 2011-01-19 15:28 -------- d-----w- c:\documents and settings\Pc\Data aplikací\FreeFileOpener
2011-01-19 15:25 . 2011-01-19 15:32 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\OpenAL
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Ventrilo
2011-01-19 15:24 . 2011-01-19 15:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-01-19 15:23 . 2011-01-19 15:24 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\GetMiro Toolbar
2011-01-19 15:23 . 2011-01-19 15:23 -------- d-----w- c:\program files\FreeApps
2011-01-19 14:13 . 2011-01-19 18:55 4724 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-01-19 14:11 . 2011-01-19 14:11 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-19 08:13 . 2011-01-19 08:13 -------- d-----w- c:\program files\DigiPen
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Digiarty
2011-01-18 16:48 . 2011-01-11 09:36 66944 ----a-w- c:\windows\system32\drivers\thdudf.sys
2011-01-18 16:48 . 2011-01-18 16:48 -------- d-----w- c:\program files\Digiarty
2011-01-18 10:57 . 2011-01-19 15:28 -------- d-----w- c:\program files\DFX
2011-01-18 10:41 . 2011-01-18 10:41 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IsolatedStorage
2011-01-18 10:41 . 2011-01-19 15:28 -------- d-----w- c:\program files\Free File Opener
2011-01-18 10:26 . 2003-03-25 04:49 98304 ----a-w- c:\windows\system32\startup.cpl
2011-01-18 10:26 . 2003-03-25 04:49 106544 ----a-w- c:\windows\system32\tweakui.cpl
2011-01-18 10:25 . 2011-01-19 15:28 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2011-01-17 18:28 . 2011-01-17 18:28 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-17 13:35 . 2011-01-19 15:27 -------- d-----w- c:\documents and settings\Administrator
2011-01-13 22:45 . 2011-01-19 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Trymedia
2011-01-12 23:44 . 2011-01-12 23:44 -------- d-----w- c:\program files\EA GAMES
2011-01-12 12:43 . 2011-01-19 15:26 -------- d-----w- c:\program files\Euro Truck Simulator
2011-01-12 09:24 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\Data aplikací\DAEMON Tools Lite
2011-01-12 09:24 . 2011-01-12 18:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-10 10:01 . 2011-01-10 10:03 -------- d-----w- C:\Games
2011-01-09 23:25 . 2011-01-09 23:25 -------- d-----w- c:\program files\Kickbach Studios
2011-01-09 22:51 . 2011-01-09 22:51 -------- d-----w- c:\program files\GameTop.com
2011-01-09 21:07 . 2011-01-09 21:07 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-09 21:07 . 2011-01-09 21:07 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-09 15:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-09 15:29 . 2011-01-19 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-09 15:29 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-09 09:49 . 2011-01-17 16:33 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-09 08:30 . 2011-01-09 08:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-01-08 23:40 . 2011-01-17 16:34 -------- d-----w- c:\program files\Promosoft Corporation
2011-01-08 22:36 . 2011-01-08 22:36 -------- d-----w- c:\program files\Blaze Audio
2011-01-04 20:25 . 2011-01-04 20:25 -------- d-----w- C:\Nexon
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\treeskp.sys
2011-01-02 14:41 . 2011-01-02 15:33 5 ----a-w- c:\windows\sbacknt.bin
2011-01-02 11:21 . 2011-01-02 11:21 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\SoundSpectrum
2011-01-01 22:26 . 2011-01-02 11:20 -------- d-----w- c:\program files\Glary Utilities
2011-01-01 21:53 . 2011-01-02 11:20 -------- d-----w- c:\program files\Wise PC Engineer
2011-01-01 19:07 . 2011-01-19 15:24 -------- d-----w- c:\documents and settings\Pc\Data aplikací\SoundSpectrum
2011-01-01 18:59 . 2011-01-01 18:59 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DFX
2011-01-01 18:56 . 2011-01-01 18:56 -------- d-----w- c:\program files\Common Files\DFX
2011-01-01 18:30 . 2010-09-10 17:49 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2011-01-01 18:30 . 2011-01-19 15:24 -------- d-----w- c:\program files\SoundSpectrum
2011-01-01 00:18 . 2011-01-01 00:48 -------- d-----w- c:\documents and settings\Pc\DoctorWeb
2010-12-31 00:43 . 2010-12-31 00:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Macrovision
2010-12-31 00:00 . 2010-12-31 00:01 -------- d-----w- c:\documents and settings\Pc\Data aplikací\IObit
2010-12-30 15:39 . 2010-12-30 15:40 -------- d-----w- c:\documents and settings\Pc\KBCertifikat
2010-12-30 14:36 . 2011-01-19 15:25 -------- d-----w- c:\documents and settings\Pc\kbpki
2010-12-29 22:33 . 2010-12-29 22:33 -------- d-----w- c:\documents and settings\Pc\Data aplikací\GRETECH
2010-12-29 22:11 . 2010-12-29 22:11 -------- d-----w- c:\program files\CCleaner
2010-12-29 21:50 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-12-29 21:21 . 2008-04-14 07:52 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-12-29 21:21 . 2008-04-14 07:52 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-12-29 21:21 . 2001-10-24 11:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-12-29 21:21 . 2001-10-24 11:25 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-12-29 21:21 . 2001-10-24 11:25 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-12-29 21:21 . 2001-08-18 05:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-12-29 21:21 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-12-29 21:19 . 2008-04-13 21:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2010-12-29 21:18 . 2001-08-17 20:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2010-12-29 21:17 . 2001-10-24 11:25 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-12-29 21:16 . 2001-08-17 21:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-12-29 21:15 . 2001-08-17 20:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-12-29 21:14 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2010-12-29 21:13 . 2001-10-24 11:25 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-12-29 21:12 . 2001-07-21 21:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-12-29 21:11 . 2001-10-24 11:24 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2010-12-29 21:10 . 2001-10-24 11:25 9728 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-12-29 21:09 . 2001-10-24 11:25 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2010-12-29 21:08 . 2001-08-17 19:11 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2010-12-29 21:07 . 2001-08-17 19:12 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-12-29 21:06 . 2001-10-24 11:24 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-12-29 21:05 . 2008-04-14 12:00 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-12-29 21:04 . 2001-10-24 11:23 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2010-12-29 21:03 . 2001-10-24 10:46 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2010-12-29 21:02 . 2001-08-17 19:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2010-12-29 21:01 . 2001-08-17 21:05 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2010-12-29 21:00 . 2001-08-17 20:28 542879 -c--a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-12-29 20:59 . 2001-10-24 11:24 83968 -c--a-w- c:\windows\system32\dllcache\hpgt21.dll
2010-12-29 20:58 . 2001-08-17 19:14 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-12-29 20:58 . 2001-08-17 19:14 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2010-12-29 20:58 . 2008-04-13 21:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-12-29 20:56 . 2001-08-17 19:19 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2010-12-29 20:55 . 2008-04-14 12:00 20192 -c--a-w- c:\windows\system32\dllcache\dpti2o.sys
2010-12-29 20:54 . 2001-08-17 19:12 63208 -c--a-w- c:\windows\system32\dllcache\dc21x4.sys
2010-12-29 20:53 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-12-29 20:52 . 2001-10-24 10:49 39552 -c--a-w- c:\windows\system32\dllcache\brparwdm.sys
2010-12-29 20:51 . 2001-08-17 19:49 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys
2010-12-29 20:50 . 2001-10-24 11:24 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-12-29 13:07 . 2010-12-29 13:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\TS3Client
2010-12-29 11:59 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2010-12-29 11:59 . 2010-11-11 12:27 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-12-29 11:59 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-12-29 11:59 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2010-12-29 11:59 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2010-12-29 11:59 . 2011-01-19 15:24 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-12-29 11:57 . 2010-12-29 11:57 -------- d-----w- c:\program files\Conduit
2010-12-29 11:47 . 2010-12-29 16:09 -------- d-----w- c:\program files\Xfire
2010-12-29 11:35 . 2010-12-29 11:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Ventrilo
2010-12-29 10:43 . 2010-12-29 10:47 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Registry Mechanic
2010-12-29 10:41 . 2010-12-29 10:41 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2010-12-29 10:41 . 2010-12-29 20:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2010-12-29 10:39 . 2010-12-29 10:47 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-29 10:32 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2010-12-29 10:32 . 2010-11-26 17:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2010-12-23 14:37 . 1999-01-10 10:00 3584 ----a-w- c:\windows\system32\drivers\DLPortIO.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-09 17:14 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-09 17:14 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-09 17:14 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-09 17:14 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-09 17:14 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-09 17:14 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-09 17:14 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-09 17:14 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-31 20:06 . 2010-09-09 17:34 38848 ----a-w- c:\windows\avastSS.scr
2010-11-30 16:06 . 2010-09-07 13:17 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-18 18:15 . 2010-09-07 11:35 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2010-09-07 13:17 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-13 17:19 . 2010-09-25 12:39 152904 ----a-w- c:\windows\system32\vghd.scr
2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 17:15 . 2010-09-07 13:17 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2010-09-07 13:17 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2010-09-07 13:17 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2010-09-07 13:17 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2010-09-07 13:17 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2010-09-07 13:17 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2010-09-07 13:17 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2010-09-07 13:17 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2010-09-07 13:17 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:25 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-30 06:09 . 2010-10-30 06:09 675840 ----a-w- c:\windows\system32\yowindow.scr
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2010-09-07 13:16 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 106544]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\Pc\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Game Alarm.lnk - c:\games\Game Alarm\gamealarm.exe [2011-1-10 19631104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-09-27 12:49 87424 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^DesktopVideoPlayer.LNK]
backup=c:\windows\pss\DesktopVideoPlayer.LNKStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^YoWindow.lnk]
backup=c:\windows\pss\YoWindow.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGEIA PhysX SysTray]
2007-07-23 07:05 345640 ----a-w- c:\program files\AGEIA Technologies\bin\TrayIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKHOTKEY]
2007-07-12 08:25 225280 ----a-w- c:\program files\ATK Hotkey\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2007-10-17 17:04 7737344 ----a-w- c:\program files\ATKOSD2\ATKOSD2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeskMateAutoUpdate]
2010-09-26 12:18 25896 ----a-w- c:\progra~1\DESKMA~1\DeskMateAutoUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2010-04-28 22:28 3727411 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeApp]
2010-12-29 20:54 814496 ----a-w- c:\program files\FreeApps\FreeApps.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]
2006-10-14 15:37 110592 ----a-w- c:\windows\ATK0100\HControl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-11-16 19:34 19722344 ----a-w- c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
2010-10-07 13:55 488728 ----a-w- c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-12-03 15:46 16862600 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-11-03 17:15 1833576 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-19 00:05 1242448 ----a-w- c:\program files\Steam\Steam.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\vghd\\vghd.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Microsoft Games\\MechCommander2\\Mc2Rel.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\ProgDVB\\ProgDvbNet.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Singles\\singles.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [29.12.2010 11:32 14776]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.9.2010 18:14 294608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [19.1.2011 15:11 218176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.9.2010 18:14 17744]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPortIO.sys [23.12.2010 15:37 3584]
R2 ProgDVBService;ProgDVB Scheduler Service;c:\program files\ProgDVB\ProgDvbService.exe [20.11.2010 19:57 11504]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [18.1.2011 17:48 66944]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.9.2010 2:12 27632]
S0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
S2 RadPciNT;RadPciNT;c:\windows\system32\drivers\RadPciNT.sys [24.4.2000 17:26 9417]
S3 Aken;Aken;c:\documents and settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys [17.6.2007 11:29 3712]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.12.2010 12:59 1691480]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [5.11.2010 15:34 16512]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.9.2010 2:12 13224]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [11.9.2010 15:25 384752]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
2011-01-19 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-01-01 13:13]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.msn.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {{CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\program files\Crawler\SSaver\CSSaver.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
TCP: {6669472D-419A-407C-9F8D-0C3BD382DC2B} = 160.218.43.200 194.228.211.33
FF - ProfilePath - c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - c:\program files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Silvermel and Charamel XT: silvermelxt@pardal.de - %profile%\extensions\silvermelxt@pardal.de
FF - Ext: Silvermel: silvermel@pardal.de - %profile%\extensions\silvermel@pardal.de
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: AddThis: {3e0e7d2a-070f-4a47-b019-91fe5385ba79} - %profile%\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
FF - Ext: Complete YouTube Saver: {AF445D67-154C-4c69-A17B-7F392BCC36A3} - %profile%\extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-19 23:12
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
.
Celkový čas: 2011-01-19 23:15:15
ComboFix-quarantined-files.txt 2011-01-19 22:15
ComboFix2.txt 2011-01-19 20:53
Před spuštěním: Volných bajtů: 140 492 120 064
Po spuštění: Volných bajtů: 140 463 448 064
- - End Of File - - F76B0F7BF13CD63CF93AC4791E3D1255
Re: prosím o kontrolu logu
Jak se má počítač? 
Re: prosím o kontrolu logu
Internet super,ale složka "videa" stále padá.A taky mne zaráží složka software v dokumentech.Najedu myší na složku a objeví se okno s obsahem 141MB,ale při otevření složky,tam nic není,prostě prázdná složka.
Re: prosím o kontrolu logu
Musíš si odkrýt skryté a systémové soubory
start - ovládací panely - možnosti složky - záložka zobrazení
start - ovládací panely - možnosti složky - záložka zobrazení
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 97 hostů