Log z Avengeru by se ti měl objevit po restartu a najetí do Win. Jinak ho najdeš v tomto souboru: C:\avenger.txt
Pokud tam bude, tak sem zkopíruj celý jeho obsah. Podle všeho ale neproběhl, tak zkus znovu použít Avenger.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Vytvoř si tento skriptik, ulož si ho na disk:
Spusť Poznámkový blok (Notepad): Start -> Spustit.. otevře se ti okno a do něj napiš notepad a dej Ok.
Otevře se ti poznámkový blok a do něj zkopíruj tento tučně označený text:
If Exist avs.txt del /q avs.txt
cd %windir%\system32\fibagbia
dir /a /-c /o:-d /t:c >> %systemdrive%\avs.txt
start %systemdrive%\avs.txt
pause
Del /q %systemdrive%\avs.txt
Zvol v menu záložku Soubor -> Uložit jako... a natav/vyplň tyto údaje
Název souboru: ctffind.bat
Uložit jako typ: Všechny soubory
Po chvíli hledání se zobrazí nové okno s výsledky, zkopíruj sem prosím celý jeho obsah .
trojani
avenger:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\txxhuvgr
*******************
Script file located at: \??\C:\osvsaerc.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\system32\yaywtsp.dll deleted successfully.
Folder C:\Recycled not found!
Deletion of folder C:\Recycled failed!
Could not process line:
C:\Recycled
Status: 0xc0000034
Folder D:\Recycled not found!
Deletion of folder D:\Recycled failed!
Could not process line:
D:\Recycled
Status: 0xc0000034
Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yaywtsp deleted successfully.
Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb} deleted successfully.
Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E794189-7575-4306-8F49-CCDD291A59CD} deleted successfully.
Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks|{1E794189-7575-4306-8F49-CCDD291A59CD} deleted successfully.
Registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|D_V_T deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\txxhuvgr
*******************
Script file located at: \??\C:\osvsaerc.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\system32\yaywtsp.dll deleted successfully.
Folder C:\Recycled not found!
Deletion of folder C:\Recycled failed!
Could not process line:
C:\Recycled
Status: 0xc0000034
Folder D:\Recycled not found!
Deletion of folder D:\Recycled failed!
Could not process line:
D:\Recycled
Status: 0xc0000034
Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yaywtsp deleted successfully.
Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb} deleted successfully.
Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E794189-7575-4306-8F49-CCDD291A59CD} deleted successfully.
Registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks|{1E794189-7575-4306-8F49-CCDD291A59CD} deleted successfully.
Registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|D_V_T deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
dss:
Deckard's System Scanner v20071014.68
Run by Tobiba on 2007-11-24 12:54:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Tobiba.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54, on 2007-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\mHotkey.exe
C:\Program Files\Nod32\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\All Users\Data aplikací\U3\U3Launcher\LaunchU3.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Nod32\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tobiba\Plocha\dss.exe
D:\INSTALL\NATROJ~1\Tobiba.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb} - (no file)
O2 - BHO: (no name) - {1E794189-7575-4306-8F49-CCDD291A59CD} - C:\WINDOWS\system32\yaywtsp.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Nod32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVCLOCK] Rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\Software\..\Telephony: DomainName = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: yaywtsp - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Nod32\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 5875 bytes
-- Files created between 2007-10-24 and 2007-11-24 -----------------------------
2007-11-22 00:00:00 0 d-------- C:\Program Files\Lavasoft
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\zts2.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\systems.txt
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundll16.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundl132.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\logo1_.exe
2007-11-21 22:20:46 0 d-------- C:\Program Files\CCleaner
2007-11-21 18:32:36 0 d-------- C:\Program Files\Spyware Doctor
2007-11-19 16:53:20 0 d-------- C:\Program Files\Labtec
2007-11-15 16:51:23 0 d-------- C:\Program Files\CzDC-0699[B1]
2007-11-14 19:34:43 0 d-------- C:\Program Files\AnswerWorks 4.0
2007-11-14 19:27:37 0 d-------- C:\Program Files\AutoCAD 2007
2007-11-14 19:22:55 0 d-------- C:\Program Files\Autodesk
2007-11-13 19:05:47 0 d-------- C:\WINDOWS\system32\fibagbia
2007-11-13 19:05:42 0 d-------- C:\Program Files\Cartyerp
2007-11-03 12:12:46 97792 --a------ C:\WINDOWS\system32\LGUICOM.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 104960 --a------ C:\WINDOWS\system32\COMNCTR.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 0 d-------- C:\Program Files\Logitech
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files\Logitech
2007-10-25 11:02:43 0 d-------- C:\Program Files\Common Files\FINE Shared
2007-10-25 10:56:28 264704 --a------ C:\WINDOWS\system32\hlvdd.dll <Not Verified; Aladdin Knowledge Systems; Hardlock Win32 DLL>
2007-10-25 10:56:28 6656 --a------ C:\WINDOWS\system32\haspvdd.dll <Not Verified; Aladdin Knowledge Systems.; Windows NT HASP Virtual Device Driver>
2007-10-25 10:56:28 383 --a------ C:\WINDOWS\system32\haspdos.sys
2007-10-25 10:56:28 453632 --a------ C:\WINDOWS\system32\drivers\hardlock.sys <Not Verified; Aladdin Knowledge Systems; Hardlock Device Driver for Windows NT>
2007-10-25 10:52:07 47616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys <Not Verified; Aladdin Knowledge Systems; Windows NT HASP Kernel Device Driver>
-- Find3M Report ---------------------------------------------------------------
2007-11-23 21:58:22 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\U3
2007-11-22 13:14:49 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\OpenOffice.org2
2007-11-21 23:59:20 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-21 18:34:29 402000 --a------ C:\WINDOWS\system32\perfh005.dat
2007-11-21 18:34:29 74606 --a------ C:\WINDOWS\system32\perfc005.dat
2007-11-21 18:32:36 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\PC Tools
2007-11-21 17:11:13 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-11-21 17:02:03 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\foobar2000
2007-11-19 11:33:18 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Skype
2007-11-14 23:55:07 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Autodesk
2007-11-14 19:41:35 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2007-11-14 17:33:09 0 d-------- C:\Program Files\totalcmd
2007-11-14 12:35:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\WinRAR
2007-11-13 18:43:31 0 d-------- C:\Program Files\HP
2007-11-13 18:37:33 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\HP
2007-11-08 09:51:36 316 --a------ C:\drmHeader.bin
2007-11-08 01:29:37 0 d-------- C:\Program Files\Plaxis72
2007-11-03 12:12:46 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files
2007-10-24 20:37:05 2322176 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Operační systém Microsoft® Windows®>
2007-10-24 14:11:57 0 d-------- C:\Program Files\PowerConverter
2007-10-23 07:33:32 0 d-------- C:\Program Files\Java
2007-10-22 21:02:15 0 d-------- C:\Program Files\Skype
2007-10-22 21:02:13 0 d-------- C:\Program Files\Common Files\Skype
2007-10-21 23:56:30 0 d-------- C:\Program Files\QIP
2007-10-15 22:27:14 0 d-------- C:\Program Files\Mv2Player
2007-10-08 20:47:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\TuneUp Software
2007-10-03 00:18:32 0 d-------- C:\Program Files\Partion magic
2007-10-02 21:22:12 0 d-------- C:\Program Files\MSI
2007-09-26 12:07:18 0 d-------- C:\Program Files\Google
2007-09-24 04:52:52 0 d-------- C:\Program Files\DivX
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:22:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-09-17 19:22:58 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 00:07:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-09-17 00:07:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-09-17 00:07:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-09-17 00:07:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-09-17 00:07:00 1478656 --a------ C:\WINDOWS\system32\nview.dll
2007-09-17 00:07:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-09-17 00:07:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-09-17 00:07:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1E794189-7575-4306-8F49-CCDD291A59CD}]
C:\WINDOWS\system32\yaywtsp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-04 13:12 C:\WINDOWS\soundman.exe]
"CHotkey"="mHotkey.exe" [2002-07-05 15:37 C:\WINDOWS\mHotkey.exe]
"nod32kui"="C:\Program Files\Nod32\nod32kui.exe" [2007-04-24 19:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 C:\WINDOWS\KHALMNPR.Exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 00:07]
"nwiz"="nwiz.exe" [2007-09-17 00:07 C:\WINDOWS\system32\nwiz.exe]
"NVCLOCK"="nvclock.dll" [2003-04-14 02:59 C:\WINDOWS\system32\nvclock.dll]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 00:07]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 09:50 C:\WINDOWS\LOGI_MWX.EXE]
"LWBKEYBOARD"="C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe" [2005-01-28 11:23]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
C:\Documents and Settings\Tobiba\Nabˇdka Start\Programy\Po spuçtŘnˇ\
LaunchU3.exe.lnk - C:\Documents and Settings\Tobiba\Data aplikacˇ\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2007-10-25 00:58:54]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 14:43:54]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yaywtsp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^3D!Turbo Experience.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\3D!Turbo Experience.lnk
backup=C:\WINDOWS\pss\3D!Turbo Experience.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^CZDC++ pro KN HuB.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\CZDC++ pro KN HuB.lnk
backup=C:\WINDOWS\pss\CZDC++ pro KN HuB.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
UxTuneUp
-- End of Deckard's System Scanner: finished at 2007-11-24 12:55:22 ------------
Deckard's System Scanner v20071014.68
Run by Tobiba on 2007-11-24 12:54:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Tobiba.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54, on 2007-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\mHotkey.exe
C:\Program Files\Nod32\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\All Users\Data aplikací\U3\U3Launcher\LaunchU3.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Nod32\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tobiba\Plocha\dss.exe
D:\INSTALL\NATROJ~1\Tobiba.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb} - (no file)
O2 - BHO: (no name) - {1E794189-7575-4306-8F49-CCDD291A59CD} - C:\WINDOWS\system32\yaywtsp.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Nod32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVCLOCK] Rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\Software\..\Telephony: DomainName = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: yaywtsp - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Nod32\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 5875 bytes
-- Files created between 2007-10-24 and 2007-11-24 -----------------------------
2007-11-22 00:00:00 0 d-------- C:\Program Files\Lavasoft
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\zts2.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\systems.txt
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundll16.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundl132.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\logo1_.exe
2007-11-21 22:20:46 0 d-------- C:\Program Files\CCleaner
2007-11-21 18:32:36 0 d-------- C:\Program Files\Spyware Doctor
2007-11-19 16:53:20 0 d-------- C:\Program Files\Labtec
2007-11-15 16:51:23 0 d-------- C:\Program Files\CzDC-0699[B1]
2007-11-14 19:34:43 0 d-------- C:\Program Files\AnswerWorks 4.0
2007-11-14 19:27:37 0 d-------- C:\Program Files\AutoCAD 2007
2007-11-14 19:22:55 0 d-------- C:\Program Files\Autodesk
2007-11-13 19:05:47 0 d-------- C:\WINDOWS\system32\fibagbia
2007-11-13 19:05:42 0 d-------- C:\Program Files\Cartyerp
2007-11-03 12:12:46 97792 --a------ C:\WINDOWS\system32\LGUICOM.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 104960 --a------ C:\WINDOWS\system32\COMNCTR.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 0 d-------- C:\Program Files\Logitech
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files\Logitech
2007-10-25 11:02:43 0 d-------- C:\Program Files\Common Files\FINE Shared
2007-10-25 10:56:28 264704 --a------ C:\WINDOWS\system32\hlvdd.dll <Not Verified; Aladdin Knowledge Systems; Hardlock Win32 DLL>
2007-10-25 10:56:28 6656 --a------ C:\WINDOWS\system32\haspvdd.dll <Not Verified; Aladdin Knowledge Systems.; Windows NT HASP Virtual Device Driver>
2007-10-25 10:56:28 383 --a------ C:\WINDOWS\system32\haspdos.sys
2007-10-25 10:56:28 453632 --a------ C:\WINDOWS\system32\drivers\hardlock.sys <Not Verified; Aladdin Knowledge Systems; Hardlock Device Driver for Windows NT>
2007-10-25 10:52:07 47616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys <Not Verified; Aladdin Knowledge Systems; Windows NT HASP Kernel Device Driver>
-- Find3M Report ---------------------------------------------------------------
2007-11-23 21:58:22 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\U3
2007-11-22 13:14:49 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\OpenOffice.org2
2007-11-21 23:59:20 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-21 18:34:29 402000 --a------ C:\WINDOWS\system32\perfh005.dat
2007-11-21 18:34:29 74606 --a------ C:\WINDOWS\system32\perfc005.dat
2007-11-21 18:32:36 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\PC Tools
2007-11-21 17:11:13 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-11-21 17:02:03 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\foobar2000
2007-11-19 11:33:18 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Skype
2007-11-14 23:55:07 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Autodesk
2007-11-14 19:41:35 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2007-11-14 17:33:09 0 d-------- C:\Program Files\totalcmd
2007-11-14 12:35:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\WinRAR
2007-11-13 18:43:31 0 d-------- C:\Program Files\HP
2007-11-13 18:37:33 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\HP
2007-11-08 09:51:36 316 --a------ C:\drmHeader.bin
2007-11-08 01:29:37 0 d-------- C:\Program Files\Plaxis72
2007-11-03 12:12:46 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files
2007-10-24 20:37:05 2322176 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Operační systém Microsoft® Windows®>
2007-10-24 14:11:57 0 d-------- C:\Program Files\PowerConverter
2007-10-23 07:33:32 0 d-------- C:\Program Files\Java
2007-10-22 21:02:15 0 d-------- C:\Program Files\Skype
2007-10-22 21:02:13 0 d-------- C:\Program Files\Common Files\Skype
2007-10-21 23:56:30 0 d-------- C:\Program Files\QIP
2007-10-15 22:27:14 0 d-------- C:\Program Files\Mv2Player
2007-10-08 20:47:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\TuneUp Software
2007-10-03 00:18:32 0 d-------- C:\Program Files\Partion magic
2007-10-02 21:22:12 0 d-------- C:\Program Files\MSI
2007-09-26 12:07:18 0 d-------- C:\Program Files\Google
2007-09-24 04:52:52 0 d-------- C:\Program Files\DivX
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:22:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-09-17 19:22:58 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 00:07:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-09-17 00:07:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-09-17 00:07:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-09-17 00:07:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-09-17 00:07:00 1478656 --a------ C:\WINDOWS\system32\nview.dll
2007-09-17 00:07:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-09-17 00:07:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-09-17 00:07:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1E794189-7575-4306-8F49-CCDD291A59CD}]
C:\WINDOWS\system32\yaywtsp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-04 13:12 C:\WINDOWS\soundman.exe]
"CHotkey"="mHotkey.exe" [2002-07-05 15:37 C:\WINDOWS\mHotkey.exe]
"nod32kui"="C:\Program Files\Nod32\nod32kui.exe" [2007-04-24 19:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 C:\WINDOWS\KHALMNPR.Exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 00:07]
"nwiz"="nwiz.exe" [2007-09-17 00:07 C:\WINDOWS\system32\nwiz.exe]
"NVCLOCK"="nvclock.dll" [2003-04-14 02:59 C:\WINDOWS\system32\nvclock.dll]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 00:07]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 09:50 C:\WINDOWS\LOGI_MWX.EXE]
"LWBKEYBOARD"="C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe" [2005-01-28 11:23]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
C:\Documents and Settings\Tobiba\Nabˇdka Start\Programy\Po spuçtŘnˇ\
LaunchU3.exe.lnk - C:\Documents and Settings\Tobiba\Data aplikacˇ\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2007-10-25 00:58:54]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 14:43:54]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yaywtsp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^3D!Turbo Experience.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\3D!Turbo Experience.lnk
backup=C:\WINDOWS\pss\3D!Turbo Experience.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^CZDC++ pro KN HuB.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\CZDC++ pro KN HuB.lnk
backup=C:\WINDOWS\pss\CZDC++ pro KN HuB.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
UxTuneUp
-- End of Deckard's System Scanner: finished at 2007-11-24 12:55:22 ------------
no a ten ctfind:
Svazek v jednotce C je SYSTEM.
Sériové číslo svazku je 2C25-2721.
Výpis adresáře C:\WINDOWS\system32\fibagbia
2007-11-13 19:05 1322 turnon1.gif
2007-11-13 19:05 1325 turnoff1.gif
2007-11-13 19:05 3485 top2.gif
2007-11-13 19:05 3572 top1.gif
2007-11-13 19:05 43 softleft_on.gif
2007-11-13 19:05 43 softleft_off.gif
2007-11-13 19:05 297 softbottom_on.gif
2007-11-13 19:05 423 softbottom_off.gif
2007-11-13 19:05 7548 soft3_on_ext.gif
2007-11-13 19:05 7520 soft3_on.gif
2007-11-13 19:05 9058 soft3_off_ext.gif
2007-11-13 19:05 9078 soft3_off.gif
2007-11-13 19:05 7062 soft2_on_ext.gif
2007-11-13 19:05 7046 soft2_on.gif
2007-11-13 19:05 8751 soft2_off_ext.gif
2007-11-13 19:05 8760 soft2_off.gif
2007-11-13 19:05 7423 soft1_on_ext.gif
2007-11-13 19:05 7372 soft1_on.gif
2007-11-13 19:05 8987 soft1_off_ext.gif
2007-11-13 19:05 8981 soft1_off.gif
2007-11-13 19:05 4254 s3.htm
2007-11-13 19:05 3854 s2.htm
2007-11-13 19:05 4589 s1.htm
2007-11-13 19:05 43 right1.gif
2007-11-13 19:05 1320 reinstall1.gif
2007-11-13 19:05 22174 mainframe.htm
2007-11-13 19:05 10182 main.htm
2007-11-13 19:05 5803 logo.gif
2007-11-13 19:05 51 li.gif
2007-11-13 19:05 44 left1.gif
2007-11-13 19:05 863 install1.gif
2007-11-13 19:05 15086 icon1.ico
2007-11-13 19:05 619 essentials.gif
2007-11-13 19:05 419 bottom1.gif
2007-11-13 19:05 283 bgtop.gif
2007-11-13 19:05 43 bg1.gif
2007-11-13 19:05 7462 SMTop4.gif
2007-11-13 19:05 7478 SMTop3.gif
2007-11-13 19:05 9082 SMTop2.gif
2007-11-13 19:05 9069 SMTop1.gif
2007-11-13 19:05 <DIR> .
2007-11-13 19:05 <DIR> ..
40 souborů, 210814 bajtů
Adresářů: 2, Volných bajtů: 8748544000
Svazek v jednotce C je SYSTEM.
Sériové číslo svazku je 2C25-2721.
Výpis adresáře C:\WINDOWS\system32\fibagbia
2007-11-13 19:05 1322 turnon1.gif
2007-11-13 19:05 1325 turnoff1.gif
2007-11-13 19:05 3485 top2.gif
2007-11-13 19:05 3572 top1.gif
2007-11-13 19:05 43 softleft_on.gif
2007-11-13 19:05 43 softleft_off.gif
2007-11-13 19:05 297 softbottom_on.gif
2007-11-13 19:05 423 softbottom_off.gif
2007-11-13 19:05 7548 soft3_on_ext.gif
2007-11-13 19:05 7520 soft3_on.gif
2007-11-13 19:05 9058 soft3_off_ext.gif
2007-11-13 19:05 9078 soft3_off.gif
2007-11-13 19:05 7062 soft2_on_ext.gif
2007-11-13 19:05 7046 soft2_on.gif
2007-11-13 19:05 8751 soft2_off_ext.gif
2007-11-13 19:05 8760 soft2_off.gif
2007-11-13 19:05 7423 soft1_on_ext.gif
2007-11-13 19:05 7372 soft1_on.gif
2007-11-13 19:05 8987 soft1_off_ext.gif
2007-11-13 19:05 8981 soft1_off.gif
2007-11-13 19:05 4254 s3.htm
2007-11-13 19:05 3854 s2.htm
2007-11-13 19:05 4589 s1.htm
2007-11-13 19:05 43 right1.gif
2007-11-13 19:05 1320 reinstall1.gif
2007-11-13 19:05 22174 mainframe.htm
2007-11-13 19:05 10182 main.htm
2007-11-13 19:05 5803 logo.gif
2007-11-13 19:05 51 li.gif
2007-11-13 19:05 44 left1.gif
2007-11-13 19:05 863 install1.gif
2007-11-13 19:05 15086 icon1.ico
2007-11-13 19:05 619 essentials.gif
2007-11-13 19:05 419 bottom1.gif
2007-11-13 19:05 283 bgtop.gif
2007-11-13 19:05 43 bg1.gif
2007-11-13 19:05 7462 SMTop4.gif
2007-11-13 19:05 7478 SMTop3.gif
2007-11-13 19:05 9082 SMTop2.gif
2007-11-13 19:05 9069 SMTop1.gif
2007-11-13 19:05 <DIR> .
2007-11-13 19:05 <DIR> ..
40 souborů, 210814 bajtů
Adresářů: 2, Volných bajtů: 8748544000
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb} - (no file)
O2 - BHO: (no name) - {1E794189-7575-4306-8F49-CCDD291A59CD} - C:\WINDOWS\system32\yaywtsp.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O20 - Winlogon Notify: yaywtsp - C:\WINDOWS\
po zaškrtnutí klikni na tlačítko Fix Checked
Použij znovu Avenger s tímto skriptem:
Folders to Delete:
C:\WINDOWS\system32\fibagbia
Vlož sem log z Avengeru a nový log z DSS.
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {0d6a9052-cf9e-43a7-95d2-d4d85e5d8fbb} - (no file)
O2 - BHO: (no name) - {1E794189-7575-4306-8F49-CCDD291A59CD} - C:\WINDOWS\system32\yaywtsp.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O20 - Winlogon Notify: yaywtsp - C:\WINDOWS\
po zaškrtnutí klikni na tlačítko Fix Checked
Použij znovu Avenger s tímto skriptem:
Folders to Delete:
C:\WINDOWS\system32\fibagbia
Vlož sem log z Avengeru a nový log z DSS.
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\lndodtun
*******************
Script file located at: \??\C:\Program Files\denufjnf.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Folder C:\WINDOWS\system32\fibagbia deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\lndodtun
*******************
Script file located at: \??\C:\Program Files\denufjnf.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Folder C:\WINDOWS\system32\fibagbia deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Deckard's System Scanner v20071014.68
Run by Tobiba on 2007-11-24 16:55:43
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Tobiba.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55, on 2007-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\mHotkey.exe
C:\Program Files\Nod32\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\All Users\Data aplikací\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Nod32\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tobiba\Plocha\dss.exe
D:\INSTALL\NATROJ~1\Tobiba.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Nod32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVCLOCK] Rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\Software\..\Telephony: DomainName = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Nod32\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 5409 bytes
-- Files created between 2007-10-24 and 2007-11-24 -----------------------------
2007-11-22 00:00:00 0 d-------- C:\Program Files\Lavasoft
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\zts2.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\systems.txt
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundll16.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundl132.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\logo1_.exe
2007-11-21 22:20:46 0 d-------- C:\Program Files\CCleaner
2007-11-21 18:32:36 0 d-------- C:\Program Files\Spyware Doctor
2007-11-19 16:53:20 0 d-------- C:\Program Files\Labtec
2007-11-15 16:51:23 0 d-------- C:\Program Files\CzDC-0699[B1]
2007-11-14 19:34:43 0 d-------- C:\Program Files\AnswerWorks 4.0
2007-11-14 19:27:37 0 d-------- C:\Program Files\AutoCAD 2007
2007-11-14 19:22:55 0 d-------- C:\Program Files\Autodesk
2007-11-13 19:05:42 0 d-------- C:\Program Files\Cartyerp
2007-11-03 12:12:46 97792 --a------ C:\WINDOWS\system32\LGUICOM.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 104960 --a------ C:\WINDOWS\system32\COMNCTR.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 0 d-------- C:\Program Files\Logitech
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files\Logitech
2007-10-25 11:02:43 0 d-------- C:\Program Files\Common Files\FINE Shared
2007-10-25 10:56:28 264704 --a------ C:\WINDOWS\system32\hlvdd.dll <Not Verified; Aladdin Knowledge Systems; Hardlock Win32 DLL>
2007-10-25 10:56:28 6656 --a------ C:\WINDOWS\system32\haspvdd.dll <Not Verified; Aladdin Knowledge Systems.; Windows NT HASP Virtual Device Driver>
2007-10-25 10:56:28 383 --a------ C:\WINDOWS\system32\haspdos.sys
2007-10-25 10:56:28 453632 --a------ C:\WINDOWS\system32\drivers\hardlock.sys <Not Verified; Aladdin Knowledge Systems; Hardlock Device Driver for Windows NT>
2007-10-25 10:52:07 47616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys <Not Verified; Aladdin Knowledge Systems; Windows NT HASP Kernel Device Driver>
-- Find3M Report ---------------------------------------------------------------
2007-11-23 21:58:22 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\U3
2007-11-22 13:14:49 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\OpenOffice.org2
2007-11-21 23:59:20 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-21 18:34:29 402000 --a------ C:\WINDOWS\system32\perfh005.dat
2007-11-21 18:34:29 74606 --a------ C:\WINDOWS\system32\perfc005.dat
2007-11-21 18:32:36 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\PC Tools
2007-11-21 17:11:13 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-11-21 17:02:03 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\foobar2000
2007-11-19 11:33:18 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Skype
2007-11-14 23:55:07 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Autodesk
2007-11-14 19:41:35 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2007-11-14 17:33:09 0 d-------- C:\Program Files\totalcmd
2007-11-14 12:35:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\WinRAR
2007-11-13 18:43:31 0 d-------- C:\Program Files\HP
2007-11-13 18:37:33 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\HP
2007-11-08 09:51:36 316 --a------ C:\drmHeader.bin
2007-11-08 01:29:37 0 d-------- C:\Program Files\Plaxis72
2007-11-03 12:12:46 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files
2007-10-24 20:37:05 2322176 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Operační systém Microsoft® Windows®>
2007-10-24 14:11:57 0 d-------- C:\Program Files\PowerConverter
2007-10-23 07:33:32 0 d-------- C:\Program Files\Java
2007-10-22 21:02:15 0 d-------- C:\Program Files\Skype
2007-10-22 21:02:13 0 d-------- C:\Program Files\Common Files\Skype
2007-10-21 23:56:30 0 d-------- C:\Program Files\QIP
2007-10-15 22:27:14 0 d-------- C:\Program Files\Mv2Player
2007-10-08 20:47:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\TuneUp Software
2007-10-03 00:18:32 0 d-------- C:\Program Files\Partion magic
2007-10-02 21:22:12 0 d-------- C:\Program Files\MSI
2007-09-26 12:07:18 0 d-------- C:\Program Files\Google
2007-09-24 04:52:52 0 d-------- C:\Program Files\DivX
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:22:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-09-17 19:22:58 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 00:07:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-09-17 00:07:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-09-17 00:07:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-09-17 00:07:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-09-17 00:07:00 1478656 --a------ C:\WINDOWS\system32\nview.dll
2007-09-17 00:07:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-09-17 00:07:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-09-17 00:07:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-04 13:12 C:\WINDOWS\soundman.exe]
"CHotkey"="mHotkey.exe" [2002-07-05 15:37 C:\WINDOWS\mHotkey.exe]
"nod32kui"="C:\Program Files\Nod32\nod32kui.exe" [2007-04-24 19:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 C:\WINDOWS\KHALMNPR.Exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 00:07]
"nwiz"="nwiz.exe" [2007-09-17 00:07 C:\WINDOWS\system32\nwiz.exe]
"NVCLOCK"="nvclock.dll" [2003-04-14 02:59 C:\WINDOWS\system32\nvclock.dll]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 00:07]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 09:50 C:\WINDOWS\LOGI_MWX.EXE]
"LWBKEYBOARD"="C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe" [2005-01-28 11:23]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
C:\Documents and Settings\Tobiba\Nabˇdka Start\Programy\Po spuçtŘnˇ\
LaunchU3.exe.lnk - C:\Documents and Settings\Tobiba\Data aplikacˇ\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2007-10-25 00:58:54]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 14:43:54]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^3D!Turbo Experience.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\3D!Turbo Experience.lnk
backup=C:\WINDOWS\pss\3D!Turbo Experience.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^CZDC++ pro KN HuB.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\CZDC++ pro KN HuB.lnk
backup=C:\WINDOWS\pss\CZDC++ pro KN HuB.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
UxTuneUp
-- End of Deckard's System Scanner: finished at 2007-11-24 16:56:22 ------------
Run by Tobiba on 2007-11-24 16:55:43
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Tobiba.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55, on 2007-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\mHotkey.exe
C:\Program Files\Nod32\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\All Users\Data aplikací\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Nod32\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tobiba\Plocha\dss.exe
D:\INSTALL\NATROJ~1\Tobiba.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Nod32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVCLOCK] Rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\Software\..\Telephony: DomainName = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Toscibuv_pc_v_kuchyni
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Nod32\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 5409 bytes
-- Files created between 2007-10-24 and 2007-11-24 -----------------------------
2007-11-22 00:00:00 0 d-------- C:\Program Files\Lavasoft
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\zts2.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\systems.txt
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundll16.exe
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\rundl132.dll
2007-11-21 22:31:28 0 d-a------ C:\WINDOWS\logo1_.exe
2007-11-21 22:20:46 0 d-------- C:\Program Files\CCleaner
2007-11-21 18:32:36 0 d-------- C:\Program Files\Spyware Doctor
2007-11-19 16:53:20 0 d-------- C:\Program Files\Labtec
2007-11-15 16:51:23 0 d-------- C:\Program Files\CzDC-0699[B1]
2007-11-14 19:34:43 0 d-------- C:\Program Files\AnswerWorks 4.0
2007-11-14 19:27:37 0 d-------- C:\Program Files\AutoCAD 2007
2007-11-14 19:22:55 0 d-------- C:\Program Files\Autodesk
2007-11-13 19:05:42 0 d-------- C:\Program Files\Cartyerp
2007-11-03 12:12:46 97792 --a------ C:\WINDOWS\system32\LGUICOM.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 104960 --a------ C:\WINDOWS\system32\COMNCTR.DLL <Not Verified; Logitech Inc.; MouseWare>
2007-11-03 12:12:46 0 d-------- C:\Program Files\Logitech
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files\Logitech
2007-10-25 11:02:43 0 d-------- C:\Program Files\Common Files\FINE Shared
2007-10-25 10:56:28 264704 --a------ C:\WINDOWS\system32\hlvdd.dll <Not Verified; Aladdin Knowledge Systems; Hardlock Win32 DLL>
2007-10-25 10:56:28 6656 --a------ C:\WINDOWS\system32\haspvdd.dll <Not Verified; Aladdin Knowledge Systems.; Windows NT HASP Virtual Device Driver>
2007-10-25 10:56:28 383 --a------ C:\WINDOWS\system32\haspdos.sys
2007-10-25 10:56:28 453632 --a------ C:\WINDOWS\system32\drivers\hardlock.sys <Not Verified; Aladdin Knowledge Systems; Hardlock Device Driver for Windows NT>
2007-10-25 10:52:07 47616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys <Not Verified; Aladdin Knowledge Systems; Windows NT HASP Kernel Device Driver>
-- Find3M Report ---------------------------------------------------------------
2007-11-23 21:58:22 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\U3
2007-11-22 13:14:49 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\OpenOffice.org2
2007-11-21 23:59:20 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-21 18:34:29 402000 --a------ C:\WINDOWS\system32\perfh005.dat
2007-11-21 18:34:29 74606 --a------ C:\WINDOWS\system32\perfc005.dat
2007-11-21 18:32:36 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\PC Tools
2007-11-21 17:11:13 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-11-21 17:02:03 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\foobar2000
2007-11-19 11:33:18 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Skype
2007-11-14 23:55:07 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\Autodesk
2007-11-14 19:41:35 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2007-11-14 17:33:09 0 d-------- C:\Program Files\totalcmd
2007-11-14 12:35:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\WinRAR
2007-11-13 18:43:31 0 d-------- C:\Program Files\HP
2007-11-13 18:37:33 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\HP
2007-11-08 09:51:36 316 --a------ C:\drmHeader.bin
2007-11-08 01:29:37 0 d-------- C:\Program Files\Plaxis72
2007-11-03 12:12:46 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-03 12:12:46 0 d-------- C:\Program Files\Common Files
2007-10-24 20:37:05 2322176 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Operační systém Microsoft® Windows®>
2007-10-24 14:11:57 0 d-------- C:\Program Files\PowerConverter
2007-10-23 07:33:32 0 d-------- C:\Program Files\Java
2007-10-22 21:02:15 0 d-------- C:\Program Files\Skype
2007-10-22 21:02:13 0 d-------- C:\Program Files\Common Files\Skype
2007-10-21 23:56:30 0 d-------- C:\Program Files\QIP
2007-10-15 22:27:14 0 d-------- C:\Program Files\Mv2Player
2007-10-08 20:47:42 0 d-------- C:\Documents and Settings\Tobiba\Data aplikací\TuneUp Software
2007-10-03 00:18:32 0 d-------- C:\Program Files\Partion magic
2007-10-02 21:22:12 0 d-------- C:\Program Files\MSI
2007-09-26 12:07:18 0 d-------- C:\Program Files\Google
2007-09-24 04:52:52 0 d-------- C:\Program Files\DivX
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:23:00 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 19:22:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-09-17 19:22:58 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-17 00:07:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-09-17 00:07:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-09-17 00:07:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-09-17 00:07:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-09-17 00:07:00 1478656 --a------ C:\WINDOWS\system32\nview.dll
2007-09-17 00:07:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-09-17 00:07:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-09-17 00:07:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-04 13:12 C:\WINDOWS\soundman.exe]
"CHotkey"="mHotkey.exe" [2002-07-05 15:37 C:\WINDOWS\mHotkey.exe]
"nod32kui"="C:\Program Files\Nod32\nod32kui.exe" [2007-04-24 19:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 C:\WINDOWS\KHALMNPR.Exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 00:07]
"nwiz"="nwiz.exe" [2007-09-17 00:07 C:\WINDOWS\system32\nwiz.exe]
"NVCLOCK"="nvclock.dll" [2003-04-14 02:59 C:\WINDOWS\system32\nvclock.dll]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 00:07]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 09:50 C:\WINDOWS\LOGI_MWX.EXE]
"LWBKEYBOARD"="C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe" [2005-01-28 11:23]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
C:\Documents and Settings\Tobiba\Nabˇdka Start\Programy\Po spuçtŘnˇ\
LaunchU3.exe.lnk - C:\Documents and Settings\Tobiba\Data aplikacˇ\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2007-10-25 00:58:54]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 14:43:54]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^3D!Turbo Experience.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\3D!Turbo Experience.lnk
backup=C:\WINDOWS\pss\3D!Turbo Experience.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^CZDC++ pro KN HuB.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\CZDC++ pro KN HuB.lnk
backup=C:\WINDOWS\pss\CZDC++ pro KN HuB.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tobiba^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Tobiba\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
UxTuneUp
-- End of Deckard's System Scanner: finished at 2007-11-24 16:56:22 ------------
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Stáhni si a spusť T-cleaner, odstraní zálohy a pozůstatky použitých programů.
Pro lepší zabezpečení by bylo dobré si doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině, čeština by měla být asi až od verze 3 která by se měl objevit v brzké době
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině
Logy vypadají dobře, máš ještě problémy?
Pro lepší zabezpečení by bylo dobré si doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině, čeština by měla být asi až od verze 3 která by se měl objevit v brzké době
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině
Logy vypadají dobře, máš ještě problémy?
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 83 hostů