poradimy nekdo kde najdu polosku WIN32 v PC
mam takovi vetsi problem z pos..... viry. Kopiji s vypisem jednoho cistice ratse davat zatim nebudu, nebo takovou zbirku jesce nikdo a nikdy nemnel.
viry
Re: viry
Inak v PC mam toto. To vse my nasel antivirak z tito stranky http://antivirus2008x.com/support/?mid= ... vVista&b=1
Infections found: 41
Trojan
autorun
Trojan-Dropper.MSWord.Lafool.h
This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user.
Backdoor
C:\Windows
Backdoor.Win32.Ruledor.c
This program is part of the backdoor family of malicious programs intended for remote administration.
Trojan
C:\Windows\System32
Trojan-Downloader.JS.Small.au
This Trojan is written in JavaScript, and is approximately 1KB in size. It is normally found in HTML pages which can be of any size.
Spyware
autorun
Trojan-Spy.Win32.PcGhost.340
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. It is written in Delphi. It is 241,152 bytes in size.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Agent.bvz
This Trojan is a Windows PE EXE file. It is 41,472 bytes in size.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.QDown.b
This Trojan downloads other malicious programs from the Internet and launches them on the victim machine. The program itself is a Windows PE EXE file.
Trojan
C:\Windows\System32
Trojan-IM.Win32.Faker.a
Programs in this family steal MSN Messenger passwords with the help of a fake dialogue box, where the MSN password should be entered.
Trojan
autorun
Trojan-Dropper.Win32.Small.es
This Trojan is designed to install and launch other malicious programs on the victim machine without the user's knowledge or consent. It is a Windows PE EXE file..
Trojan
C:\Windows\System32
Trojan-Downloader.VBS.Agent.fe
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Spyware
autorun
Trojan-Spy.Win32.Banker.asq
This Trojan will steal confidential user data when the user visits certain websites. It is a Windows PE EXE file.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Tiny.abt
This Trojan downloads another program via the Internet and launches it on the victim machine without the user's knowledge or consent. It is a Windows PE EXE file.
Trojan
C:\Windows\System32
Trojan.SymbOS.Skuller.a
This Trojan program infects mobile phones running Symbian. Any mobile running Symbian is potentially vulnerable.
Trojan
C:\Windows\System32
Trojan-PSW.Win32.Coced.215
This Trojan steals user passwords. It is designed to steal a range of confidential information.It is a Windows PE EXE file.It is 10,240 bytes in size. It is written in Visual C++.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Small.dsr
This malicious program downloads other programs from the Internet without the user's knowledge or consent and launches them on the victim machine.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Small.bdc
This Trojan downloads files from the Internet without the knowledge or consent of the user. The Trojan itself is a Windows PE EXE file 3072 bytes in size.
Spyware
autorun
Trojan-Spy.Win32.Dks.12.b
This Trojan logs the user's keystrokes. It is a Windows PE EXE file. It is written in Visual C++. The file is 13,824 bytes in size.
Trojan
C:\Program Files (x86)
Trojan-Downloader.VBS.Psyme.ci
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Trojan
C:\Program Files (x86)
Trojan-Downloader.VBS.Psyme.cu
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Trojan
C:\Windows
Trojan.BAT.DelSys.ai
This Trojan has a malicious payload. This Trojan is a BAT file. It is 3063 bytes in size.
Trojan
C:\Windows\System32
Trojan.Win32.AVKill.c
This Trojan has a malicious payload. It is a Windows PE EXE file. It is packed using UPX. It is written in C++. The size of infected files may vary from 6KB to 80KB.
Trojan
autorun
Trojan-Dropper.MSWord.Lafool.h
This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user.
Trojan
C:\Windows
Trojan.DOS.KillMBR.v
This Trojan program is a DOS Com file written in Assembler.On start-up, this Trojan writes random data to the MBR sector of the victim machine's first hard disk.
Trojan
C:\Windows\System32
Trojan-Clicker.Win32.Small.ie
This Trojan opens web pages without the knowledge or consent of the user. It is a Windows PE EXE file. It is 640 bytes in size. It is written in C++.
Spyware
autorun
Trojan-Spy.Win32.PcGhost.340
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. It is written in Delphi. It is 241,152 bytes in size.
Trojan
C:\Windows
Trojan.SymbOS.Appdisabler.j
This Trojan infects mobile phones running Symbian OS. The Trojan substitutes non-functioning or corrupted files for antivirus applications.
Trojan
C:\Program Files (x86)
Trojan-Downloader.VBS.Psyme.ci
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Backdoor
C:\Windows
Backdoor.Win32.Katien.a
Katien is a backdoor trojan program. The trojan itself is a Windows PE EXE file about 50KB in length and written in Microsoft Visual C++.
Trojan
C:\Windows\System32
Trojan.SymbOS.Skuller.a
This Trojan program infects mobile phones running Symbian. Any mobile running Symbian is potentially vulnerable.
Backdoor
C:\Windows
Backdoor.Win32.Papi.a
This Trojan will provide a remote malicious user with access to the victim machine. The Trojan itself is a Windows PE EXE file.
Spyware
autorun
Trojan-Spy.Win32.Goldun.gu
This Trojan spy program is designed to steal confidential financial information. The Trojan itself is a Windows PE EXE file approximately 25KB in size, packed using FSG.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Small.arf
This Trojan program is a Windows PE EXE file.
Trojan
C:\Windows\System32
Trojan.Win32.AnnoyingSaver
This text was written by Alexey Podrezov, F-Secure Corp.This Trojan horse installs a screensaver and doesn't allow it to be removed.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Agent.bq
This Trojan program is a Windows PE EXE file, 10 KB or greater in size.The Trojan is capable of downloading and launching files from the Internet on the victim machine.
Spyware
autorun
Trojan-Spy.Win32.Dks.12.b
This Trojan logs the user's keystrokes. It is a Windows PE EXE file. It is written in Visual C++. The file is 13,824 bytes in size.
Spyware
autorun
Trojan-Spy.Win32.Goldun.gu
This Trojan spy program is designed to steal confidential financial information. The Trojan itself is a Windows PE EXE file approximately 25KB in size, packed using FSG.
Spyware
autorun
Trojan-Spy.Win32.PcGhost.340
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. It is written in Delphi. It is 241,152 bytes in size.
Trojan
autorun
Trojan-Dropper.Win32.Agent.vw
This Trojan downloads other malicious programs to the victim machine without the user's knowledge or consent. The Trojan is a Windows PE EXE file an is 262717 bytes in size.
Backdoor
C:\Windows
Backdoor.Win32.DSSdoor.c
This Trojan program provides a remote malicious user with access to the victim machine. It is a Windows PE EXE file. The file is 419 969 bytes in size.
Backdoor
C:\Windows
Backdoor.Win32.TheThing.a
This text was written by Peter Szor, Data Fellows LtdThis backdoor copies itself with the EXPIORE.EXE name to the Windows directory.
Trojan
C:\Windows\System32
Trojan-Downloader.VBS.Agent.fz
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Backdoor
C:\Windows
Backdoor.Agobot.gen
This is a classical backdoor and allows a 'master' to control the victim machine remotely by sending commands via IRC channels.
Infections found: 41
Trojan
autorun
Trojan-Dropper.MSWord.Lafool.h
This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user.
Backdoor
C:\Windows
Backdoor.Win32.Ruledor.c
This program is part of the backdoor family of malicious programs intended for remote administration.
Trojan
C:\Windows\System32
Trojan-Downloader.JS.Small.au
This Trojan is written in JavaScript, and is approximately 1KB in size. It is normally found in HTML pages which can be of any size.
Spyware
autorun
Trojan-Spy.Win32.PcGhost.340
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. It is written in Delphi. It is 241,152 bytes in size.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Agent.bvz
This Trojan is a Windows PE EXE file. It is 41,472 bytes in size.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.QDown.b
This Trojan downloads other malicious programs from the Internet and launches them on the victim machine. The program itself is a Windows PE EXE file.
Trojan
C:\Windows\System32
Trojan-IM.Win32.Faker.a
Programs in this family steal MSN Messenger passwords with the help of a fake dialogue box, where the MSN password should be entered.
Trojan
autorun
Trojan-Dropper.Win32.Small.es
This Trojan is designed to install and launch other malicious programs on the victim machine without the user's knowledge or consent. It is a Windows PE EXE file..
Trojan
C:\Windows\System32
Trojan-Downloader.VBS.Agent.fe
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Spyware
autorun
Trojan-Spy.Win32.Banker.asq
This Trojan will steal confidential user data when the user visits certain websites. It is a Windows PE EXE file.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Tiny.abt
This Trojan downloads another program via the Internet and launches it on the victim machine without the user's knowledge or consent. It is a Windows PE EXE file.
Trojan
C:\Windows\System32
Trojan.SymbOS.Skuller.a
This Trojan program infects mobile phones running Symbian. Any mobile running Symbian is potentially vulnerable.
Trojan
C:\Windows\System32
Trojan-PSW.Win32.Coced.215
This Trojan steals user passwords. It is designed to steal a range of confidential information.It is a Windows PE EXE file.It is 10,240 bytes in size. It is written in Visual C++.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Small.dsr
This malicious program downloads other programs from the Internet without the user's knowledge or consent and launches them on the victim machine.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Small.bdc
This Trojan downloads files from the Internet without the knowledge or consent of the user. The Trojan itself is a Windows PE EXE file 3072 bytes in size.
Spyware
autorun
Trojan-Spy.Win32.Dks.12.b
This Trojan logs the user's keystrokes. It is a Windows PE EXE file. It is written in Visual C++. The file is 13,824 bytes in size.
Trojan
C:\Program Files (x86)
Trojan-Downloader.VBS.Psyme.ci
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Trojan
C:\Program Files (x86)
Trojan-Downloader.VBS.Psyme.cu
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Trojan
C:\Windows
Trojan.BAT.DelSys.ai
This Trojan has a malicious payload. This Trojan is a BAT file. It is 3063 bytes in size.
Trojan
C:\Windows\System32
Trojan.Win32.AVKill.c
This Trojan has a malicious payload. It is a Windows PE EXE file. It is packed using UPX. It is written in C++. The size of infected files may vary from 6KB to 80KB.
Trojan
autorun
Trojan-Dropper.MSWord.Lafool.h
This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user.
Trojan
C:\Windows
Trojan.DOS.KillMBR.v
This Trojan program is a DOS Com file written in Assembler.On start-up, this Trojan writes random data to the MBR sector of the victim machine's first hard disk.
Trojan
C:\Windows\System32
Trojan-Clicker.Win32.Small.ie
This Trojan opens web pages without the knowledge or consent of the user. It is a Windows PE EXE file. It is 640 bytes in size. It is written in C++.
Spyware
autorun
Trojan-Spy.Win32.PcGhost.340
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. It is written in Delphi. It is 241,152 bytes in size.
Trojan
C:\Windows
Trojan.SymbOS.Appdisabler.j
This Trojan infects mobile phones running Symbian OS. The Trojan substitutes non-functioning or corrupted files for antivirus applications.
Trojan
C:\Program Files (x86)
Trojan-Downloader.VBS.Psyme.ci
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Backdoor
C:\Windows
Backdoor.Win32.Katien.a
Katien is a backdoor trojan program. The trojan itself is a Windows PE EXE file about 50KB in length and written in Microsoft Visual C++.
Trojan
C:\Windows\System32
Trojan.SymbOS.Skuller.a
This Trojan program infects mobile phones running Symbian. Any mobile running Symbian is potentially vulnerable.
Backdoor
C:\Windows
Backdoor.Win32.Papi.a
This Trojan will provide a remote malicious user with access to the victim machine. The Trojan itself is a Windows PE EXE file.
Spyware
autorun
Trojan-Spy.Win32.Goldun.gu
This Trojan spy program is designed to steal confidential financial information. The Trojan itself is a Windows PE EXE file approximately 25KB in size, packed using FSG.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Small.arf
This Trojan program is a Windows PE EXE file.
Trojan
C:\Windows\System32
Trojan.Win32.AnnoyingSaver
This text was written by Alexey Podrezov, F-Secure Corp.This Trojan horse installs a screensaver and doesn't allow it to be removed.
Trojan
C:\Program Files (x86)
Trojan-Downloader.Win32.Agent.bq
This Trojan program is a Windows PE EXE file, 10 KB or greater in size.The Trojan is capable of downloading and launching files from the Internet on the victim machine.
Spyware
autorun
Trojan-Spy.Win32.Dks.12.b
This Trojan logs the user's keystrokes. It is a Windows PE EXE file. It is written in Visual C++. The file is 13,824 bytes in size.
Spyware
autorun
Trojan-Spy.Win32.Goldun.gu
This Trojan spy program is designed to steal confidential financial information. The Trojan itself is a Windows PE EXE file approximately 25KB in size, packed using FSG.
Spyware
autorun
Trojan-Spy.Win32.PcGhost.340
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. It is written in Delphi. It is 241,152 bytes in size.
Trojan
autorun
Trojan-Dropper.Win32.Agent.vw
This Trojan downloads other malicious programs to the victim machine without the user's knowledge or consent. The Trojan is a Windows PE EXE file an is 262717 bytes in size.
Backdoor
C:\Windows
Backdoor.Win32.DSSdoor.c
This Trojan program provides a remote malicious user with access to the victim machine. It is a Windows PE EXE file. The file is 419 969 bytes in size.
Backdoor
C:\Windows
Backdoor.Win32.TheThing.a
This text was written by Peter Szor, Data Fellows LtdThis backdoor copies itself with the EXPIORE.EXE name to the Windows directory.
Trojan
C:\Windows\System32
Trojan-Downloader.VBS.Agent.fz
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.
Backdoor
C:\Windows
Backdoor.Agobot.gen
This is a classical backdoor and allows a 'master' to control the victim machine remotely by sending commands via IRC channels.
Re: viry
viktor28 píše:mam vistu home basic
Hledam treba toto
C:\Windows
Backdoor.Win32.Ruledor.c
vyhledavac to nenasel. Ja hledam to Win32 asy to bude systemova slozka ale v system32to neni
Backdoor.Win32.Ruledor.c - název viru, to nenajdeš, respektive najdeš, ale bude to např. soubor ghwexsdfs.dll (sem si teď vymyslel), který antivir označil na Backdoor.Win32.Ruledor.c
Jinak ten výpis mi nic moc neřekne, protože tam není název souboru, který toho šmejda představuje...Pak taky bych nevěřil každý stránce, kde nabízejí suprovej antivir (radši sem na ten link neklikal, ale třeba to nic špatného není).
Kdyby si přecjenom chtěl pomoc, tak ten HJT.
Re: viry
tak tady je HJT
Scan saved at 13:59:44, on 4.5.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\Antivirus 2008\Antvrs.exe
C:\Program Files (x86)\vghd\vghd.exe
C:\Program Files (x86)\Seznam\Postak\Postak.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\vghd\VirtuaGirl_downloader.exe
C:\Program Files (x86)\a-squared Anti-Dialer\a2antidialer.exe
C:\Program Files (x86)\a-squared Anti-Dialer\a2antidialer.exe
C:\Program Files (x86)\Internet Explorer\IEUser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
= http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page
= about:blank
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page
=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page
=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window
Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-
C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-
82A9-A0F997BA588C} - C:\Program Files (x86)
\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273}
- C:\Program Files (x86)\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files (x86)
\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4
\ashDisp.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files (x86)\Antivirus
2008\Antvrs.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files (x86)
\vghd\vghd.exe
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-
9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-
2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... -
{2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files
(x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-
D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-
FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-
FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer
Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer
Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone,
should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer
Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer
Zone, should be Internet Zone
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl
Class) - http://arcaonline.arcabit.com/ArcaOnline.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
(OnlineScanner Control) -
http://www.eset.cz/buxus/docs/OnlineScanner.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec
RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... mon/bin/ca
bsa.cab
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure
Online Scanner 3.3) - http://support.f-
secure.com/ols3beta/fscax.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl
Class) -
http://www.ca.com/us/securityadvisor/vi ... ebscan.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A}
(MJLauncherCtrl Class) - http://icq.oberon-
media.com/online//online2/luxor/mjolauncher.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure
Online Scanner 3.3) - http://support.f-
secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{68470532-7BC6-4C6B-
896D-FD8D816662ED}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer =
208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer =
208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-
1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) -
Emsi Software GmbH - C:\Program Files (x86)\a-squared Anti-
Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software
GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft -
C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) -
Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL
Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program
Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner -
C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files
(x86)\Common Files\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files (x86)\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program
Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102
(Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
(file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300
(ProtectedStorage) - Unknown owner - C:\Windows\system32
\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2
(RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
(file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) -
Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search
& Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) -
Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3
(SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
(file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler)
- Unknown owner - C:\Windows\System32\spoolsv.exe (file
missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) -
NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy
Emergency 2008\SpyEmergencySrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service
(sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware
Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101
(UI0Detect) - Unknown owner - C:\Windows\system32
\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) -
Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) -
Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110
(wmiApSrv) - Unknown owner - C:\Windows\system32
\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media
Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner -
C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file
missing)
--
End of file - 9269 bytes
Scan saved at 13:59:44, on 4.5.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\Antivirus 2008\Antvrs.exe
C:\Program Files (x86)\vghd\vghd.exe
C:\Program Files (x86)\Seznam\Postak\Postak.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\vghd\VirtuaGirl_downloader.exe
C:\Program Files (x86)\a-squared Anti-Dialer\a2antidialer.exe
C:\Program Files (x86)\a-squared Anti-Dialer\a2antidialer.exe
C:\Program Files (x86)\Internet Explorer\IEUser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
= http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page
= about:blank
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page
=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page
=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window
Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-
C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-
82A9-A0F997BA588C} - C:\Program Files (x86)
\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273}
- C:\Program Files (x86)\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files (x86)
\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4
\ashDisp.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files (x86)\Antivirus
2008\Antvrs.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files (x86)
\vghd\vghd.exe
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-
9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-
2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... -
{2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files
(x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-
D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-
FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-
FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer
Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer
Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone,
should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer
Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer
Zone, should be Internet Zone
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl
Class) - http://arcaonline.arcabit.com/ArcaOnline.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
(OnlineScanner Control) -
http://www.eset.cz/buxus/docs/OnlineScanner.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec
RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... mon/bin/ca
bsa.cab
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure
Online Scanner 3.3) - http://support.f-
secure.com/ols3beta/fscax.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl
Class) -
http://www.ca.com/us/securityadvisor/vi ... ebscan.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A}
(MJLauncherCtrl Class) - http://icq.oberon-
media.com/online//online2/luxor/mjolauncher.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure
Online Scanner 3.3) - http://support.f-
secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{68470532-7BC6-4C6B-
896D-FD8D816662ED}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer =
208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer =
208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-
1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) -
Emsi Software GmbH - C:\Program Files (x86)\a-squared Anti-
Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software
GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft -
C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) -
Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL
Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program
Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner -
C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files
(x86)\Common Files\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files (x86)\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program
Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102
(Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
(file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300
(ProtectedStorage) - Unknown owner - C:\Windows\system32
\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2
(RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
(file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) -
Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search
& Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) -
Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3
(SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
(file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler)
- Unknown owner - C:\Windows\System32\spoolsv.exe (file
missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) -
NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy
Emergency 2008\SpyEmergencySrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service
(sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware
Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101
(UI0Detect) - Unknown owner - C:\Windows\system32
\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) -
Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) -
Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110
(wmiApSrv) - Unknown owner - C:\Windows\system32
\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media
Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner -
C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file
missing)
--
End of file - 9269 bytes
Re: viry
Tento program odinstaluj:
Antivirus 2008
+ Stáhněte a uložte na plochu ComboFix:
Spusťte aplikaci pod účtem Správce počítače - zavřete všechny spuštěné programy (webový prohlížeč, messenger, ...) - následuje licenční ujednání, klikněte na Ano - začne se testovat (celá akce trvá cca. 5 - 10 minut, někdy i trochu déle) - během skenu se nepokoušejte spouštět žádne jiné aplikace a neklikejte do okna ComboFixu - po dokončení se automaticky otevře okno poznámkového bloku s textem (pokud se tak nestane, log je v C:\ComboFix.txt), který sem pomocí známých klávesových zkratek Ctrl + A (označení celého textu) -> Ctrl + C (uložení do jakési schránky) -> Ctrl + V (vložení textu) zkopírujte - a počkejte na další postup
VAROVÁNÍ: Pokud se vám zobrazí "CRITICAL WARNING !!" nesmíte restartovat počítač, o varování napište.
VAROVÁNÍ2: Je možné, že při testu budou různé bezpečnostní programy hlásit neoprávněný pokus o smazání daného souboru či něco jiného. Povolte jejich případné dotazy nebo na dobu scanu úplně vypněte rezidentní modul daného programu.
Antivirus 2008
+ Stáhněte a uložte na plochu ComboFix:
Spusťte aplikaci pod účtem Správce počítače - zavřete všechny spuštěné programy (webový prohlížeč, messenger, ...) - následuje licenční ujednání, klikněte na Ano - začne se testovat (celá akce trvá cca. 5 - 10 minut, někdy i trochu déle) - během skenu se nepokoušejte spouštět žádne jiné aplikace a neklikejte do okna ComboFixu - po dokončení se automaticky otevře okno poznámkového bloku s textem (pokud se tak nestane, log je v C:\ComboFix.txt), který sem pomocí známých klávesových zkratek Ctrl + A (označení celého textu) -> Ctrl + C (uložení do jakési schránky) -> Ctrl + V (vložení textu) zkopírujte - a počkejte na další postup
VAROVÁNÍ: Pokud se vám zobrazí "CRITICAL WARNING !!" nesmíte restartovat počítač, o varování napište.
VAROVÁNÍ2: Je možné, že při testu budou různé bezpečnostní programy hlásit neoprávněný pokus o smazání daného souboru či něco jiného. Povolte jejich případné dotazy nebo na dobu scanu úplně vypněte rezidentní modul daného programu.
Re: viry
Pri pokusu nainstalovat pr.ComboFix vyskocilo my toto
You cannot rename ComboFix as ComboFix1
please use another name
preferbaly made up of alfanumeric charakteres
Kdys jsem to podtvrdil nic se nedelo.
You cannot rename ComboFix as ComboFix1
please use another name
preferbaly made up of alfanumeric charakteres
Kdys jsem to podtvrdil nic se nedelo.
Re: viry
Run by VIKTOR on 2008-05-04 17:44:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
6: 2008-05-04 14:39:56 UTC - RP158 - Naplánovaný kontrolní bod
5: 2008-05-03 22:58:49 UTC - RP157 - Spyware Terminator - restore point
4: 2008-05-03 16:37:54 UTC - RP156 - Removed Google Toolbar for Internet Explorer
3: 2008-05-03 09:51:27 UTC - RP155 - Naplánovaný kontrolní bod
2: 2008-05-02 20:25:14 UTC - RP154 - Windows Update
-- First Restore Point --
1: 2008-05-01 18:17:05 UTC - RP153 - Removed oggcodecs
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 1015 MiB (1024 MiB recommended).
-- HijackThis (run as VIKTOR.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:47:54, on 4.5.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\Antivirus 2008\Antvrs.exe
C:\Program Files (x86)\vghd\vghd.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Program Files (x86)\Seznam\Postak\Postak.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\vghd\VirtuaGirl_downloader.exe
C:\Users\VIKTOR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUN85JL9\dss[1].exe
C:\Windows\SysWOW64\conime.exe
C:\PROGRA~2\TRENDM~1\HIJACK~1\VIKTOR.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files (x86)\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files (x86)\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files (x86)\Antivirus 2008\Antvrs.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files (x86)\vghd\vghd.exe
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.cz/buxus/docs/OnlineScanner.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/vi ... ebscan.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://icq.oberon-media.com/online//onl ... uncher.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{68470532-7BC6-4C6B-896D-FD8D816662ED}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files (x86)\Common Files\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergencySrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9206 bytes
-- File Associations -----------------------------------------------------------
.ini - unable to read key
.ini - unable to read key
.txt - txtfile - shell\open\command - Notepad.exe %1
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 ACPI (Ovladač standardu ACPI společnosti Microsoft) - c:\windows\system32\drivers\acpi.sys (file missing)
R0 atapi (Kanál IDE) - c:\windows\system32\drivers\atapi.sys (file missing)
R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing)
R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)
R0 disk (Ovladač disku) - c:\windows\system32\drivers\disk.sys (file missing)
R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing)
R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing)
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)
R0 intelide - c:\windows\system32\drivers\intelide.sys (file missing)
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)
R0 msisadrv (Ovladač třídy ISA/EISA) - c:\windows\system32\drivers\msisadrv.sys (file missing)
R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing)
R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)
R0 pci (Řadič sběrnice PCI) - c:\windows\system32\drivers\pci.sys (file missing)
R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing)
R0 Tcpip (Ovladač protokolu TCP/IP) - c:\windows\system32\drivers\tcpip.sys (file missing)
R0 volmgr (Ovladač správce svazků) - c:\windows\system32\drivers\volmgr.sys (file missing)
R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing)
R0 volsnap (Svazky úložiště) - c:\windows\system32\drivers\volsnap.sys (file missing)
R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing)
R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing)
R1 aswRdr - c:\windows\system32\drivers\aswrdr.sys (file missing)
R1 aswSP (avast! Self Protection) - c:\windows\system32\drivers\aswsp.sys (file missing)
R1 aswTdi (avast! Network Shield Support) - c:\windows\system32\drivers\aswtdi.sys (file missing)
R1 cdrom (Ovladač jednotky CD-ROM) - c:\windows\system32\drivers\cdrom.sys (file missing)
R1 DfsC (DFS Namespace Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing)
R1 i8042prt (Ovladač portu klávesnice i8042 a myši PS/2) - c:\windows\system32\drivers\i8042prt.sys (file missing)
R1 kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing)
R1 mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing)
R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing)
R1 netbt - c:\windows\system32\drivers\netbt.sys (file missing)
R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing)
R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers\nsiproxy.sys (file missing)
R1 Null - c:\windows\system32\drivers\null.sys (file missing)
R1 PSched (Plánovač paketů technologie QoS) - c:\windows\system32\drivers\pacer.sys (file missing)
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)
R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing)
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)
R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing)
R1 Serial (Ovladač sériového portu) - c:\windows\system32\drivers\serial.sys (file missing)
R1 Smb (Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB)) - c:\windows\system32\drivers\smb.sys (file missing)
R1 SpyEmrg (Spy Emergency Driver) - c:\windows\system32\drivers\spyemrg.sys (file missing)
R1 tdx (Ovladač pro podporu zastaralého rozhraní TDI NetIO) - c:\windows\system32\drivers\tdx.sys (file missing)
R1 TermDD (Ovladač terminálového zařízení) - c:\windows\system32\drivers\termdd.sys (file missing)
R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing)
R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
R2 aswFsBlk - c:\windows\system32\drivers\aswfsblk.sys (file missing)
R2 irda (IrDA Protocol) - c:\windows\system32\drivers\irda.sys (file missing)
R2 lltdio (Vstupně výstupní ovladač mapovače zjišťování topologie linkové vrstvy) - c:\windows\system32\drivers\lltdio.sys (file missing)
R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing)
R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing)
R2 rspndr (Odpovídající zařízení zjišťování topologie linkové vrstvy) - c:\windows\system32\drivers\rspndr.sys (file missing)
R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)
R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing)
R3 AsyncMac (Ovladač asynchronních médií připojení RAS) - c:\windows\system32\drivers\asyncmac.sys (file missing)
R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing)
R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing)
R3 HdAudAddService (Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio) - c:\windows\system32\drivers\hdaudio.sys (file missing)
R3 HDAudBus (Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing)
R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)
R3 igfx - c:\windows\system32\drivers\igdkmd64.sys (file missing)
R3 intelppm (Ovladač procesoru Intel) - c:\windows\system32\drivers\intelppm.sys (file missing)
R3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing)
R3 irsir (Microsoft Serial Infrared Driver) - c:\windows\system32\drivers\irsir.sys (file missing)
R3 iScsiPrt (Ovladač iScsiPort) - c:\windows\system32\drivers\msiscsi.sys (file missing)
R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing)
R3 monitor (Služba ovladače funkce třídy monitorů Microsoft) - c:\windows\system32\drivers\monitor.sys (file missing)
R3 mpsdrv (Ovladač ověření brány firewall systému Windows) - c:\windows\system32\drivers\mpsdrv.sys (file missing)
R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing)
R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing)
R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing)
R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing)
R3 mssmbios (Ovladač Microsoft System Management BIOS) - c:\windows\system32\drivers\mssmbios.sys (file missing)
R3 NdisTapi (Ovladač Remote Access NDIS TAPI) - c:\windows\system32\drivers\ndistapi.sys (file missing)
R3 NdisWan (Ovladač Remote Access NDIS WAN) - c:\windows\system32\drivers\ndiswan.sys (file missing)
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing)
R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing)
R3 PAC207 (SoC PC-Camera) - c:\windows\system32\drivers\pfc027.sys (file missing)
R3 Parport (Ovladač paralelního portu) - c:\windows\system32\drivers\parport.sys (file missing)
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys (file missing)
R3 PptpMiniport (Připojení WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)
R3 Rasl2tp (Připojení WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)
R3 RasPppoe (Ovladač pro vzdálený přístup PPPOE) - c:\windows\system32\drivers\raspppoe.sys (file missing)
R3 RasSstp (Připojení WAN Miniport (SSTP)) - c:\windows\system32\drivers\rassstp.sys (file missing)
R3 RTL8023x64 (Realtek 10/100 NIC Family NDIS x64 Driver) - c:\windows\system32\drivers\rtnic64.sys (file missing)
R3 Serenum (Ovladač filtru Serenum) - c:\windows\system32\drivers\serenum.sys (file missing)
R3 SpyEmrgGuard (Spy Emergency Real-Time Shield Driver) - c:\windows\system32\drivers\spyemrg_guard.sys (file missing)
R3 srv - c:\windows\system32\drivers\srv.sys (file missing)
R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing)
R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing)
R3 swenum (Softwarový ovladač sběrnice) - c:\windows\system32\drivers\swenum.sys (file missing)
R3 tunmp (Microsoft Tun Miniport Adapter Driver) - c:\windows\system32\drivers\tunmp.sys (file missing)
R3 tunnel (Microsoft IPv6 Tunnel Miniport Adapter Driver) - c:\windows\system32\drivers\tunnel.sys (file missing)
R3 umbus (Ovladač sběrnice UMBus Enumerator) - c:\windows\system32\drivers\umbus.sys (file missing)
R3 usbehci (Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0) - c:\windows\system32\drivers\usbehci.sys (file missing)
R3 usbhub (Rozbočovač umožňující USB2) - c:\windows\system32\drivers\usbhub.sys (file missing)
R3 USBSTOR (Ovladač velkokapacitního paměťového zařízení USB) - c:\windows\system32\drivers\usbstor.sys (file missing)
R3 usbuhci (Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft) - c:\windows\system32\drivers\usbuhci.sys (file missing)
R3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing)
R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing)
S1 kbdhid (Ovladač klávesnice standardu HID) - c:\windows\system32\drivers\kbdhid.sys (file missing)
S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing)
S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing)
S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing)
S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing)
S3 drmkaud (Dekodér zvuků DRM jádra společnosti Microsoft) - c:\windows\system32\drivers\drmkaud.sys (file missing)
S3 E1G60 (Intel(R) PRO/1000 NDIS 6 Adapter Driver) - c:\windows\system32\drivers\e1g6032e.sys (file missing)
S3 exfat (exFAT File System Driver) - c:\windows\system32\drivers\exfat.sys (file missing)
S3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing)
S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing)
S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing)
S3 HidUsb (Ovladač třídy standardu HID Microsoft) - c:\windows\system32\drivers\hidusb.sys (file missing)
S3 ialm - c:\windows\system32\drivers\igdkmd64.sys (file missing)
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing)
S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing)
S3 Modem - c:\windows\system32\drivers\modem.sys (file missing)
S3 MSKSSRV (Server proxy služby datových proudů Microsoft) - c:\windows\system32\drivers\mskssrv.sys (file missing)
S3 MSPCLOCK (Server proxy hodin datových proudů Microsoft) - c:\windows\system32\drivers\mspclock.sys (file missing)
S3 MSPQM (Server proxy správce kvality datových proudů Microsoft) - c:\windows\system32\drivers\mspqm.sys (file missing)
S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing)
S3 MSTEE (Konvertor jímka-jímka typu T datových proudů Microsoft) - c:\windows\system32\drivers\mstee.sys (file missing)
S3 NativeWifiP (Filtr NativeWiFi) - c:\windows\system32\drivers\nwifi.sys (file missing)
S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing)
S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing)
S3 QWAVEdrv (Ovladač QWAVE) - c:\windows\system32\drivers\qwavedrv.sys (file missing)
S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing)
S3 sffp_mmc (SFF Storage Protocol Driver for MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing)
S3 sffp_sd (SFF Storage Protocol Driver for SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing)
S3 Tcpip6 (Ovladač protokolu IPv6 společnosti Microsoft) - c:\windows\system32\drivers\tcpip.sys (file missing)
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing)
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing)
S3 tssecsrv (Terminal Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing)
S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing)
S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing)
S3 usbaudio (Ovladač zvuků USB (WDM)) - c:\windows\system32\drivers\usbaudio.sys (file missing)
S3 usbccgp (Obecný nadřazený ovladač Microsoft USB) - c:\windows\system32\drivers\usbccgp.sys (file missing)
S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing)
S3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
S4 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing)
S4 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing)
S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys (file missing)
S4 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing)
S4 aic78xx - c:\windows\system32\drivers\djsvs.sys (file missing)
S4 aliide - c:\windows\system32\drivers\aliide.sys (file missing)
S4 amdide - c:\windows\system32\drivers\amdide.sys (file missing)
S4 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing)
S4 arc - c:\windows\system32\drivers\arc.sys (file missing)
S4 arcsas - c:\windows\system32\drivers\arcsas.sys (file missing)
S4 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing)
S4 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing)
S4 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing)
S4 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing)
S4 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing)
S4 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing)
S4 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing)
S4 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing)
S4 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing)
S4 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing)
S4 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing)
S4 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing)
S4 HpCISSs - c:\windows\system32\drivers\hpcisss.sys (file missing)
S4 i2omp - c:\windows\system32\drivers\i2omp.sys (file missing)
S4 iaStorV (Intel RAID Controller Vista) - c:\windows\system32\drivers\iastorv.sys (file missing)
S4 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing)
S4 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing)
S4 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing)
S4 iteatapi (ITEATAPI_Service_Install) - c:\windows\system32\drivers\iteatapi.sys (file missing)
S4 iteraid (ITERAID_Service_Install) - c:\windows\system32\drivers\iteraid.sys (file missing)
S4 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing)
S4 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing)
S4 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing)
S4 megasas - c:\windows\system32\drivers\megasas.sys (file missing)
S4 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys (file missing)
S4 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing)
S4 Mraid35x - c:\windows\system32\drivers\mraid35x.sys (file missing)
S4 msahci - c:\windows\system32\drivers\msahci.sys (file missing)
S4 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing)
S4 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing)
S4 nvraid - c:\windows\system32\drivers\nvraid.sys (file missing)
S4 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing)
S4 ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing)
S4 pciide - c:\windows\system32\drivers\pciide.sys (file missing)
S4 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing)
S4 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing)
S4 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing)
S4 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing)
S4 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing)
S4 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing)
S4 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing)
S4 sffdisk (SFF Storage Class Driver) - c:\windows\system32\drivers\sffdisk.sys (file missing)
S4 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing)
S4 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing)
S4 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing)
S4 Sym_hi - c:\windows\system32\drivers\sym_hi.sys (file missing)
S4 Sym_u3 - c:\windows\system32\drivers\sym_u3.sys (file missing)
S4 Symc8xx - c:\windows\system32\drivers\symc8xx.sys (file missing)
S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing)
S4 uliahci - c:\windows\system32\drivers\uliahci.sys (file missing)
S4 UlSata - c:\windows\system32\drivers\ulsata.sys (file missing)
S4 ulsata2 - c:\windows\system32\drivers\ulsata2.sys (file missing)
S4 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing)
S4 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing)
S4 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing)
S4 viaide - c:\windows\system32\drivers\viaide.sys (file missing)
S4 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing)
S4 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing)
S4 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing)
S4 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing)
S4 ws2ifsl (Winsock IFS driver) - c:\windows\system32\drivers\ws2ifsl.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 SamSs (Správce zabezpečení účtů) - c:\windows\system32\lsass.exe (file missing)
R2 SBSDWSCService (SBSD Security Center Service) - c:\program files (x86)\spybot - search & destroy\sdwinsec.exe
R2 slsvc (Licencování softwaru) - c:\windows\system32\slsvc.exe (file missing)
R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files (x86)\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator>
R2 Spooler (Služba zařazování tisku) - c:\windows\system32\spoolsv.exe (file missing)
S3 ALG (Služba brány aplikačního rozhraní) - c:\windows\system32\alg.exe (file missing)
S3 DFSR (Replikace distribuovaného systému souborů (DFSR)) - c:\windows\system32\dfsr.exe (file missing)
S3 Droppix Service - "c:\program files (x86)\common files\droppix\dxservice.exe" <Not Verified; Droppix; Droppix Services>
S3 KeyIso (Izolace klíče CNG) - c:\windows\system32\lsass.exe (file missing)
S3 MSDTC (Koordinátor distribuovaných transakcí) - c:\windows\system32\msdtc.exe (file missing)
S3 Netlogon (služba Netlogon) - c:\windows\system32\lsass.exe (file missing)
S3 ProtectedStorage (Chráněné úložiště) - c:\windows\system32\lsass.exe (file missing)
S3 RpcLocator (Lokátor vzdáleného volání procedur (RPC)) - c:\windows\system32\locator.exe (file missing)
S3 SNMPTRAP (Zachytávání pro službu SNMP) - c:\windows\system32\snmptrap.exe (file missing)
S3 UI0Detect (Zjišťování interaktivních služeb) - c:\windows\system32\ui0detect.exe (file missing)
S3 vds (Virtuální disk) - c:\windows\system32\vds.exe (file missing)
S3 VSS (Stínová kopie svazku) - c:\windows\system32\vssvc.exe (file missing)
S3 wmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-04-04 and 2008-05-04 -----------------------------
2008-05-04 13:59:30 0 d-------- C:\Program Files (x86)\Trend Micro
2008-05-04 11:25:37 0 d-------- C:\Program Files (x86)\a-squared Anti-Malware
2008-05-04 11:24:49 0 d-------- C:\Program Files (x86)\Axaware
2008-05-04 11:22:35 0 d-------- C:\Program Files (x86)\a-squared Anti-Dialer
2008-05-04 00:46:45 0 d-------- C:\Program Files (x86)\Antivirus 2008
2008-05-01 20:29:12 21504 --a------ C:\Windows\system32\TABCTFR.DLL <Not Verified; Microsoft Corporation; Bibliotheque d'objets TabCtl32>
2008-05-01 20:29:12 59904 --a------ C:\Windows\system32\Mscc2fr.dll <Not Verified; Microsoft Corporation; Bibliotheque d'objets de Microsoft Common Controls 2>
2008-05-01 19:38:57 0 d-------- C:\Users\All Users\LightScribe
2008-05-01 19:38:57 0 d-------- C:\Users\All Users\Application Data\LightScribe
2008-05-01 19:37:22 0 d-------- C:\Program Files (x86)\Common Files\LightScribe
2008-05-01 19:37:13 0 d-------- C:\Program Files (x86)\Common Files\Droppix
2008-05-01 19:37:12 0 d-------- C:\Program Files (x86)\Droppix
2008-05-01 19:36:21 0 d-------- C:\Users\All Users\Droppix
2008-05-01 19:36:21 0 d-------- C:\Users\All Users\Application Data\Droppix
2008-05-01 19:32:31 90112 --a------ C:\Windows\system32\agsaami.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFormatSettings3 Module>
2008-05-01 19:32:31 610304 --a------ C:\Windows\system32\agsaamg.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFile3 Module>
2008-05-01 19:32:31 372736 --a------ C:\Windows\system32\agsaamc.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFileWMA3 Module>
2008-05-01 19:32:30 339968 --a------ C:\Windows\system32\NCTAudioArrayProcessing3.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioArrayProcessing3 Module>
2008-05-01 19:32:30 2535424 --a------ C:\Windows\system32\agsaamj.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCompress3 Module>
2008-05-01 19:32:29 40960 --a------ C:\Windows\system32\VBAME.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-05-01 19:32:29 1 --a------ C:\Windows\audi20.dat
2008-04-29 20:15:05 1700352 --a------ C:\Windows\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-22 19:34:06 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-04-22 19:34:06 0 d-------- C:\Users\All Users\Application Data\SUPERAntiSpyware.com
2008-04-22 19:32:01 138752 --a------ C:\Windows\system32\drivers\sp_rsdrv2.sys
2008-04-22 19:32:00 0 d-------- C:\Users\All Users\Spyware Terminator
2008-04-22 19:32:00 0 d-------- C:\Users\All Users\Application Data\Spyware Terminator
2008-04-22 19:31:55 0 d-------- C:\Program Files (x86)\Spyware Terminator
2008-04-22 19:28:21 0 d-------- C:\Users\All Users\NETGATE
2008-04-22 19:28:21 0 d-------- C:\Users\All Users\Application Data\NETGATE
2008-04-22 19:16:48 0 d-------- C:\Users\All Users\Avg8
2008-04-22 19:16:48 0 d-------- C:\Users\All Users\Application Data\Avg8
2008-04-22 18:24:24 0 d-------- C:\Program Files (x86)\Lavasoft
2008-04-20 23:56:26 0 --a------ C:\Windows\system32\sys_dll.dll
2008-04-20 13:24:47 0 d-------- C:\Program Files (x86)\Wise Disk Cleaner
2008-04-20 13:22:52 0 d-------- C:\Program Files (x86)\Wise Registry Cleaner 3
2008-04-14 13:01:58 0 d-------- C:\Program Files (x86)\vghd
2008-04-06 21:50:23 94208 --a------ C:\Windows\amcap.exe <Not Verified; Microsoft Corporation; DirectX 8.1 Sample>
-- Find3M Report ---------------------------------------------------------------
2008-05-04 13:09:31 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Skype
2008-05-04 12:54:51 0 d-------- C:\Users\VIKTOR\AppData\Roaming\skypePM
2008-05-04 11:17:20 0 d-------- C:\Program Files (x86)\a-squared Free
2008-05-04 10:19:27 0 d-------- C:\Program Files (x86)\Google
2008-05-04 01:32:36 0 d---s---- C:\Users\VIKTOR\AppData\Roaming\Microsoft
2008-05-04 00:57:15 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Spyware Terminator
2008-05-04 00:46:47 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Antivirus
2008-05-03 12:04:18 0 d-------- C:\Program Files (x86)\bwin
2008-05-01 19:40:33 0 d-------- C:\Users\VIKTOR\AppData\Roaming\DeepBurner
2008-05-01 19:38:07 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Droppix
2008-05-01 19:37:22 0 d-------- C:\Program Files (x86)\Common Files
2008-05-01 19:06:11 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Triton Interactive
2008-04-30 22:45:39 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Any Video Converter
2008-04-30 19:56:46 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Spy Emergency
2008-04-29 21:25:47 49 --a------ C:\Users\VIKTOR\AppData\Roaming\burnaware.ini
2008-04-29 20:42:00 0 d-------- C:\Users\VIKTOR\AppData\Roaming\InfraRecorder
2008-04-29 20:13:51 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Romeo Burner
2008-04-29 20:06:01 0 d-------- C:\Users\VIKTOR\AppData\Roaming\CDBurnerXP_Soft
2008-04-29 19:30:58 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information
2008-04-26 16:12:31 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Adobe
2008-04-22 20:20:29 0 d-------- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2008-04-22 19:35:31 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Simply Super Software
2008-04-21 00:08:12 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Kazaap
2008-04-20 23:49:30 0 d-------- C:\Users\VIKTOR\AppData\Roaming\TrojanHunter
2008-04-19 09:33:42 0 d-------- C:\Program Files (x86)\ICQ6
2008-04-18 00:16:14 174 --ahs---- C:\Program Files (x86)\desktop.ini
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Sidebar
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Photo Gallery
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Mail
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Collaboration
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Calendar
2008-04-18 00:03:02 0 d-------- C:\Program Files (x86)\Windows Defender
2008-04-14 13:01:57 0 d-------- C:\Users\VIKTOR\AppData\Roaming\vghd
2008-04-01 15:21:37 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Vso
2008-03-31 21:42:13 0 d-------- C:\Users\VIKTOR\AppData\Roaming\ICQ
2008-03-30 23:39:55 0 d-------- C:\Program Files (x86)\Any Audio Converter
2008-03-28 01:13:29 7859 --a------ C:\Users\VIKTOR\AppData\Roaming\pcouffin.cat
2008-03-23 22:25:03 0 d-------- C:\Users\VIKTOR\AppData\Roaming\FinalBurner AudioCD Ripper
2008-03-23 15:46:41 0 d-------- C:\Program Files (x86)\Common Files\Adobe
2008-03-22 17:25:33 0 d-------- C:\Program Files (x86)\Verdict Free
2008-03-17 21:35:27 0 d-------- C:\Program Files (x86)\NCH Software
-- Registry Dump ---------------------------------------------------------------
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8300 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-05-04 17:52:12 ------------
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
6: 2008-05-04 14:39:56 UTC - RP158 - Naplánovaný kontrolní bod
5: 2008-05-03 22:58:49 UTC - RP157 - Spyware Terminator - restore point
4: 2008-05-03 16:37:54 UTC - RP156 - Removed Google Toolbar for Internet Explorer
3: 2008-05-03 09:51:27 UTC - RP155 - Naplánovaný kontrolní bod
2: 2008-05-02 20:25:14 UTC - RP154 - Windows Update
-- First Restore Point --
1: 2008-05-01 18:17:05 UTC - RP153 - Removed oggcodecs
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 1015 MiB (1024 MiB recommended).
-- HijackThis (run as VIKTOR.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:47:54, on 4.5.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\Antivirus 2008\Antvrs.exe
C:\Program Files (x86)\vghd\vghd.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Program Files (x86)\Seznam\Postak\Postak.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\vghd\VirtuaGirl_downloader.exe
C:\Users\VIKTOR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUN85JL9\dss[1].exe
C:\Windows\SysWOW64\conime.exe
C:\PROGRA~2\TRENDM~1\HIJACK~1\VIKTOR.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files (x86)\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files (x86)\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files (x86)\Antivirus 2008\Antvrs.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files (x86)\vghd\vghd.exe
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.cz/buxus/docs/OnlineScanner.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/vi ... ebscan.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://icq.oberon-media.com/online//onl ... uncher.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{68470532-7BC6-4C6B-896D-FD8D816662ED}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files (x86)\Common Files\Droppix\DxService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergencySrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9206 bytes
-- File Associations -----------------------------------------------------------
.ini - unable to read key
.ini - unable to read key
.txt - txtfile - shell\open\command - Notepad.exe %1
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 ACPI (Ovladač standardu ACPI společnosti Microsoft) - c:\windows\system32\drivers\acpi.sys (file missing)
R0 atapi (Kanál IDE) - c:\windows\system32\drivers\atapi.sys (file missing)
R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing)
R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)
R0 disk (Ovladač disku) - c:\windows\system32\drivers\disk.sys (file missing)
R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing)
R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing)
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)
R0 intelide - c:\windows\system32\drivers\intelide.sys (file missing)
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)
R0 msisadrv (Ovladač třídy ISA/EISA) - c:\windows\system32\drivers\msisadrv.sys (file missing)
R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing)
R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)
R0 pci (Řadič sběrnice PCI) - c:\windows\system32\drivers\pci.sys (file missing)
R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing)
R0 Tcpip (Ovladač protokolu TCP/IP) - c:\windows\system32\drivers\tcpip.sys (file missing)
R0 volmgr (Ovladač správce svazků) - c:\windows\system32\drivers\volmgr.sys (file missing)
R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing)
R0 volsnap (Svazky úložiště) - c:\windows\system32\drivers\volsnap.sys (file missing)
R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing)
R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing)
R1 aswRdr - c:\windows\system32\drivers\aswrdr.sys (file missing)
R1 aswSP (avast! Self Protection) - c:\windows\system32\drivers\aswsp.sys (file missing)
R1 aswTdi (avast! Network Shield Support) - c:\windows\system32\drivers\aswtdi.sys (file missing)
R1 cdrom (Ovladač jednotky CD-ROM) - c:\windows\system32\drivers\cdrom.sys (file missing)
R1 DfsC (DFS Namespace Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing)
R1 i8042prt (Ovladač portu klávesnice i8042 a myši PS/2) - c:\windows\system32\drivers\i8042prt.sys (file missing)
R1 kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing)
R1 mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing)
R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing)
R1 netbt - c:\windows\system32\drivers\netbt.sys (file missing)
R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing)
R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers\nsiproxy.sys (file missing)
R1 Null - c:\windows\system32\drivers\null.sys (file missing)
R1 PSched (Plánovač paketů technologie QoS) - c:\windows\system32\drivers\pacer.sys (file missing)
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)
R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing)
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)
R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing)
R1 Serial (Ovladač sériového portu) - c:\windows\system32\drivers\serial.sys (file missing)
R1 Smb (Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB)) - c:\windows\system32\drivers\smb.sys (file missing)
R1 SpyEmrg (Spy Emergency Driver) - c:\windows\system32\drivers\spyemrg.sys (file missing)
R1 tdx (Ovladač pro podporu zastaralého rozhraní TDI NetIO) - c:\windows\system32\drivers\tdx.sys (file missing)
R1 TermDD (Ovladač terminálového zařízení) - c:\windows\system32\drivers\termdd.sys (file missing)
R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing)
R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
R2 aswFsBlk - c:\windows\system32\drivers\aswfsblk.sys (file missing)
R2 irda (IrDA Protocol) - c:\windows\system32\drivers\irda.sys (file missing)
R2 lltdio (Vstupně výstupní ovladač mapovače zjišťování topologie linkové vrstvy) - c:\windows\system32\drivers\lltdio.sys (file missing)
R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing)
R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing)
R2 rspndr (Odpovídající zařízení zjišťování topologie linkové vrstvy) - c:\windows\system32\drivers\rspndr.sys (file missing)
R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)
R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing)
R3 AsyncMac (Ovladač asynchronních médií připojení RAS) - c:\windows\system32\drivers\asyncmac.sys (file missing)
R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing)
R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing)
R3 HdAudAddService (Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio) - c:\windows\system32\drivers\hdaudio.sys (file missing)
R3 HDAudBus (Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing)
R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)
R3 igfx - c:\windows\system32\drivers\igdkmd64.sys (file missing)
R3 intelppm (Ovladač procesoru Intel) - c:\windows\system32\drivers\intelppm.sys (file missing)
R3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing)
R3 irsir (Microsoft Serial Infrared Driver) - c:\windows\system32\drivers\irsir.sys (file missing)
R3 iScsiPrt (Ovladač iScsiPort) - c:\windows\system32\drivers\msiscsi.sys (file missing)
R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing)
R3 monitor (Služba ovladače funkce třídy monitorů Microsoft) - c:\windows\system32\drivers\monitor.sys (file missing)
R3 mpsdrv (Ovladač ověření brány firewall systému Windows) - c:\windows\system32\drivers\mpsdrv.sys (file missing)
R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing)
R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing)
R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing)
R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing)
R3 mssmbios (Ovladač Microsoft System Management BIOS) - c:\windows\system32\drivers\mssmbios.sys (file missing)
R3 NdisTapi (Ovladač Remote Access NDIS TAPI) - c:\windows\system32\drivers\ndistapi.sys (file missing)
R3 NdisWan (Ovladač Remote Access NDIS WAN) - c:\windows\system32\drivers\ndiswan.sys (file missing)
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing)
R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing)
R3 PAC207 (SoC PC-Camera) - c:\windows\system32\drivers\pfc027.sys (file missing)
R3 Parport (Ovladač paralelního portu) - c:\windows\system32\drivers\parport.sys (file missing)
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys (file missing)
R3 PptpMiniport (Připojení WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)
R3 Rasl2tp (Připojení WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)
R3 RasPppoe (Ovladač pro vzdálený přístup PPPOE) - c:\windows\system32\drivers\raspppoe.sys (file missing)
R3 RasSstp (Připojení WAN Miniport (SSTP)) - c:\windows\system32\drivers\rassstp.sys (file missing)
R3 RTL8023x64 (Realtek 10/100 NIC Family NDIS x64 Driver) - c:\windows\system32\drivers\rtnic64.sys (file missing)
R3 Serenum (Ovladač filtru Serenum) - c:\windows\system32\drivers\serenum.sys (file missing)
R3 SpyEmrgGuard (Spy Emergency Real-Time Shield Driver) - c:\windows\system32\drivers\spyemrg_guard.sys (file missing)
R3 srv - c:\windows\system32\drivers\srv.sys (file missing)
R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing)
R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing)
R3 swenum (Softwarový ovladač sběrnice) - c:\windows\system32\drivers\swenum.sys (file missing)
R3 tunmp (Microsoft Tun Miniport Adapter Driver) - c:\windows\system32\drivers\tunmp.sys (file missing)
R3 tunnel (Microsoft IPv6 Tunnel Miniport Adapter Driver) - c:\windows\system32\drivers\tunnel.sys (file missing)
R3 umbus (Ovladač sběrnice UMBus Enumerator) - c:\windows\system32\drivers\umbus.sys (file missing)
R3 usbehci (Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0) - c:\windows\system32\drivers\usbehci.sys (file missing)
R3 usbhub (Rozbočovač umožňující USB2) - c:\windows\system32\drivers\usbhub.sys (file missing)
R3 USBSTOR (Ovladač velkokapacitního paměťového zařízení USB) - c:\windows\system32\drivers\usbstor.sys (file missing)
R3 usbuhci (Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft) - c:\windows\system32\drivers\usbuhci.sys (file missing)
R3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing)
R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing)
S1 kbdhid (Ovladač klávesnice standardu HID) - c:\windows\system32\drivers\kbdhid.sys (file missing)
S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing)
S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing)
S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing)
S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing)
S3 drmkaud (Dekodér zvuků DRM jádra společnosti Microsoft) - c:\windows\system32\drivers\drmkaud.sys (file missing)
S3 E1G60 (Intel(R) PRO/1000 NDIS 6 Adapter Driver) - c:\windows\system32\drivers\e1g6032e.sys (file missing)
S3 exfat (exFAT File System Driver) - c:\windows\system32\drivers\exfat.sys (file missing)
S3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing)
S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing)
S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing)
S3 HidUsb (Ovladač třídy standardu HID Microsoft) - c:\windows\system32\drivers\hidusb.sys (file missing)
S3 ialm - c:\windows\system32\drivers\igdkmd64.sys (file missing)
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing)
S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing)
S3 Modem - c:\windows\system32\drivers\modem.sys (file missing)
S3 MSKSSRV (Server proxy služby datových proudů Microsoft) - c:\windows\system32\drivers\mskssrv.sys (file missing)
S3 MSPCLOCK (Server proxy hodin datových proudů Microsoft) - c:\windows\system32\drivers\mspclock.sys (file missing)
S3 MSPQM (Server proxy správce kvality datových proudů Microsoft) - c:\windows\system32\drivers\mspqm.sys (file missing)
S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing)
S3 MSTEE (Konvertor jímka-jímka typu T datových proudů Microsoft) - c:\windows\system32\drivers\mstee.sys (file missing)
S3 NativeWifiP (Filtr NativeWiFi) - c:\windows\system32\drivers\nwifi.sys (file missing)
S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing)
S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing)
S3 QWAVEdrv (Ovladač QWAVE) - c:\windows\system32\drivers\qwavedrv.sys (file missing)
S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing)
S3 sffp_mmc (SFF Storage Protocol Driver for MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing)
S3 sffp_sd (SFF Storage Protocol Driver for SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing)
S3 Tcpip6 (Ovladač protokolu IPv6 společnosti Microsoft) - c:\windows\system32\drivers\tcpip.sys (file missing)
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing)
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing)
S3 tssecsrv (Terminal Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing)
S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing)
S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing)
S3 usbaudio (Ovladač zvuků USB (WDM)) - c:\windows\system32\drivers\usbaudio.sys (file missing)
S3 usbccgp (Obecný nadřazený ovladač Microsoft USB) - c:\windows\system32\drivers\usbccgp.sys (file missing)
S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing)
S3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
S4 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing)
S4 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing)
S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys (file missing)
S4 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing)
S4 aic78xx - c:\windows\system32\drivers\djsvs.sys (file missing)
S4 aliide - c:\windows\system32\drivers\aliide.sys (file missing)
S4 amdide - c:\windows\system32\drivers\amdide.sys (file missing)
S4 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing)
S4 arc - c:\windows\system32\drivers\arc.sys (file missing)
S4 arcsas - c:\windows\system32\drivers\arcsas.sys (file missing)
S4 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing)
S4 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing)
S4 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing)
S4 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing)
S4 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing)
S4 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing)
S4 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing)
S4 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing)
S4 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing)
S4 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing)
S4 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing)
S4 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing)
S4 HpCISSs - c:\windows\system32\drivers\hpcisss.sys (file missing)
S4 i2omp - c:\windows\system32\drivers\i2omp.sys (file missing)
S4 iaStorV (Intel RAID Controller Vista) - c:\windows\system32\drivers\iastorv.sys (file missing)
S4 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing)
S4 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing)
S4 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing)
S4 iteatapi (ITEATAPI_Service_Install) - c:\windows\system32\drivers\iteatapi.sys (file missing)
S4 iteraid (ITERAID_Service_Install) - c:\windows\system32\drivers\iteraid.sys (file missing)
S4 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing)
S4 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing)
S4 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing)
S4 megasas - c:\windows\system32\drivers\megasas.sys (file missing)
S4 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys (file missing)
S4 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing)
S4 Mraid35x - c:\windows\system32\drivers\mraid35x.sys (file missing)
S4 msahci - c:\windows\system32\drivers\msahci.sys (file missing)
S4 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing)
S4 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing)
S4 nvraid - c:\windows\system32\drivers\nvraid.sys (file missing)
S4 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing)
S4 ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing)
S4 pciide - c:\windows\system32\drivers\pciide.sys (file missing)
S4 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing)
S4 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing)
S4 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing)
S4 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing)
S4 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing)
S4 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing)
S4 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing)
S4 sffdisk (SFF Storage Class Driver) - c:\windows\system32\drivers\sffdisk.sys (file missing)
S4 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing)
S4 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing)
S4 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing)
S4 Sym_hi - c:\windows\system32\drivers\sym_hi.sys (file missing)
S4 Sym_u3 - c:\windows\system32\drivers\sym_u3.sys (file missing)
S4 Symc8xx - c:\windows\system32\drivers\symc8xx.sys (file missing)
S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing)
S4 uliahci - c:\windows\system32\drivers\uliahci.sys (file missing)
S4 UlSata - c:\windows\system32\drivers\ulsata.sys (file missing)
S4 ulsata2 - c:\windows\system32\drivers\ulsata2.sys (file missing)
S4 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing)
S4 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing)
S4 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing)
S4 viaide - c:\windows\system32\drivers\viaide.sys (file missing)
S4 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing)
S4 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing)
S4 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing)
S4 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing)
S4 ws2ifsl (Winsock IFS driver) - c:\windows\system32\drivers\ws2ifsl.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 SamSs (Správce zabezpečení účtů) - c:\windows\system32\lsass.exe (file missing)
R2 SBSDWSCService (SBSD Security Center Service) - c:\program files (x86)\spybot - search & destroy\sdwinsec.exe
R2 slsvc (Licencování softwaru) - c:\windows\system32\slsvc.exe (file missing)
R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files (x86)\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator>
R2 Spooler (Služba zařazování tisku) - c:\windows\system32\spoolsv.exe (file missing)
S3 ALG (Služba brány aplikačního rozhraní) - c:\windows\system32\alg.exe (file missing)
S3 DFSR (Replikace distribuovaného systému souborů (DFSR)) - c:\windows\system32\dfsr.exe (file missing)
S3 Droppix Service - "c:\program files (x86)\common files\droppix\dxservice.exe" <Not Verified; Droppix; Droppix Services>
S3 KeyIso (Izolace klíče CNG) - c:\windows\system32\lsass.exe (file missing)
S3 MSDTC (Koordinátor distribuovaných transakcí) - c:\windows\system32\msdtc.exe (file missing)
S3 Netlogon (služba Netlogon) - c:\windows\system32\lsass.exe (file missing)
S3 ProtectedStorage (Chráněné úložiště) - c:\windows\system32\lsass.exe (file missing)
S3 RpcLocator (Lokátor vzdáleného volání procedur (RPC)) - c:\windows\system32\locator.exe (file missing)
S3 SNMPTRAP (Zachytávání pro službu SNMP) - c:\windows\system32\snmptrap.exe (file missing)
S3 UI0Detect (Zjišťování interaktivních služeb) - c:\windows\system32\ui0detect.exe (file missing)
S3 vds (Virtuální disk) - c:\windows\system32\vds.exe (file missing)
S3 VSS (Stínová kopie svazku) - c:\windows\system32\vssvc.exe (file missing)
S3 wmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-04-04 and 2008-05-04 -----------------------------
2008-05-04 13:59:30 0 d-------- C:\Program Files (x86)\Trend Micro
2008-05-04 11:25:37 0 d-------- C:\Program Files (x86)\a-squared Anti-Malware
2008-05-04 11:24:49 0 d-------- C:\Program Files (x86)\Axaware
2008-05-04 11:22:35 0 d-------- C:\Program Files (x86)\a-squared Anti-Dialer
2008-05-04 00:46:45 0 d-------- C:\Program Files (x86)\Antivirus 2008
2008-05-01 20:29:12 21504 --a------ C:\Windows\system32\TABCTFR.DLL <Not Verified; Microsoft Corporation; Bibliotheque d'objets TabCtl32>
2008-05-01 20:29:12 59904 --a------ C:\Windows\system32\Mscc2fr.dll <Not Verified; Microsoft Corporation; Bibliotheque d'objets de Microsoft Common Controls 2>
2008-05-01 19:38:57 0 d-------- C:\Users\All Users\LightScribe
2008-05-01 19:38:57 0 d-------- C:\Users\All Users\Application Data\LightScribe
2008-05-01 19:37:22 0 d-------- C:\Program Files (x86)\Common Files\LightScribe
2008-05-01 19:37:13 0 d-------- C:\Program Files (x86)\Common Files\Droppix
2008-05-01 19:37:12 0 d-------- C:\Program Files (x86)\Droppix
2008-05-01 19:36:21 0 d-------- C:\Users\All Users\Droppix
2008-05-01 19:36:21 0 d-------- C:\Users\All Users\Application Data\Droppix
2008-05-01 19:32:31 90112 --a------ C:\Windows\system32\agsaami.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFormatSettings3 Module>
2008-05-01 19:32:31 610304 --a------ C:\Windows\system32\agsaamg.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFile3 Module>
2008-05-01 19:32:31 372736 --a------ C:\Windows\system32\agsaamc.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFileWMA3 Module>
2008-05-01 19:32:30 339968 --a------ C:\Windows\system32\NCTAudioArrayProcessing3.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioArrayProcessing3 Module>
2008-05-01 19:32:30 2535424 --a------ C:\Windows\system32\agsaamj.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCompress3 Module>
2008-05-01 19:32:29 40960 --a------ C:\Windows\system32\VBAME.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-05-01 19:32:29 1 --a------ C:\Windows\audi20.dat
2008-04-29 20:15:05 1700352 --a------ C:\Windows\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-22 19:34:06 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-04-22 19:34:06 0 d-------- C:\Users\All Users\Application Data\SUPERAntiSpyware.com
2008-04-22 19:32:01 138752 --a------ C:\Windows\system32\drivers\sp_rsdrv2.sys
2008-04-22 19:32:00 0 d-------- C:\Users\All Users\Spyware Terminator
2008-04-22 19:32:00 0 d-------- C:\Users\All Users\Application Data\Spyware Terminator
2008-04-22 19:31:55 0 d-------- C:\Program Files (x86)\Spyware Terminator
2008-04-22 19:28:21 0 d-------- C:\Users\All Users\NETGATE
2008-04-22 19:28:21 0 d-------- C:\Users\All Users\Application Data\NETGATE
2008-04-22 19:16:48 0 d-------- C:\Users\All Users\Avg8
2008-04-22 19:16:48 0 d-------- C:\Users\All Users\Application Data\Avg8
2008-04-22 18:24:24 0 d-------- C:\Program Files (x86)\Lavasoft
2008-04-20 23:56:26 0 --a------ C:\Windows\system32\sys_dll.dll
2008-04-20 13:24:47 0 d-------- C:\Program Files (x86)\Wise Disk Cleaner
2008-04-20 13:22:52 0 d-------- C:\Program Files (x86)\Wise Registry Cleaner 3
2008-04-14 13:01:58 0 d-------- C:\Program Files (x86)\vghd
2008-04-06 21:50:23 94208 --a------ C:\Windows\amcap.exe <Not Verified; Microsoft Corporation; DirectX 8.1 Sample>
-- Find3M Report ---------------------------------------------------------------
2008-05-04 13:09:31 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Skype
2008-05-04 12:54:51 0 d-------- C:\Users\VIKTOR\AppData\Roaming\skypePM
2008-05-04 11:17:20 0 d-------- C:\Program Files (x86)\a-squared Free
2008-05-04 10:19:27 0 d-------- C:\Program Files (x86)\Google
2008-05-04 01:32:36 0 d---s---- C:\Users\VIKTOR\AppData\Roaming\Microsoft
2008-05-04 00:57:15 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Spyware Terminator
2008-05-04 00:46:47 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Antivirus
2008-05-03 12:04:18 0 d-------- C:\Program Files (x86)\bwin
2008-05-01 19:40:33 0 d-------- C:\Users\VIKTOR\AppData\Roaming\DeepBurner
2008-05-01 19:38:07 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Droppix
2008-05-01 19:37:22 0 d-------- C:\Program Files (x86)\Common Files
2008-05-01 19:06:11 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Triton Interactive
2008-04-30 22:45:39 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Any Video Converter
2008-04-30 19:56:46 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Spy Emergency
2008-04-29 21:25:47 49 --a------ C:\Users\VIKTOR\AppData\Roaming\burnaware.ini
2008-04-29 20:42:00 0 d-------- C:\Users\VIKTOR\AppData\Roaming\InfraRecorder
2008-04-29 20:13:51 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Romeo Burner
2008-04-29 20:06:01 0 d-------- C:\Users\VIKTOR\AppData\Roaming\CDBurnerXP_Soft
2008-04-29 19:30:58 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information
2008-04-26 16:12:31 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Adobe
2008-04-22 20:20:29 0 d-------- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2008-04-22 19:35:31 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Simply Super Software
2008-04-21 00:08:12 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Kazaap
2008-04-20 23:49:30 0 d-------- C:\Users\VIKTOR\AppData\Roaming\TrojanHunter
2008-04-19 09:33:42 0 d-------- C:\Program Files (x86)\ICQ6
2008-04-18 00:16:14 174 --ahs---- C:\Program Files (x86)\desktop.ini
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Sidebar
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Photo Gallery
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Mail
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Collaboration
2008-04-18 00:03:03 0 d-------- C:\Program Files (x86)\Windows Calendar
2008-04-18 00:03:02 0 d-------- C:\Program Files (x86)\Windows Defender
2008-04-14 13:01:57 0 d-------- C:\Users\VIKTOR\AppData\Roaming\vghd
2008-04-01 15:21:37 0 d-------- C:\Users\VIKTOR\AppData\Roaming\Vso
2008-03-31 21:42:13 0 d-------- C:\Users\VIKTOR\AppData\Roaming\ICQ
2008-03-30 23:39:55 0 d-------- C:\Program Files (x86)\Any Audio Converter
2008-03-28 01:13:29 7859 --a------ C:\Users\VIKTOR\AppData\Roaming\pcouffin.cat
2008-03-23 22:25:03 0 d-------- C:\Users\VIKTOR\AppData\Roaming\FinalBurner AudioCD Ripper
2008-03-23 15:46:41 0 d-------- C:\Program Files (x86)\Common Files\Adobe
2008-03-22 17:25:33 0 d-------- C:\Program Files (x86)\Verdict Free
2008-03-17 21:35:27 0 d-------- C:\Program Files (x86)\NCH Software
-- Registry Dump ---------------------------------------------------------------
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8300 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-05-04 17:52:12 ------------
Re: viry
Stejně jako HJT to vypisuje nesmysly...respektive všude file missing, takže ti doporučím proscanovat s MWAV (odkaz viz. podpis)...vlož sem výsledky z oknénka o nalezených hrozbách (virus log information), to spodní okénko.
Odinstaloval si Antivirus 2008? Jak to teď vypadá s počítačem?
Odinstaloval si Antivirus 2008? Jak to teď vypadá s počítačem?
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti