Prosím o k. logu:zamrzá nejde spustit soft.

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Pravidla fóra
Návod na použití programu HijackThis || Návod na vyčištění počítače CCleanerem || FAQ: Antiviry
Odpovědět
conan
nováček
Příspěvky: 9
Registrován: 08 bře 2009 20:50

Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od conan »

Ahoj prosím pomůže někdo?Pc se seká na netu nejdou spustit programy jako tune up,anti crash ..pomůže jenom restart.Dík.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55:32, on 8.3.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\Integrator.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jitka\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HDInspector.exe] D:\Hard Drive Inspector Pro v3.1.201\HDInspector_pro\HDInspector.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6266737102" onclick="window.open(this.href);return false;
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6277430417" onclick="window.open(this.href);return false;
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/" onclick="window.open(this.href);return false;) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5002 bytes

log.MWAV použit CCleaner.

Objekt "CWS Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "CyberSitter Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1029-7B44-A81200000003}\Setup.exe je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019211.dll je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019212.exe je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019213.dll je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019214.dll je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019215.dll je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019216.dll je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019217.dll je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019218.exe je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0019219.dll je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\System Volume Information\_restore{0BF4316B-4256-4A9F-BD78-87A5D9AFB926}\RP23\A0022299.exe je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Příspěvky: 43410
Registrován: 16 čer 2007 18:58
Bydliště: Jižní Čechy

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od jaro3 »

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
conan
nováček
Příspěvky: 9
Registrován: 08 bře 2009 20:50

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od conan »

Malwarebytes' Anti-Malware 1.34
Verze databáze: 1827
Windows 5.1.2600 Service Pack 3

8.3.2009 22:22:56
mbam-log-2009-03-08 (22-22-56).txt

Typ skenu: Rychlý sken
Objektu skenováno: 58939
Uplynulý cas: 5 minute(s), 17 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Příspěvky: 43410
Registrován: 16 čer 2007 18:58
Bydliště: Jižní Čechy

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od jaro3 »

Vypni rez. ochranu u Avastu.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
conan
nováček
Příspěvky: 9
Registrován: 08 bře 2009 20:50

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od conan »

Zdravím.

ComboFix 09-03-06.02 - Jitka 2009-03-09 9:08:56.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.255.111 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jitka\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090308-0] *On-access scanning disabled* (Updated)
AV: BitDefender Antivirus *On-access scanning disabled* (Updated)
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jitka\Data aplikací\dach100.dll
c:\windows\regedit.com
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-02-09 do 2009-03-09 )))))))))))))))))))))))))))))))
.

2009-03-08 22:15 . 2009-03-08 22:15 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-08 22:15 . 2009-03-08 22:15 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\Malwarebytes
2009-03-08 22:15 . 2009-03-08 22:15 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-03-08 22:15 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-08 22:15 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-08 22:04 . 2009-03-09 08:55 81,984 --a------ c:\windows\system32\bdod.bin
2009-03-08 21:57 . 2009-03-08 21:57 850 --a------ c:\windows\system32\ProductTweaks.xml
2009-03-08 21:57 . 2009-03-08 21:57 385 --a------ c:\windows\system32\user_gensett.xml
2009-03-08 21:53 . 2009-03-08 21:53 <DIR> d-------- c:\program files\BitDefender
2009-03-08 21:53 . 2009-03-08 21:56 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\BitDefender
2009-03-08 21:52 . 2009-03-08 21:54 <DIR> d-------- c:\program files\Common Files\BitDefender
2009-03-08 20:18 . 2009-03-08 20:18 0 --a------ C:\23990098.$$$
2009-03-08 18:26 . 2009-03-08 18:28 54 --a------ c:\windows\Lic.xxx
2009-03-08 18:25 . 2009-03-08 18:25 626,688 --a------ c:\windows\system32\msvcr80.dll
2009-03-08 18:25 . 2009-03-08 18:25 548,864 --a------ c:\windows\system32\msvcp80.dll
2009-03-08 18:25 . 2008-04-14 04:22 147,968 --a------ c:\windows\R.COM
2009-03-08 18:25 . 2008-04-14 04:22 137,216 --a------ c:\windows\system32\T.COM
2009-03-08 18:25 . 2009-03-08 18:25 28,672 --a------ c:\windows\system32\eEmpty.exe
2009-03-08 18:25 . 2005-09-22 23:22 522 --a------ c:\windows\system32\Microsoft.VC80.CRT.manifest
2009-03-08 18:24 . 2009-03-08 18:24 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\MicroWorld
2009-03-08 16:56 . 2009-03-08 16:56 <DIR> d-------- c:\program files\Trend Micro
2009-03-08 14:44 . 2009-03-08 14:44 <DIR> d--h----- c:\windows\PIF
2009-03-08 13:53 . 2009-03-08 13:55 <DIR> d-------- c:\program files\TO2SSM
2009-03-08 13:44 . 2009-03-08 13:58 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\Motive
2009-03-08 13:43 . 2009-03-08 13:54 <DIR> d-------- c:\program files\Common Files\Motive
2009-03-08 13:43 . 2009-03-08 13:43 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Motive
2009-03-08 13:28 . 2009-03-08 13:28 <DIR> d-------- c:\program files\Lavalys
2009-03-08 12:45 . 2009-03-08 12:45 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\MSN6
2009-03-08 12:45 . 2009-03-08 12:45 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\MSN6
2009-03-08 12:30 . 2009-03-08 12:30 <DIR> d-------- c:\program files\Hard Drive Inspector
2009-03-08 12:29 . 2009-03-08 12:29 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\AltrixSoft
2009-03-08 11:53 . 2009-03-08 11:53 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\TuneUp Software
2009-03-08 11:53 . 2009-03-08 11:53 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-08 11:53 . 2009-03-08 11:53 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-08 11:53 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-08 11:52 . 2009-03-08 11:54 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-08 11:52 . 2009-03-08 11:52 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-08 11:52 . 2009-03-08 11:52 <DIR> d--hs---- c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-08 11:25 . 2009-03-08 11:25 <DIR> d-------- c:\windows\PatchWise.bak
2009-03-08 11:22 . 2009-03-08 11:22 <DIR> d-------- c:\program files\Dachshund Software
2009-03-08 11:22 . 2009-03-08 23:09 186 --ah----- c:\windows\winshell.dat
2009-03-08 09:05 . 2009-03-08 09:05 <DIR> d-------- c:\program files\CCleaner
2009-03-08 07:41 . 2008-09-17 23:55 453,152 --a------ c:\windows\system32\nvuninst.exe
2009-03-08 07:41 . 2008-09-17 23:55 453,152 --a------ c:\windows\system32\nvudisp.exe
2009-03-08 07:41 . 2008-09-17 23:55 201,050 --a------ c:\windows\system32\nvapps.nvb
2009-03-07 21:44 . 2009-03-07 21:44 <DIR> d-------- c:\program files\Skype
2009-03-07 21:44 . 2009-03-07 21:44 <DIR> d-------- c:\program files\Common Files\Skype
2009-03-07 21:44 . 2009-03-08 08:36 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\Skype
2009-03-07 19:47 . 2009-03-07 21:41 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\Skype(2)
2009-03-07 19:46 . 2009-03-07 21:41 <DIR> d-------- c:\program files\Skype(2)
2009-03-07 17:32 . 2009-03-07 21:44 <DIR> d-------- c:\program files\PhotoFiltre
2009-03-07 10:12 . 2009-03-07 10:12 48 --ah----- c:\windows\system32\ezsidmv.dat
2009-03-07 09:06 . 2009-03-09 09:13 193,407 --a------ c:\windows\system32\nvapps.xml
2009-03-07 09:05 . 2009-03-08 07:52 <DIR> d-------- c:\windows\nview
2009-03-07 09:05 . 2008-09-17 23:55 18,394 --a------ c:\windows\system32\nvdisp.nvu
2009-03-07 09:02 . 2009-03-07 09:02 <DIR> d-------- c:\program files\Common Files\InstallShield
2009-03-07 08:13 . 2009-03-07 08:13 <DIR> d-------- c:\windows\system32\WinFox
2009-03-07 08:13 . 2005-03-25 18:24 9,600 --a------ c:\windows\system32\drivers\WINFOXIO.sys
2009-03-07 07:56 . 2009-03-07 07:56 <DIR> d-------- c:\program files\HWiNFO32
2009-03-06 12:17 . 2008-08-14 14:26 2,191,360 --a------ c:\windows\system32\ntoskrnl.exe
2009-03-06 11:49 . 2009-03-07 20:10 <DIR> d-------- c:\windows\system32\cs-cz
2009-03-06 11:49 . 2009-03-07 21:43 <DIR> d-------- c:\windows\system32\cs
2009-03-06 11:49 . 2009-03-07 20:10 <DIR> d-------- c:\windows\l2schemas
2009-03-06 11:40 . 2008-04-14 04:16 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll
2009-03-06 10:47 . 2008-09-10 02:16 1,307,648 --------- c:\windows\system32\msxml6.dll
2009-03-06 10:46 . 2008-04-14 04:23 695,808 -----c--- c:\windows\system32\dllcache\drmv2clt.dll
2009-03-06 09:44 . 2008-06-14 18:35 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-03-06 09:42 . 2008-12-12 18:03 3,088,896 -----c--- c:\windows\system32\dllcache\mshtml.dll
2009-03-06 09:42 . 2008-10-16 02:03 1,499,648 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2009-03-06 09:42 . 2008-10-16 02:03 667,136 -----c--- c:\windows\system32\dllcache\wininet.dll
2009-03-06 09:42 . 2008-10-16 02:03 619,008 -----c--- c:\windows\system32\dllcache\urlmon.dll
2009-03-06 09:39 . 2008-09-15 16:27 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-03-06 09:38 . 2008-08-14 14:26 2,191,360 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-03-06 09:38 . 2008-08-14 14:26 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-03-06 09:38 . 2008-08-14 14:26 2,068,224 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-03-06 09:38 . 2008-08-14 14:26 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-03-06 09:31 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-03-06 09:31 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-03-06 09:30 . 2008-04-11 20:06 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-03-06 09:30 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-03-06 09:30 . 2008-05-01 15:37 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-03-06 09:29 . 2008-10-03 11:04 247,326 -----c--- c:\windows\system32\dllcache\strmdll.dll
2009-03-06 09:28 . 2008-09-04 18:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-03-06 09:28 . 2008-10-15 17:38 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-03-06 09:27 . 2009-03-07 07:07 <DIR> d--h----- c:\windows\$hf_mig$
2009-03-06 09:05 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-06 09:05 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-05 21:12 . 2009-03-05 21:12 1,172 --a------ c:\windows\mozver.dat
2009-03-05 20:58 . 2009-03-05 20:58 0 --a------ c:\windows\nsreg.dat
2009-03-05 20:57 . 2009-03-07 08:13 <DIR> d--h----- c:\program files\InstallShield Installation Information
2009-03-05 20:52 . 2009-03-07 08:31 <DIR> d-------- c:\program files\ICQ6
2009-03-05 20:52 . 2009-03-07 08:31 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\ICQ
2009-03-05 20:44 . 2009-03-05 20:44 <DIR> d-------- c:\documents and settings\LocalService\Nabídka Start
2009-03-05 20:33 . 2009-03-06 12:40 316,640 --a------ c:\windows\WMSysPr9.prx
2009-03-05 20:32 . 2009-03-05 20:32 <DIR> d-------- c:\windows\provisioning
2009-03-05 20:32 . 2009-03-07 21:43 <DIR> d-------- c:\windows\peernet
2009-03-05 20:30 . 2009-03-07 21:38 <DIR> d-------- c:\windows\ServicePackFiles
2009-03-05 20:26 . 2007-08-10 20:43 26,488 --a------ c:\windows\system32\spupdsvc.exe
2009-03-05 20:23 . 2009-03-07 21:43 <DIR> d-------- c:\windows\EHome
2009-03-05 20:15 . 2004-08-02 14:20 7,208 --------- c:\windows\system32\secupd.sig
2009-03-05 20:15 . 2004-08-02 14:20 4,569 --------- c:\windows\system32\secupd.dat
2009-03-05 19:11 . 2009-03-05 19:11 <DIR> d---s---- c:\windows\system32\Microsoft
2009-03-05 19:08 . 2009-03-05 19:12 <DIR> d--h-c--- c:\windows\$xpsp1hfm$
2009-03-05 19:08 . 2003-08-02 05:14 25,600 --a------ c:\windows\system32\xpsp1hfm.exe
2009-03-05 18:49 . 2009-03-08 08:10 <DIR> d-------- c:\program files\mdc350
2009-03-05 18:49 . 2009-03-05 18:49 818,789 --a------ c:\program files\WEB.EXE
2009-03-05 18:19 . 2009-03-06 20:27 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\OpenOffice.org2
2009-03-05 18:00 . 2009-03-05 18:00 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Bluetooth
2009-03-05 17:50 . 2009-03-05 17:50 <DIR> d-------- c:\program files\IVT Corporation
2009-03-05 17:50 . 2009-03-05 17:51 32 --a------ c:\windows\0
2009-03-05 17:50 . 2009-03-05 17:50 0 --a------ c:\windows\system32\0
2009-03-05 17:43 . 2009-03-05 17:42 12,980 --a------ c:\windows\system32\wpa.bak
2009-03-05 17:31 . 2009-03-05 17:31 <DIR> d-------- c:\program files\OpenOffice.org 2.4
2009-03-05 17:23 . 2009-03-05 17:30 <DIR> d-------- c:\program files\Common Files\Adobe
2009-03-05 17:19 . 2009-03-08 07:48 <DIR> d-------- c:\documents and settings\Jitka\Data aplikací\skypePM
2009-03-05 17:19 . 2009-03-05 17:19 32 --a------ c:\documents and settings\All Users\Data aplikací\ezsid.dat
2009-03-05 17:17 . 2009-03-07 21:41 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Skype
2009-03-05 17:16 . 2009-03-05 17:16 <DIR> d-------- c:\program files\Alwil Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-07 19:14 2,426 ----a-w c:\windows\PCHEALTH\HELPCTR\PackageStore\SkuStore.bin
2009-03-05 19:33 8,972 ----a-w c:\windows\PCHEALTH\HELPCTR\Config\Cntstore.bin
2009-03-05 14:30 --------- d-----w c:\program files\microsoft frontpage
2009-03-08 15:48 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-03-08 15:48 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-03-08 15:48 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-03-08 15:48 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-03-08 15:48 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Jitka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AntiCrash.lnk - c:\program files\Dachshund Software\AntiCrash\AntiCrash.exe [2002-12-17 2301798]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-05 114768]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2009-03-07 16872]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-08 603904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2009-03-06 69120]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-03-08 26224]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-03-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-HDInspector.exe - d:\hard drive inspector pro v3.1.201\HDInspector_pro\HDInspector.exe


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/" onclick="window.open(this.href);return false;
FF - ProfilePath - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\rdkg3w8l.default\
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net" onclick="window.open(this.href);return false;
Rootkit scan 2009-03-09 09:13:44
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\rundll32.exe
c:\windows\Integrator.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\devldr32.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2009-03-09 9:16:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-03-09 08:16:44

Před spuštěním: Volných bajtů: 62 239 047 680
Po spuštění: Volných bajtů: 62,340,825,088

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
230 --- E O F --- 2009-03-08 06:57:33
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Příspěvky: 43410
Registrován: 16 čer 2007 18:58
Bydliště: Jižní Čechy

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od jaro3 »

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\program files\WEB.EXE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
conan
nováček
Příspěvky: 9
Registrován: 08 bře 2009 20:50

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od conan »

2009-03-07 19:14 2,426 ----a-w c:\windows\PCHEALTH\HELPCTR\PackageStore\SkuStore.bin
2009-03-05 19:33 8,972 ----a-w c:\windows\PCHEALTH\HELPCTR\Config\Cntstore.bin
2009-03-05 14:30 --------- d-----w c:\program files\microsoft frontpage
2009-01-28 01:20 409,280 ----a-w c:\windows\system32\HDDSvc.exe
2009-03-08 15:48 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-03-08 15:48 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-03-08 15:48 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-03-08 15:48 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-03-08 15:48 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-03-09_ 9.15.57.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-09 09:26:49 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_620.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Jitka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AntiCrash.lnk - c:\program files\Dachshund Software\AntiCrash\AntiCrash.exe [2002-12-17 2301798]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-05 114768]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2009-03-07 16872]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-08 603904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2009-03-06 69120]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-03-08 26224]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-03-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/" onclick="window.open(this.href);return false;
FF - ProfilePath - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\rdkg3w8l.default\
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net" onclick="window.open(this.href);return false;
Rootkit scan 2009-03-09 10:49:23
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
Celkový čas: 2009-03-09 10:50:49
ComboFix-quarantined-files.txt 2009-03-09 09:50:46
ComboFix2.txt 2009-03-09 08:16:50

Před spuštěním: Volných bajtů: 62 282 481 664
Po spuštění: Volných bajtů: 62,327,160,832

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
216 --- E O F --- 2009-03-08 06:57:33


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:53:38, on 9.3.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Integrator.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6266737102" onclick="window.open(this.href);return false;
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6277430417" onclick="window.open(this.href);return false;
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/" onclick="window.open(this.href);return false;) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 4946 bytes
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Příspěvky: 43410
Registrován: 16 čer 2007 18:58
Bydliště: Jižní Čechy

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od jaro3 »

Chybí Ti začátek logu z CF, doufejme , že se to smazalo..Jinak O.K:

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Nainstaluj javu:
Java SE Runtime Environment 6u12
Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u12-windows-i586-p.exe
Napiš jak se chová comp.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
conan
nováček
Příspěvky: 9
Registrován: 08 bře 2009 20:50

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od conan »

Tak nevím:je to asi lepší ale programy jako tune up nejde spustit sekne se a při startu win. problikne obrazovka s výběrem sys.,nouz.režim atd.
Přikládám log mwav a hjt. Díky.

Soubor C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1029-7B44-A81200000003}\Setup.exe je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:15:38, on 9.3.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\Integrator.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\DOCUME~1\Jitka\LOCALS~1\Temp\mexe.com
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6266737102" onclick="window.open(this.href);return false;
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6277430417" onclick="window.open(this.href);return false;
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/" onclick="window.open(this.href);return false;) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5582 bytes
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Příspěvky: 43410
Registrován: 16 čer 2007 18:58
Bydliště: Jižní Čechy

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od jaro3 »

Můžeš smazat:
C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1029-7B44-A81200000003}\Setup.exe

Tunep zkus přeinstalovat.
Stahni si SREng

- rozbal na plochu a spust ho
- zvol "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, uloz log na plochu a cely obsah logu zkopiruj sem
Poté:
- klikni na možnost System Repair
- Na první záložce File Associations pokud bude zatrhnutý/vybraný některý čtvereček z výpisu, tak klikni dole na tlačítko Repair.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
conan
nováček
Příspěvky: 9
Registrován: 08 bře 2009 20:50

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od conan »

Kód: Vybrat vše


2009-03-09,14:21:10

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Running Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan
    Scheduled Tasks
    API HOOK
    Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe>  [(Verified)ALWIL Software]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  [(Verified)NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <TO2SSM_McciTrayApp><C:\Program Files\TO2SSM\McciTrayApp.exe>  [Motive Communications, Inc.]
    <SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\System32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><%systemroot%\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Windows Media Player><C:\WINDOWS\INF\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <Vlastní nastavení prohlížeče><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Adresář 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Aktualizace plochy systému Windows><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]

==================================
Startup Folders
N/A

==================================
Services
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[HDD Information Service / HDDSvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\HDDSvc.exe><AltrixSoft (http://www.altrixsoft.com/)>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
  <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[McciCMService / McciCMService][Running/Auto Start]
  <"C:\Program Files\Common Files\Motive\McciCMService.exe"><Motive Communications, Inc.>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
Drivers
[Bluetooth Audio Service / BlueletAudio][Running/Manual Start]
  <System32\DRIVERS\blueletaudio.sys><IVT Corporation.>
[Bluetooth SCO Audio Service / BlueletSCOAudio][Running/Manual Start]
  <System32\DRIVERS\BlueletSCOAudio.sys><IVT Corporation.>
[Bluetooth PAN Network Adapter / BT][Running/Manual Start]
  <System32\DRIVERS\btnetdrv.sys><IVT Corporation.>
[Bluetooth HID Enumerator / BTHidEnum][Running/Boot Start]
  <\SystemRoot\System32\Drivers\vbtenum.sys><IVT Corporation.>
[Bluetooth HID Manager Service / BTHidMgr][Running/Boot Start]
  <\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation.>
[Game port pro zařízení Creative SB Live! / ctljystk][Running/Manual Start]
  <System32\DRIVERS\ctljystk.sys><Creative Technology Ltd.>
[3Com EtherLink XL 90XB/C Adapter Driver / EL90XBC][Running/Manual Start]
  <System32\DRIVERS\el90xbc5.sys><3Com Corporation>
[Creative SB Live! (WDM) / emu10k][Running/Manual Start]
  <system32\drivers\emu10k1m.sys><Creative Technology Ltd.>
[Creative Interface Manager Driver (WDM) / emu10k1][Running/Manual Start]
  <system32\drivers\ctlfacem.sys><Creative Technology Ltd.>
[HWiNFO32 Kernel Driver / HWiNFO32][Running/System Start]
  <\??\C:\Program Files\HWiNFO32\HWiNFO32.SYS><REALiX(tm)>
[MREMP50 NDIS Protocol Driver / MREMP50][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[MREMP50a64 NDIS Protocol Driver / MREMP50a64][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS><N/A>
[MREMPR5 NDIS Protocol Driver / MREMPR5][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS><N/A>
[MRENDIS5 NDIS Protocol Driver / MRENDIS5][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS><N/A>
[MRESP50 NDIS Protocol Driver / MRESP50][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[MRESP50a64 NDIS Protocol Driver / MRESP50a64][Stopped/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Creative SoundFont Manager Driver (WDM) / sfman][Running/Manual Start]
  <system32\drivers\sfmanm.sys><Creative Technology Ltd.>
[Virtual Serial port driver / VComm][Running/Manual Start]
  <System32\DRIVERS\VComm.sys><IVT Corporation.>
[Bluetooth VComm Manager Service / VcommMgr][Running/Manual Start]
  <System32\Drivers\VcommMgr.sys><IVT Corporation.>

==================================
Browser Add-ons
[Skype add-on (mastermind)]
  {22BF413B-C6D2-4d91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[Skype add-on (button)]
  {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[ICQ6]
  {E59EB121-F339-4851-A3BA-FE49C35617C2} <C:\Program Files\ICQ6\ICQ.exe, (Signed) ICQ, Inc.>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\System32\muweb.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_12]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_12]
  {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_12]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_12.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[Skype add-on (mastermind)]
  {22BF413B-C6D2-4D91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[]
  {381FFDE8-2394-4F90-B10D-FC6124A40F8C} <, >
[Microsoft Terminal Services Client Control (redist)]
  {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Skype add-on (button)]
  {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[Webový prohlížeč společnosti Microsoft]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
  {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, (Signed) N/A>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[]
  {E59EB121-F339-4851-A3BA-FE49C35617C2} <, >
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >

==================================
Running Processes
[PID: 384 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 596 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 628 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 672 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 684 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 840 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 900 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 992 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [c:\windows\system32\uxtuneup.dll]  [N/A, ]
[PID: 1044 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1104 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1364 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1335, 0]
[PID: 1412 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswInteg.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswIdle.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Base.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResMai.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ahResMes.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResNS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResOut.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ahResP2P.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResStd.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResWS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll]  [ALWIL Software, 4, 8, 1335, 0]
[PID: 1524 / Jitka][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\BROWSEUI.dll]  [Společnost Microsoft, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,109]
[PID: 1624 / Jitka][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Base.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Lang.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [c:\program files\alwil software\avast4\ahruimai.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll]  [Codejock Software, 1, 9, 4, 0]
    [c:\program files\alwil software\avast4\ahruimes.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [c:\program files\alwil software\avast4\ahruins.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [c:\program files\alwil software\avast4\ahruiout.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [c:\program files\alwil software\avast4\ahruip2p.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [c:\program files\alwil software\avast4\ahruistd.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [c:\program files\alwil software\avast4\ahruiws.dll]  [ALWIL Software, 4, 8, 1335, 0]
[PID: 1648 / Jitka][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.11.7813]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7813]
    [C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,109]
    [C:\WINDOWS\system32\NVRSCS.DLL]  [NVIDIA Corporation, 6.14.11.7813]
[PID: 1656 / Jitka][C:\Program Files\TO2SSM\McciTrayApp.exe]  [Motive Communications, Inc., 6,1,0,136]
    [C:\Program Files\Common Files\Motive\McciContextX.dll]  [Motive Communications, Inc., 6,1,0,96]
    [C:\Program Files\Common Files\Motive\McciContextDetectorWin32_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,101]
    [C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,109]
    [C:\Program Files\Common Files\Motive\McciContextDetectorEmail_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,3,101]
[PID: 1680 / Jitka][C:\Program Files\Java\jre6\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.120.4]
[PID: 1696 / Jitka][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1708 / Jitka][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3001]
    [C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,109]
[PID: 376 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 1580 / Jitka][C:\WINDOWS\system32\devldr32.exe]  [Creative Technology Ltd., 1, 0, 0, 17]
    [C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,109]
    [C:\WINDOWS\system32\DEVCON32.DLL]  [Creative Technology Ltd., 4.06.651]
    [C:\WINDOWS\system32\SFMAN32.DLL]  [Creative Technology Ltd., 4.06.501]
[PID: 1508 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe]  [Sun Microsystems, Inc., 6.0.120.4]
    [C:\Program Files\Java\jre6\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1292 / SYSTEM][C:\Program Files\Common Files\Motive\McciCMService.exe]  [Motive Communications, Inc., 6,1,0,218]
[PID: 2076 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.7813]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7813]
[PID: 2500 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResMai.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Base.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Lang.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Alwil Software\Avast4\Czech\langmai.dll]  [ALWIL Software, 4, 8, 1335, 0]
[PID: 2664 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Base.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll]  [ALWIL Software, 4, 8, 1335, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll]  [ALWIL Software, 4, 8, 1335, 0]
[PID: 2856 / SYSTEM][C:\WINDOWS\System32\wbem\wmiapsrv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 3124 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 3660 / Jitka][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.8.1.20: 2008121709]
    [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Netscape Communications Corporation, 4.6.8]
    [C:\Program Files\Mozilla Firefox\xpcom_core.dll]  [Mozilla Foundation, 1.8.1.20: 2008121709]
    [C:\Program Files\Mozilla Firefox\plc4.dll]  [Netscape Communications Corporation, 4.6.8]
    [C:\Program Files\Mozilla Firefox\plds4.dll]  [Netscape Communications Corporation, 4.6.8]
    [C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.11.9.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.11.9.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.11.9.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\xpcom_compat.dll]  [Mozilla Foundation, 1.8.1.20: 2008121709]
    [C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,109]
    [C:\Program Files\Mozilla Firefox\components\myspell.dll]  [Mozilla Foundation, 1.8.1.20: 2008121709]
    [C:\Program Files\Mozilla Firefox\components\jar50.dll]  [Mozilla Foundation, 1.8.1.20: 2008121709]
    [C:\Program Files\Mozilla Firefox\components\spellchk.dll]  [Mozilla Foundation, 1.8.1.20: 2008121709]
    [C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.65]
    [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll]  [, ]
[PID: 564 / SYSTEM][C:\WINDOWS\system32\msiexec.exe]  [(Verified) Microsoft Corporation, 3.1.4001.5512]
[PID: 2220 / Jitka][C:\Documents and Settings\Jitka\Plocha\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
[PID: 2368 / Jitka][C:\Documents and Settings\Jitka\Plocha\SRE6a9937a7.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll]  [Motive Communications, Inc., 6,1,4,109]
    [C:\Documents and Settings\Jitka\Plocha\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1656, C:\PROGRAM FILES\TO2SSM\MCCITRAYAPP.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1292, C:\PROGRAM FILES\COMMON FILES\MOTIVE\MCCICMSERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2220, C:\DOCUMENTS AND SETTINGS\JITKA\PLOCHA\SRENGLDR.EXE]

==================================
Scheduled Tasks
N/A

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================
Nahoru
conan
nováček
Příspěvky: 9
Registrován: 08 bře 2009 20:50

Re: Prosím o k. logu:zamrzá nejde spustit soft.

Příspěvek od conan »

:idea:
Problém trvá některé programy nejdou spustit seknouse to samé na netu např stahuj.cz opakovaně,některé bez problémů.Díky. :idea:
Nahoru
Odpovědět

Zpět na „HiJackThis“