Mám nejaky hrozne pomaly a zasekany pc a velmi casto mi vypadava internet myslim ze tam bude naky virus podivejte se na log.
diky
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 17:25:42, on 25.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Služba Google Update (gupdate1ca6d169a02c9a4) (gupdate1ca6d169a02c9a4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\Hanka\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 6506 bytes
HJT kontrola Vyřešeno
HJT kontrola
NTB : Lenovo Y570
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: HJT kontrola
Odinstaluj:
DAEMON Tools Toolbar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
DAEMON Tools Toolbar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: HJT kontrola
kdyz stahuju tak mam velkou rychlost ale pak to padne treba na 160kb/s a pak na 80 a furt to de dolu a sekne se netem to neni
tady je log z mbam
Malwarebytes' Anti-Malware 1.42
Verze databáze: 3428
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
25.12.2009 19:57:34
mbam-log-2009-12-25 (19-57-34).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 101441
Uplynulý čas: 6 minute(s), 2 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
tady je log z mbam
Malwarebytes' Anti-Malware 1.42
Verze databáze: 3428
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
25.12.2009 19:57:34
mbam-log-2009-12-25 (19-57-34).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 101441
Uplynulý čas: 6 minute(s), 2 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
NTB : Lenovo Y570
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: HJT kontrola
Nic tam nevidím..
Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah
Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: HJT kontrola
RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hanka at 2009-12-25 20:11:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 31 GB (40%) free of 76 GB
Total RAM: 1279 MB (61% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-22 1484056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-12-22 2033432]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-26 172032]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-22 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\EA Games\Battlefield Vietnam\bfvietnam.exe"="C:\Program Files\EA Games\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Hanka\Dokumenty\Downloads\[PC] Brothers In Arms Earned in Blood [RIP] [dopeman]\Earned\System\EiB.exe"="C:\Documents and Settings\Hanka\Dokumenty\Downloads\[PC] Brothers In Arms Earned in Blood [RIP] [dopeman]\Earned\System\EiB.exe:*:Enabled:Brothers In Arms Earned In Blood"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-12-25 20:11:26 ----D---- C:\rsit
2009-12-25 20:11:26 ----D---- C:\Program Files\trend micro
2009-12-25 19:29:57 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Malwarebytes
2009-12-25 19:29:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-25 19:29:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-12-25 17:37:57 ----D---- C:\Program Files\CCleaner
2009-12-25 17:25:00 ----D---- C:\Program Files\TrendMicro
2009-12-24 13:47:04 ----D---- C:\Program Files\Common Files\DirectX
2009-12-24 13:37:36 ----D---- C:\Program Files\SCi Games
2009-12-24 12:48:08 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Opera
2009-12-24 12:47:50 ----D---- C:\Program Files\Opera
2009-12-23 15:57:12 ----D---- C:\Documents and Settings\Hanka\Data aplikací\teamspeak2
2009-12-23 15:56:59 ----D---- C:\Program Files\Teamspeak2_RC2
2009-12-22 12:12:51 ----D---- C:\Program Files\IObit
2009-12-21 17:08:40 ----D---- C:\Documents and Settings\Hanka\Data aplikací\ICQ
2009-12-21 17:05:14 ----D---- C:\Program Files\ICQ6.5
2009-12-21 17:01:10 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Allstar
2009-12-20 16:10:58 ----SD---- C:\Program Files\HLSW
2009-12-20 16:10:58 ----D---- C:\Documents and Settings\Hanka\Data aplikací\HLSW
2009-12-19 15:14:34 ----D---- C:\Program Files\GamePark
2009-12-19 15:13:47 ----A---- C:\WINDOWS\game.ini
2009-12-19 15:00:40 ----D---- C:\Program Files\Activision
2009-12-15 16:43:07 ----D---- C:\Program Files\Combined Community Codec Pack
2009-12-12 14:09:53 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Leawo
2009-12-12 14:09:31 ----D---- C:\Program Files\Leawo
2009-12-12 13:53:02 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Nero
2009-12-12 13:49:16 ----D---- C:\Program Files\Nero
2009-12-12 13:48:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2009-12-12 13:48:49 ----D---- C:\Program Files\Common Files\Nero
2009-12-11 21:04:10 ----D---- C:\Program Files\Flash DVD Ripper
2009-12-11 20:59:52 ----D---- C:\Documents and Settings\Hanka\Data aplikací\kibisoft
2009-12-11 20:59:47 ----D---- C:\Program Files\Kibisoft
2009-12-10 14:05:22 ----D---- C:\My Video
2009-12-10 14:04:39 ----A---- C:\WINDOWS\system32\lame_enc.dll
2009-12-10 14:04:39 ----A---- C:\WINDOWS\system32\auth.dll
2009-12-10 14:04:39 ----A---- C:\WINDOWS\system32\advd.dll
2009-12-10 14:04:39 ----A---- C:\WINDOWS\dvdtoaviconverter2.ini
2009-12-10 14:04:38 ----D---- C:\Program Files\MyDVDTools
2009-12-09 22:05:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 22:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 22:04:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 22:04:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 22:04:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-07 16:24:12 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2009-12-07 16:24:01 ----D---- C:\Program Files\DVDZip 4.0
2009-12-07 15:24:01 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Media Player Classic
2009-12-06 12:30:01 ----D---- C:\Program Files\PSPad editor
2009-12-04 20:04:35 ----D---- C:\Documents and Settings\Hanka\Data aplikací\skypePM
2009-12-04 20:03:08 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Skype
2009-12-04 20:02:19 ----D---- C:\Program Files\Common Files\Skype
2009-12-04 20:02:14 ----RD---- C:\Program Files\Skype
2009-12-04 20:02:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-03 18:26:16 ----D---- C:\Program Files\HighGrow
2009-12-02 18:13:06 ----A---- C:\WINDOWS\nfsc_patch.ini
2009-11-30 21:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-30 21:41:59 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-11-30 21:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-11-30 21:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-11-30 14:43:55 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Gearbox Software
2009-11-29 15:56:32 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Apple Computer
2009-11-29 15:56:08 ----D---- C:\Program Files\Safari
2009-11-29 15:56:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2009-11-29 15:55:38 ----D---- C:\Program Files\Common Files\Apple
2009-11-29 15:55:10 ----D---- C:\Program Files\Apple Software Update
2009-11-29 15:55:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2009-11-29 15:05:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2009-11-29 11:36:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-29 11:36:01 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-11-29 11:34:04 ----D---- C:\Program Files\Windows Media Connect 2
2009-11-29 11:33:46 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-11-29 11:31:17 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-11-29 11:30:25 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-11-27 20:13:19 ----A---- C:\WINDOWS\system32\miccyhook.dll
2009-11-27 18:12:27 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-11-27 18:06:32 ----D---- C:\Program Files\ATI Technologies
2009-11-27 17:57:39 ----D---- C:\ATI
2009-11-27 14:13:48 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2009-11-27 13:56:24 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-27 13:55:33 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-11-27 13:55:28 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-11-26 19:46:49 ----A---- C:\WINDOWS\system32\unrar.dll
2009-11-26 19:46:48 ----A---- C:\WINDOWS\avisplitter.ini
2009-11-26 19:46:46 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-11-26 19:46:46 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-11-26 19:46:46 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-11-26 19:46:43 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-11-26 19:46:42 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-11-26 19:46:40 ----D---- C:\Program Files\K-Lite Codec Pack
======List of files/folders modified in the last 1 months======
2009-12-25 20:11:26 ----RD---- C:\Program Files
2009-12-25 20:10:08 ----D---- C:\WINDOWS\Prefetch
2009-12-25 19:29:51 ----D---- C:\WINDOWS\system32\drivers
2009-12-25 19:26:07 ----D---- C:\WINDOWS\Temp
2009-12-25 19:26:02 ----D---- C:\WINDOWS
2009-12-25 19:22:29 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-25 19:22:20 ----D---- C:\Documents and Settings\Hanka\Data aplikací\uTorrent
2009-12-25 19:21:53 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-12-25 17:40:11 ----D---- C:\WINDOWS\Debug
2009-12-25 17:25:06 ----SHD---- C:\WINDOWS\Installer
2009-12-25 17:25:01 ----SD---- C:\Documents and Settings\Hanka\Data aplikací\Microsoft
2009-12-25 17:19:18 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-25 17:18:02 ----D---- C:\Program Files\Mozilla Firefox
2009-12-25 15:13:00 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-12-24 20:33:54 ----HD---- C:\WINDOWS\inf
2009-12-24 13:47:04 ----D---- C:\Program Files\Common Files
2009-12-24 13:37:27 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-23 21:14:13 ----D---- C:\WINDOWS\system32
2009-12-22 12:08:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2009-12-22 10:35:50 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-12-20 16:11:23 ----D---- C:\WINDOWS\WinSxS
2009-12-19 14:59:10 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-10 14:02:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 22:05:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-09 22:05:12 ----D---- C:\Program Files\Internet Explorer
2009-12-09 22:04:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-07 16:24:12 ----D---- C:\WINDOWS\system
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-29 22:01:11 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-29 15:55:15 ----SD---- C:\WINDOWS\Tasks
2009-11-29 15:03:28 ----D---- C:\Program Files\Windows Media Player
2009-11-29 11:34:50 ----A---- C:\WINDOWS\win.ini
2009-11-29 11:33:59 ----D---- C:\WINDOWS\Help
2009-11-29 11:30:33 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-27 13:55:18 ----D---- C:\WINDOWS\system32\DirectX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-22 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-22 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-22 360584]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-08-29 578304]
R3 USB_RNDIS;D-Link DSL Bridge/Router; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 afmazb2k;afmazb2k; C:\WINDOWS\system32\drivers\afmazb2k.sys []
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-12-22 906520]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-12-22 285392]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-16 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-25 214520]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 gupdate1ca6d169a02c9a4;Služba Google Update (gupdate1ca6d169a02c9a4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-24 133104]
S2 hpdj;hpdj; C:\DOCUME~1\Hanka\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 5100 series -product= []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
security check:
Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
AVG Free 9.0
``````````````````````````````
Anti-malware/Other Utilities Check:
CCleaner
Adobe Flash Player 10
Adobe Reader 9.2
``````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
AVG avgemc.exe
``````````````````````````````
DNS Vulnerability Check:
`````````End of Log```````````
info.txt logfile of random's system information tool 1.06 2009-12-25 20:11:32
======Uninstall list======
MP4 Converter version 1.2.2.2-->"C:\Program Files\Leawo\MP4 Converter\unins000.exe"
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Aktualizace systému Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe"
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
Battlefield Vietnam(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E35B3C63-E958-4E31-A178-95D22024109A}\setup.exe" -l0x9
Call of Duty(R) 2 Patch 1.3-->C:\Program Files\Activision\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.exe /U "C:\Program Files\Activision\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.log"
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Combined Community Codec Pack 2009-09-09-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
D-Link DSLs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{509E7E30-8EC3-449B-8C59-B952E7489B0F}\setup.exe" -l0x9
DVD To AVI Converter 1.10-->"C:\Program Files\MyDVDTools\DVD To AVI Converter\unins000.exe"
DVDCoach Express 1.0.0-->"C:\Program Files\Kibisoft\DVDCoach Express\unins000.exe"
DVDZip 4.0-->"C:\Program Files\DVDZip 4.0\unins000.exe"
EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
Flash DVD Ripper-->C:\PROGRA~1\FLASHD~1\UNWISE.EXE C:\PROGRA~1\FLASHD~1\INSTALL.LOG
Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
GamePark-->"C:\Program Files\GamePark\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HighGrow Freeware Version 4.20-->C:\PROGRA~1\HighGrow\UNWISE.EXE C:\PROGRA~1\HighGrow\INSTALL.LOG
HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
HLSW v1.3.1-->"C:\Program Files\HLSW\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp deskjet 5100 series-->rundll32 hpzcon08.dll,VendorJettison hp deskjet 5100 series
hp deskjet 5100-->MsiExec.exe /X{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
K-Lite Codec Pack 5.4.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Mafia Game-->C:\WINDOWS\system32\MafiaSetup.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero 9 Lite-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647"
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
Nokia Software Updater-->MsiExec.exe /X{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}
Opera 10.01-->MsiExec.exe /X{6CDC748B-47B0-45EB-B740-681E8429F7F9}
Oprava hotfix aplikace Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc_heroes.exe -u
Richard Burns Rally-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92C7D009-A464-4948-A980-7A3E28CB2F49}\setup.exe" -l0x5
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x0409
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
X2X Free 3GP Converter 3.0-->"C:\Program Files\X2Xsoft\Free 3GP Converter\unins000.exe"
======Security center information======
AV: AVG Anti-Virus Free
======System event log======
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno
Record Number: 1881
Source Name: Service Control Manager
Time Written: 20091127181617.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Prohledávání počítačů byl změněn na: Zastaveno
Record Number: 1880
Source Name: Service Control Manager
Time Written: 20091127181614.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Služba Google Update (gupdate1ca6d169a02c9a4) byl změněn na: Zastaveno
Record Number: 1879
Source Name: Service Control Manager
Time Written: 20091127181613.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Správce vzdáleného přístupu byl změněn na: Spuštěno
Record Number: 1878
Source Name: Service Control Manager
Time Written: 20091127181613.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Služba brány aplikačního rozhraní byl změněn na: Spuštěno
Record Number: 1877
Source Name: Service Control Manager
Time Written: 20091127181612.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: MICHAL
Event Code: 0
Message:
Record Number: 233
Source Name: Capture Device Service
Time Written: 20091109191249.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 0
Message:
Record Number: 232
Source Name: Capture Device Service
Time Written: 20091109191248.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 0
Message:
Record Number: 231
Source Name: Capture Device Service
Time Written: 20091109191247.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 4097
Message: Aplikace C:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe vygenerovala aplikační chybu.
K chybě došlo dne 09. 11. 2009 v 16:08:23,890
Vygenerovaná výjimka: c0000005 na adrese 0069D0FD (NFSC)
Record Number: 230
Source Name: DrWatson
Time Written: 20091109160824.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 1000
Message: Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe, verze 0.0.0.0, adresa chyby 0x0029d0fd.
Record Number: 229
Source Name: Application Error
Time Written: 20091109160819.000000+060
Event Type: Chyba
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hanka at 2009-12-25 20:11:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 31 GB (40%) free of 76 GB
Total RAM: 1279 MB (61% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-22 1484056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-12-22 2033432]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-26 172032]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-22 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\EA Games\Battlefield Vietnam\bfvietnam.exe"="C:\Program Files\EA Games\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Hanka\Dokumenty\Downloads\[PC] Brothers In Arms Earned in Blood [RIP] [dopeman]\Earned\System\EiB.exe"="C:\Documents and Settings\Hanka\Dokumenty\Downloads\[PC] Brothers In Arms Earned in Blood [RIP] [dopeman]\Earned\System\EiB.exe:*:Enabled:Brothers In Arms Earned In Blood"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-12-25 20:11:26 ----D---- C:\rsit
2009-12-25 20:11:26 ----D---- C:\Program Files\trend micro
2009-12-25 19:29:57 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Malwarebytes
2009-12-25 19:29:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-25 19:29:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-12-25 17:37:57 ----D---- C:\Program Files\CCleaner
2009-12-25 17:25:00 ----D---- C:\Program Files\TrendMicro
2009-12-24 13:47:04 ----D---- C:\Program Files\Common Files\DirectX
2009-12-24 13:37:36 ----D---- C:\Program Files\SCi Games
2009-12-24 12:48:08 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Opera
2009-12-24 12:47:50 ----D---- C:\Program Files\Opera
2009-12-23 15:57:12 ----D---- C:\Documents and Settings\Hanka\Data aplikací\teamspeak2
2009-12-23 15:56:59 ----D---- C:\Program Files\Teamspeak2_RC2
2009-12-22 12:12:51 ----D---- C:\Program Files\IObit
2009-12-21 17:08:40 ----D---- C:\Documents and Settings\Hanka\Data aplikací\ICQ
2009-12-21 17:05:14 ----D---- C:\Program Files\ICQ6.5
2009-12-21 17:01:10 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Allstar
2009-12-20 16:10:58 ----SD---- C:\Program Files\HLSW
2009-12-20 16:10:58 ----D---- C:\Documents and Settings\Hanka\Data aplikací\HLSW
2009-12-19 15:14:34 ----D---- C:\Program Files\GamePark
2009-12-19 15:13:47 ----A---- C:\WINDOWS\game.ini
2009-12-19 15:00:40 ----D---- C:\Program Files\Activision
2009-12-15 16:43:07 ----D---- C:\Program Files\Combined Community Codec Pack
2009-12-12 14:09:53 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Leawo
2009-12-12 14:09:31 ----D---- C:\Program Files\Leawo
2009-12-12 13:53:02 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Nero
2009-12-12 13:49:16 ----D---- C:\Program Files\Nero
2009-12-12 13:48:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2009-12-12 13:48:49 ----D---- C:\Program Files\Common Files\Nero
2009-12-11 21:04:10 ----D---- C:\Program Files\Flash DVD Ripper
2009-12-11 20:59:52 ----D---- C:\Documents and Settings\Hanka\Data aplikací\kibisoft
2009-12-11 20:59:47 ----D---- C:\Program Files\Kibisoft
2009-12-10 14:05:22 ----D---- C:\My Video
2009-12-10 14:04:39 ----A---- C:\WINDOWS\system32\lame_enc.dll
2009-12-10 14:04:39 ----A---- C:\WINDOWS\system32\auth.dll
2009-12-10 14:04:39 ----A---- C:\WINDOWS\system32\advd.dll
2009-12-10 14:04:39 ----A---- C:\WINDOWS\dvdtoaviconverter2.ini
2009-12-10 14:04:38 ----D---- C:\Program Files\MyDVDTools
2009-12-09 22:05:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 22:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 22:04:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 22:04:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 22:04:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-07 16:24:12 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2009-12-07 16:24:01 ----D---- C:\Program Files\DVDZip 4.0
2009-12-07 15:24:01 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Media Player Classic
2009-12-06 12:30:01 ----D---- C:\Program Files\PSPad editor
2009-12-04 20:04:35 ----D---- C:\Documents and Settings\Hanka\Data aplikací\skypePM
2009-12-04 20:03:08 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Skype
2009-12-04 20:02:19 ----D---- C:\Program Files\Common Files\Skype
2009-12-04 20:02:14 ----RD---- C:\Program Files\Skype
2009-12-04 20:02:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-03 18:26:16 ----D---- C:\Program Files\HighGrow
2009-12-02 18:13:06 ----A---- C:\WINDOWS\nfsc_patch.ini
2009-11-30 21:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-30 21:41:59 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-11-30 21:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-11-30 21:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-11-30 14:43:55 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Gearbox Software
2009-11-29 15:56:32 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Apple Computer
2009-11-29 15:56:08 ----D---- C:\Program Files\Safari
2009-11-29 15:56:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2009-11-29 15:55:38 ----D---- C:\Program Files\Common Files\Apple
2009-11-29 15:55:10 ----D---- C:\Program Files\Apple Software Update
2009-11-29 15:55:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2009-11-29 15:05:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2009-11-29 11:36:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-29 11:36:01 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-11-29 11:34:04 ----D---- C:\Program Files\Windows Media Connect 2
2009-11-29 11:33:46 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-11-29 11:31:17 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-11-29 11:30:25 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-11-27 20:13:19 ----A---- C:\WINDOWS\system32\miccyhook.dll
2009-11-27 18:12:27 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-11-27 18:06:32 ----D---- C:\Program Files\ATI Technologies
2009-11-27 17:57:39 ----D---- C:\ATI
2009-11-27 14:13:48 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2009-11-27 13:56:24 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-27 13:55:33 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-11-27 13:55:28 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-11-26 19:46:49 ----A---- C:\WINDOWS\system32\unrar.dll
2009-11-26 19:46:48 ----A---- C:\WINDOWS\avisplitter.ini
2009-11-26 19:46:46 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-11-26 19:46:46 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-11-26 19:46:46 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-11-26 19:46:43 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-11-26 19:46:42 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-11-26 19:46:40 ----D---- C:\Program Files\K-Lite Codec Pack
======List of files/folders modified in the last 1 months======
2009-12-25 20:11:26 ----RD---- C:\Program Files
2009-12-25 20:10:08 ----D---- C:\WINDOWS\Prefetch
2009-12-25 19:29:51 ----D---- C:\WINDOWS\system32\drivers
2009-12-25 19:26:07 ----D---- C:\WINDOWS\Temp
2009-12-25 19:26:02 ----D---- C:\WINDOWS
2009-12-25 19:22:29 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-25 19:22:20 ----D---- C:\Documents and Settings\Hanka\Data aplikací\uTorrent
2009-12-25 19:21:53 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-12-25 17:40:11 ----D---- C:\WINDOWS\Debug
2009-12-25 17:25:06 ----SHD---- C:\WINDOWS\Installer
2009-12-25 17:25:01 ----SD---- C:\Documents and Settings\Hanka\Data aplikací\Microsoft
2009-12-25 17:19:18 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-25 17:18:02 ----D---- C:\Program Files\Mozilla Firefox
2009-12-25 15:13:00 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-12-24 20:33:54 ----HD---- C:\WINDOWS\inf
2009-12-24 13:47:04 ----D---- C:\Program Files\Common Files
2009-12-24 13:37:27 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-23 21:14:13 ----D---- C:\WINDOWS\system32
2009-12-22 12:08:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2009-12-22 10:35:50 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-12-20 16:11:23 ----D---- C:\WINDOWS\WinSxS
2009-12-19 14:59:10 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-10 14:02:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 22:05:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-09 22:05:12 ----D---- C:\Program Files\Internet Explorer
2009-12-09 22:04:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-07 16:24:12 ----D---- C:\WINDOWS\system
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-29 22:01:11 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-29 15:55:15 ----SD---- C:\WINDOWS\Tasks
2009-11-29 15:03:28 ----D---- C:\Program Files\Windows Media Player
2009-11-29 11:34:50 ----A---- C:\WINDOWS\win.ini
2009-11-29 11:33:59 ----D---- C:\WINDOWS\Help
2009-11-29 11:30:33 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-27 13:55:18 ----D---- C:\WINDOWS\system32\DirectX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-22 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-22 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-22 360584]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-08-29 578304]
R3 USB_RNDIS;D-Link DSL Bridge/Router; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 afmazb2k;afmazb2k; C:\WINDOWS\system32\drivers\afmazb2k.sys []
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-12-22 906520]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-12-22 285392]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-16 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-25 214520]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 gupdate1ca6d169a02c9a4;Služba Google Update (gupdate1ca6d169a02c9a4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-24 133104]
S2 hpdj;hpdj; C:\DOCUME~1\Hanka\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 5100 series -product= []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
security check:
Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
AVG Free 9.0
``````````````````````````````
Anti-malware/Other Utilities Check:
CCleaner
Adobe Flash Player 10
Adobe Reader 9.2
``````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
AVG avgemc.exe
``````````````````````````````
DNS Vulnerability Check:
`````````End of Log```````````
info.txt logfile of random's system information tool 1.06 2009-12-25 20:11:32
======Uninstall list======
MP4 Converter version 1.2.2.2-->"C:\Program Files\Leawo\MP4 Converter\unins000.exe"
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Aktualizace systému Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe"
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
Battlefield Vietnam(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E35B3C63-E958-4E31-A178-95D22024109A}\setup.exe" -l0x9
Call of Duty(R) 2 Patch 1.3-->C:\Program Files\Activision\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.exe /U "C:\Program Files\Activision\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.log"
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Combined Community Codec Pack 2009-09-09-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
D-Link DSLs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{509E7E30-8EC3-449B-8C59-B952E7489B0F}\setup.exe" -l0x9
DVD To AVI Converter 1.10-->"C:\Program Files\MyDVDTools\DVD To AVI Converter\unins000.exe"
DVDCoach Express 1.0.0-->"C:\Program Files\Kibisoft\DVDCoach Express\unins000.exe"
DVDZip 4.0-->"C:\Program Files\DVDZip 4.0\unins000.exe"
EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
Flash DVD Ripper-->C:\PROGRA~1\FLASHD~1\UNWISE.EXE C:\PROGRA~1\FLASHD~1\INSTALL.LOG
Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
GamePark-->"C:\Program Files\GamePark\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HighGrow Freeware Version 4.20-->C:\PROGRA~1\HighGrow\UNWISE.EXE C:\PROGRA~1\HighGrow\INSTALL.LOG
HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
HLSW v1.3.1-->"C:\Program Files\HLSW\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp deskjet 5100 series-->rundll32 hpzcon08.dll,VendorJettison hp deskjet 5100 series
hp deskjet 5100-->MsiExec.exe /X{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
K-Lite Codec Pack 5.4.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Mafia Game-->C:\WINDOWS\system32\MafiaSetup.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero 9 Lite-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647"
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
Nokia Software Updater-->MsiExec.exe /X{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}
Opera 10.01-->MsiExec.exe /X{6CDC748B-47B0-45EB-B740-681E8429F7F9}
Oprava hotfix aplikace Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc_heroes.exe -u
Richard Burns Rally-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92C7D009-A464-4948-A980-7A3E28CB2F49}\setup.exe" -l0x5
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x0409
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
X2X Free 3GP Converter 3.0-->"C:\Program Files\X2Xsoft\Free 3GP Converter\unins000.exe"
======Security center information======
AV: AVG Anti-Virus Free
======System event log======
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno
Record Number: 1881
Source Name: Service Control Manager
Time Written: 20091127181617.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Prohledávání počítačů byl změněn na: Zastaveno
Record Number: 1880
Source Name: Service Control Manager
Time Written: 20091127181614.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Služba Google Update (gupdate1ca6d169a02c9a4) byl změněn na: Zastaveno
Record Number: 1879
Source Name: Service Control Manager
Time Written: 20091127181613.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Správce vzdáleného přístupu byl změněn na: Spuštěno
Record Number: 1878
Source Name: Service Control Manager
Time Written: 20091127181613.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 7036
Message: Stav služby Služba brány aplikačního rozhraní byl změněn na: Spuštěno
Record Number: 1877
Source Name: Service Control Manager
Time Written: 20091127181612.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: MICHAL
Event Code: 0
Message:
Record Number: 233
Source Name: Capture Device Service
Time Written: 20091109191249.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 0
Message:
Record Number: 232
Source Name: Capture Device Service
Time Written: 20091109191248.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 0
Message:
Record Number: 231
Source Name: Capture Device Service
Time Written: 20091109191247.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 4097
Message: Aplikace C:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe vygenerovala aplikační chybu.
K chybě došlo dne 09. 11. 2009 v 16:08:23,890
Vygenerovaná výjimka: c0000005 na adrese 0069D0FD (NFSC)
Record Number: 230
Source Name: DrWatson
Time Written: 20091109160824.000000+060
Event Type: Informace
User:
Computer Name: MICHAL
Event Code: 1000
Message: Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe, verze 0.0.0.0, adresa chyby 0x0029d0fd.
Record Number: 229
Source Name: Application Error
Time Written: 20091109160819.000000+060
Event Type: Chyba
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
NTB : Lenovo Y570
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: HJT kontrola
Vypni rez. ochranu u AVG
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Napiš , jaké máš připojení a jaký prohlížeč používáš.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Napiš , jaké máš připojení a jaký prohlížeč používáš.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: HJT kontrola
log ti dam za chvili
mluvil sem s operatorem a rikal ze chyba je u me
mam o2 adsl 8mb/s
normalne stahuju rychlosti 600kb/s ted nekdy jen 80kb/s
mluvil sem s operatorem a rikal ze chyba je u me
mam o2 adsl 8mb/s
normalne stahuju rychlosti 600kb/s ted nekdy jen 80kb/s
NTB : Lenovo Y570
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Re: HJT kontrola
zapomel sem:delaji to vsechny prohlizece mozzila google chrome,explorer
log z combofix
ComboFix 09-12-25.02 - Hanka 25.12.2009 21:36:25.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.763 [GMT 1:00]
Spuštěný z: c:\documents and settings\Hanka\Dokumenty\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\i
c:\windows\system32\msssc.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-25 do 2009-12-25 )))))))))))))))))))))))))))))))
.
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- C:\rsit
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\trend micro
2009-12-25 18:29 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-25 18:29 . 2009-12-25 18:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-25 18:29 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-25 16:37 . 2009-12-25 16:38 -------- d-----w- c:\program files\CCleaner
2009-12-25 16:25 . 2009-12-25 16:25 -------- d-----w- c:\program files\TrendMicro
2009-12-24 12:47 . 2009-12-24 12:47 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-24 12:37 . 2009-12-24 12:37 -------- d-----w- c:\program files\SCi Games
2009-12-24 11:47 . 2009-12-24 11:47 -------- d-----w- c:\program files\Opera
2009-12-23 14:56 . 2009-12-23 14:57 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-12-22 11:12 . 2009-12-22 11:12 -------- d-----w- c:\program files\IObit
2009-12-21 16:05 . 2009-12-21 16:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-20 15:10 . 2009-12-20 15:11 -------- d-s---w- c:\program files\HLSW
2009-12-19 14:14 . 2009-12-19 14:14 -------- d-----w- c:\program files\GamePark
2009-12-19 14:00 . 2009-12-19 14:00 -------- d-----w- c:\program files\Activision
2009-12-15 15:43 . 2009-12-15 15:43 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-12-12 13:09 . 2009-12-12 13:09 -------- d-----w- c:\program files\Leawo
2009-12-12 12:49 . 2009-12-12 12:49 -------- d-----w- c:\program files\Nero
2009-12-12 12:48 . 2009-12-12 12:50 -------- d-----w- c:\program files\Common Files\Nero
2009-12-11 20:04 . 2009-12-11 20:04 -------- d-----w- c:\program files\Flash DVD Ripper
2009-12-11 19:59 . 2009-12-11 19:59 -------- d-----w- c:\program files\Kibisoft
2009-12-10 13:05 . 2009-12-10 13:05 -------- d-----w- C:\My Video
2009-12-10 13:04 . 2009-12-10 13:06 1 ----a-w- c:\windows\system32\SysDVDtoAVI.dat
2009-12-10 13:04 . 2004-07-14 12:44 23040 ----a-w- c:\windows\system32\auth.dll
2009-12-10 13:04 . 2003-08-07 13:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-10 13:04 . 2002-05-23 19:40 110080 ----a-w- c:\windows\system32\advd.dll
2009-12-10 13:04 . 2009-12-10 13:04 -------- d-----w- c:\program files\MyDVDTools
2009-12-07 15:24 . 1999-09-10 11:06 5600 ----a-w- c:\windows\system\WINASPI.DLL
2009-12-07 15:24 . 1999-09-10 11:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE
2009-12-07 15:24 . 1999-09-10 11:06 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-12-07 15:24 . 1999-09-10 11:06 25244 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-12-07 15:24 . 2009-12-08 16:00 -------- d-----w- c:\program files\DVDZip 4.0
2009-12-06 11:30 . 2009-12-06 11:31 -------- d-----w- c:\program files\PSPad editor
2009-12-04 19:04 . 2009-12-04 19:04 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----w- c:\program files\Common Files\Skype
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----r- c:\program files\Skype
2009-12-03 17:26 . 2009-12-22 11:05 -------- d-----w- c:\program files\HighGrow
2009-11-29 14:57 . 2009-11-29 14:57 64852 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-29 14:56 . 2009-11-29 15:14 -------- d-----w- c:\program files\Safari
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Common Files\Apple
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Apple Software Update
2009-11-29 10:55 . 2009-11-29 10:55 -------- d-sh--w- c:\documents and settings\Hanka\PrivacIE
2009-11-29 10:34 . 2009-11-29 10:34 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-29 10:30 . 2009-11-29 10:31 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-11-27 19:13 . 2009-11-27 19:13 299008 ----a-w- c:\windows\system32\miccyhook.dll
2009-11-27 17:12 . 2006-05-03 10:57 520192 ------w- c:\windows\system32\ati2sgag.exe
2009-11-27 17:06 . 2009-11-27 17:06 -------- d-----w- c:\program files\ATI Technologies
2009-11-27 16:57 . 2009-11-27 16:57 -------- d-----w- C:\ATI
2009-11-27 13:13 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2009-11-26 18:46 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-26 18:46 . 2008-10-08 08:45 606208 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-26 18:46 . 2004-07-04 05:08 139264 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-26 18:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-26 18:46 . 2009-11-04 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-26 18:46 . 2009-11-26 18:46 -------- d-----w- c:\program files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-25 18:21 . 2009-11-05 17:08 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-12-25 14:13 . 2009-11-16 09:19 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-25 14:13 . 2009-11-16 09:18 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-24 12:37 . 2009-10-31 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-22 09:35 . 2009-11-01 16:27 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-22 09:35 . 2009-11-01 16:27 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-22 09:35 . 2009-11-01 16:27 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-22 09:35 . 2009-11-01 16:27 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-19 13:59 . 2009-10-31 18:32 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-10 13:02 . 2003-04-16 12:00 47386 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 13:02 . 2003-04-16 12:00 313244 ----a-w- c:\windows\system32\perfh005.dat
2009-11-24 15:15 . 2009-11-24 15:04 -------- d-----w- c:\program files\Common Files\Real
2009-11-24 15:04 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-24 15:04 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-24 14:59 . 2009-11-24 14:57 -------- d-----w- c:\program files\Google
2009-11-24 14:35 . 2009-11-24 14:35 -------- d-----w- c:\program files\VideoLAN
2009-11-21 16:03 . 2009-10-31 18:25 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-21 16:03 . 2009-10-31 18:25 2982 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-11-21 10:32 . 2009-11-21 10:32 -------- d-----w- c:\program files\Ubisoft
2009-11-19 17:24 . 2009-11-19 17:24 90112 ----a-w- c:\windows\system32\mini.exe
2009-11-19 16:33 . 2009-11-19 16:33 -------- d-----w- c:\program files\Creative
2009-11-16 16:58 . 2009-11-16 16:58 554 ----a-w- c:\windows\eReg.dat
2009-11-16 09:18 . 2009-11-16 09:18 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-16 09:18 . 2009-11-16 09:18 2395944 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2009-11-08 10:06 . 2009-11-08 10:06 -------- d-----w- c:\program files\Microsoft Works
2009-11-07 20:36 . 2009-11-07 20:36 -------- d-----w- c:\program files\MSXML 4.0
2009-11-07 10:48 . 2009-11-07 10:48 -------- d-----w- c:\program files\D-Link DSLs
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-11-06 21:01 . 2009-11-06 21:00 -------- d-----w- c:\program files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\MSXML 6.0
2009-11-06 16:38 . 2009-11-06 16:38 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-05 17:08 . 2009-11-05 17:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-05 17:08 . 2009-11-05 17:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-05 14:37 . 2009-11-05 14:37 -------- d-----w- c:\program files\uTorrent
2009-11-05 11:54 . 2009-11-05 11:54 -------- d-----w- c:\program files\DsNET Corp
2009-11-04 15:57 . 2009-11-04 15:57 -------- d-----w- c:\program files\Common Files\InterVideo
2009-11-04 15:56 . 2009-11-04 15:56 -------- d-----w- c:\program files\Windows Media Components
2009-11-04 15:56 . 2009-11-04 15:55 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-11-04 15:55 . 2009-11-04 15:55 -------- d-----w- c:\program files\Ulead Systems
2009-11-02 17:25 . 2009-11-02 17:25 -------- d-----w- c:\program files\X2Xsoft
2009-11-02 16:42 . 2009-11-02 16:42 -------- d-----w- c:\program files\Analog Devices
2009-11-02 15:51 . 2009-11-01 09:41 -------- d-----w- c:\program files\Hewlett-Packard
2009-11-02 15:44 . 2009-11-02 15:44 -------- d-----w- c:\program files\QIP
2009-11-02 15:17 . 2009-11-02 15:17 0 ----a-w- c:\windows\nsreg.dat
2009-11-01 09:37 . 2009-11-01 09:37 -------- d-----w- c:\program files\AVG
2009-10-31 19:19 . 2009-10-31 18:25 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2009-10-31 18:26 . 2009-10-31 18:26 -------- d-----w- c:\program files\microsoft frontpage
2009-10-31 18:23 . 2009-10-31 18:23 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-29 07:43 . 2003-04-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2009-10-31 19:17 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:40 . 2009-10-31 19:17 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-10-31 19:17 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2003-04-16 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2003-04-16 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2003-04-16 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-22 2033432]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-26 172032]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-22 09:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1.11.2009 17:27 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1.11.2009 17:27 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [22.12.2009 10:35 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [22.12.2009 10:35 285392]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.11.2009 18:07 691696]
S2 gupdate1ca6d169a02c9a4;Služba Google Update (gupdate1ca6d169a02c9a4);c:\program files\Google\Update\GoogleUpdate.exe [24.11.2009 15:58 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 22:01 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 22:01 8320]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Hanka\Data aplikací\Mozilla\Firefox\Profiles\zjkubz0x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-25 21:42
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(612)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-25 21:45:08
ComboFix-quarantined-files.txt 2009-12-25 20:45
Před spuštěním: Volných bajtů: 32 324 186 112
Po spuštění: Volných bajtů: 32 296 185 856
- - End Of File - - E839798BA6D504F52C4C0DCA49570F05
log z combofix
ComboFix 09-12-25.02 - Hanka 25.12.2009 21:36:25.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.763 [GMT 1:00]
Spuštěný z: c:\documents and settings\Hanka\Dokumenty\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\i
c:\windows\system32\msssc.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-25 do 2009-12-25 )))))))))))))))))))))))))))))))
.
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- C:\rsit
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\trend micro
2009-12-25 18:29 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-25 18:29 . 2009-12-25 18:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-25 18:29 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-25 16:37 . 2009-12-25 16:38 -------- d-----w- c:\program files\CCleaner
2009-12-25 16:25 . 2009-12-25 16:25 -------- d-----w- c:\program files\TrendMicro
2009-12-24 12:47 . 2009-12-24 12:47 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-24 12:37 . 2009-12-24 12:37 -------- d-----w- c:\program files\SCi Games
2009-12-24 11:47 . 2009-12-24 11:47 -------- d-----w- c:\program files\Opera
2009-12-23 14:56 . 2009-12-23 14:57 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-12-22 11:12 . 2009-12-22 11:12 -------- d-----w- c:\program files\IObit
2009-12-21 16:05 . 2009-12-21 16:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-20 15:10 . 2009-12-20 15:11 -------- d-s---w- c:\program files\HLSW
2009-12-19 14:14 . 2009-12-19 14:14 -------- d-----w- c:\program files\GamePark
2009-12-19 14:00 . 2009-12-19 14:00 -------- d-----w- c:\program files\Activision
2009-12-15 15:43 . 2009-12-15 15:43 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-12-12 13:09 . 2009-12-12 13:09 -------- d-----w- c:\program files\Leawo
2009-12-12 12:49 . 2009-12-12 12:49 -------- d-----w- c:\program files\Nero
2009-12-12 12:48 . 2009-12-12 12:50 -------- d-----w- c:\program files\Common Files\Nero
2009-12-11 20:04 . 2009-12-11 20:04 -------- d-----w- c:\program files\Flash DVD Ripper
2009-12-11 19:59 . 2009-12-11 19:59 -------- d-----w- c:\program files\Kibisoft
2009-12-10 13:05 . 2009-12-10 13:05 -------- d-----w- C:\My Video
2009-12-10 13:04 . 2009-12-10 13:06 1 ----a-w- c:\windows\system32\SysDVDtoAVI.dat
2009-12-10 13:04 . 2004-07-14 12:44 23040 ----a-w- c:\windows\system32\auth.dll
2009-12-10 13:04 . 2003-08-07 13:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-10 13:04 . 2002-05-23 19:40 110080 ----a-w- c:\windows\system32\advd.dll
2009-12-10 13:04 . 2009-12-10 13:04 -------- d-----w- c:\program files\MyDVDTools
2009-12-07 15:24 . 1999-09-10 11:06 5600 ----a-w- c:\windows\system\WINASPI.DLL
2009-12-07 15:24 . 1999-09-10 11:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE
2009-12-07 15:24 . 1999-09-10 11:06 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-12-07 15:24 . 1999-09-10 11:06 25244 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-12-07 15:24 . 2009-12-08 16:00 -------- d-----w- c:\program files\DVDZip 4.0
2009-12-06 11:30 . 2009-12-06 11:31 -------- d-----w- c:\program files\PSPad editor
2009-12-04 19:04 . 2009-12-04 19:04 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----w- c:\program files\Common Files\Skype
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----r- c:\program files\Skype
2009-12-03 17:26 . 2009-12-22 11:05 -------- d-----w- c:\program files\HighGrow
2009-11-29 14:57 . 2009-11-29 14:57 64852 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-29 14:56 . 2009-11-29 15:14 -------- d-----w- c:\program files\Safari
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Common Files\Apple
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Apple Software Update
2009-11-29 10:55 . 2009-11-29 10:55 -------- d-sh--w- c:\documents and settings\Hanka\PrivacIE
2009-11-29 10:34 . 2009-11-29 10:34 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-29 10:30 . 2009-11-29 10:31 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-11-27 19:13 . 2009-11-27 19:13 299008 ----a-w- c:\windows\system32\miccyhook.dll
2009-11-27 17:12 . 2006-05-03 10:57 520192 ------w- c:\windows\system32\ati2sgag.exe
2009-11-27 17:06 . 2009-11-27 17:06 -------- d-----w- c:\program files\ATI Technologies
2009-11-27 16:57 . 2009-11-27 16:57 -------- d-----w- C:\ATI
2009-11-27 13:13 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2009-11-26 18:46 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-26 18:46 . 2008-10-08 08:45 606208 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-26 18:46 . 2004-07-04 05:08 139264 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-26 18:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-26 18:46 . 2009-11-04 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-26 18:46 . 2009-11-26 18:46 -------- d-----w- c:\program files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-25 18:21 . 2009-11-05 17:08 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-12-25 14:13 . 2009-11-16 09:19 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-25 14:13 . 2009-11-16 09:18 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-24 12:37 . 2009-10-31 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-22 09:35 . 2009-11-01 16:27 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-22 09:35 . 2009-11-01 16:27 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-22 09:35 . 2009-11-01 16:27 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-22 09:35 . 2009-11-01 16:27 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-19 13:59 . 2009-10-31 18:32 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-10 13:02 . 2003-04-16 12:00 47386 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 13:02 . 2003-04-16 12:00 313244 ----a-w- c:\windows\system32\perfh005.dat
2009-11-24 15:15 . 2009-11-24 15:04 -------- d-----w- c:\program files\Common Files\Real
2009-11-24 15:04 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-24 15:04 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-24 14:59 . 2009-11-24 14:57 -------- d-----w- c:\program files\Google
2009-11-24 14:35 . 2009-11-24 14:35 -------- d-----w- c:\program files\VideoLAN
2009-11-21 16:03 . 2009-10-31 18:25 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-21 16:03 . 2009-10-31 18:25 2982 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-11-21 10:32 . 2009-11-21 10:32 -------- d-----w- c:\program files\Ubisoft
2009-11-19 17:24 . 2009-11-19 17:24 90112 ----a-w- c:\windows\system32\mini.exe
2009-11-19 16:33 . 2009-11-19 16:33 -------- d-----w- c:\program files\Creative
2009-11-16 16:58 . 2009-11-16 16:58 554 ----a-w- c:\windows\eReg.dat
2009-11-16 09:18 . 2009-11-16 09:18 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-16 09:18 . 2009-11-16 09:18 2395944 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2009-11-08 10:06 . 2009-11-08 10:06 -------- d-----w- c:\program files\Microsoft Works
2009-11-07 20:36 . 2009-11-07 20:36 -------- d-----w- c:\program files\MSXML 4.0
2009-11-07 10:48 . 2009-11-07 10:48 -------- d-----w- c:\program files\D-Link DSLs
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-11-06 21:01 . 2009-11-06 21:00 -------- d-----w- c:\program files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\MSXML 6.0
2009-11-06 16:38 . 2009-11-06 16:38 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-05 17:08 . 2009-11-05 17:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-05 17:08 . 2009-11-05 17:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-05 14:37 . 2009-11-05 14:37 -------- d-----w- c:\program files\uTorrent
2009-11-05 11:54 . 2009-11-05 11:54 -------- d-----w- c:\program files\DsNET Corp
2009-11-04 15:57 . 2009-11-04 15:57 -------- d-----w- c:\program files\Common Files\InterVideo
2009-11-04 15:56 . 2009-11-04 15:56 -------- d-----w- c:\program files\Windows Media Components
2009-11-04 15:56 . 2009-11-04 15:55 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-11-04 15:55 . 2009-11-04 15:55 -------- d-----w- c:\program files\Ulead Systems
2009-11-02 17:25 . 2009-11-02 17:25 -------- d-----w- c:\program files\X2Xsoft
2009-11-02 16:42 . 2009-11-02 16:42 -------- d-----w- c:\program files\Analog Devices
2009-11-02 15:51 . 2009-11-01 09:41 -------- d-----w- c:\program files\Hewlett-Packard
2009-11-02 15:44 . 2009-11-02 15:44 -------- d-----w- c:\program files\QIP
2009-11-02 15:17 . 2009-11-02 15:17 0 ----a-w- c:\windows\nsreg.dat
2009-11-01 09:37 . 2009-11-01 09:37 -------- d-----w- c:\program files\AVG
2009-10-31 19:19 . 2009-10-31 18:25 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2009-10-31 18:26 . 2009-10-31 18:26 -------- d-----w- c:\program files\microsoft frontpage
2009-10-31 18:23 . 2009-10-31 18:23 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-29 07:43 . 2003-04-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2009-10-31 19:17 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:40 . 2009-10-31 19:17 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-10-31 19:17 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2003-04-16 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2003-04-16 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2003-04-16 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-22 2033432]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-26 172032]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-22 09:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1.11.2009 17:27 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1.11.2009 17:27 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [22.12.2009 10:35 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [22.12.2009 10:35 285392]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.11.2009 18:07 691696]
S2 gupdate1ca6d169a02c9a4;Služba Google Update (gupdate1ca6d169a02c9a4);c:\program files\Google\Update\GoogleUpdate.exe [24.11.2009 15:58 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 22:01 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 22:01 8320]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Hanka\Data aplikací\Mozilla\Firefox\Profiles\zjkubz0x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-25 21:42
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(612)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-25 21:45:08
ComboFix-quarantined-files.txt 2009-12-25 20:45
Před spuštěním: Volných bajtů: 32 324 186 112
Po spuštění: Volných bajtů: 32 296 185 856
- - End Of File - - E839798BA6D504F52C4C0DCA49570F05
NTB : Lenovo Y570
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: HJT kontrola
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit, smazat, přesunout nebo přejmenovat
Toto otestuj na Virustotal
c:\windows\system32\miccyhook.dll
Vlož sem pak odkaz na stránku s výsledky.
Napiš pak , jak je to se stahováním.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\system32\ezsidmv.dat
c:\windows\system32\mlfcache.dat
c:\windows\system32\mini.exe
Folder::
c:\program files\DAEMON Tools Toolbar
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit, smazat, přesunout nebo přejmenovat
Toto otestuj na Virustotal
c:\windows\system32\miccyhook.dll
Vlož sem pak odkaz na stránku s výsledky.
Napiš pak , jak je to se stahováním.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: HJT kontrola
log z combofixu
ComboFix 09-12-25.02 - Hanka 26.12.2009 16:22:04.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.885 [GMT 1:00]
Spuštěný z: c:\documents and settings\Hanka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Hanka\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"c:\windows\system32\ezsidmv.dat"
"c:\windows\system32\mini.exe"
"c:\windows\system32\mlfcache.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\windows\system32\ezsidmv.dat
c:\windows\system32\mini.exe
c:\windows\system32\mlfcache.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-26 do 2009-12-26 )))))))))))))))))))))))))))))))
.
2009-12-26 12:03 . 2009-12-26 12:04 -------- d-----w- c:\program files\Xfire
2009-12-26 11:41 . 2009-12-26 11:41 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- C:\rsit
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\trend micro
2009-12-25 18:29 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-25 18:29 . 2009-12-25 18:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-25 18:29 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-25 16:37 . 2009-12-25 16:38 -------- d-----w- c:\program files\CCleaner
2009-12-25 16:25 . 2009-12-25 16:25 -------- d-----w- c:\program files\TrendMicro
2009-12-24 12:47 . 2009-12-24 12:47 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-24 12:37 . 2009-12-24 12:37 -------- d-----w- c:\program files\SCi Games
2009-12-24 11:47 . 2009-12-24 11:47 -------- d-----w- c:\program files\Opera
2009-12-23 14:56 . 2009-12-23 14:57 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-12-22 11:12 . 2009-12-22 11:12 -------- d-----w- c:\program files\IObit
2009-12-21 16:05 . 2009-12-21 16:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-20 15:10 . 2009-12-20 15:11 -------- d-s---w- c:\program files\HLSW
2009-12-19 14:14 . 2009-12-19 14:14 -------- d-----w- c:\program files\GamePark
2009-12-19 14:00 . 2009-12-19 14:00 -------- d-----w- c:\program files\Activision
2009-12-15 15:43 . 2009-12-15 15:43 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-12-12 13:09 . 2009-12-12 13:09 -------- d-----w- c:\program files\Leawo
2009-12-12 12:49 . 2009-12-12 12:49 -------- d-----w- c:\program files\Nero
2009-12-12 12:48 . 2009-12-12 12:50 -------- d-----w- c:\program files\Common Files\Nero
2009-12-11 20:04 . 2009-12-11 20:04 -------- d-----w- c:\program files\Flash DVD Ripper
2009-12-11 19:59 . 2009-12-11 19:59 -------- d-----w- c:\program files\Kibisoft
2009-12-10 13:05 . 2009-12-10 13:05 -------- d-----w- C:\My Video
2009-12-10 13:04 . 2009-12-10 13:06 1 ----a-w- c:\windows\system32\SysDVDtoAVI.dat
2009-12-10 13:04 . 2004-07-14 12:44 23040 ----a-w- c:\windows\system32\auth.dll
2009-12-10 13:04 . 2003-08-07 13:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-10 13:04 . 2002-05-23 19:40 110080 ----a-w- c:\windows\system32\advd.dll
2009-12-10 13:04 . 2009-12-10 13:04 -------- d-----w- c:\program files\MyDVDTools
2009-12-07 15:24 . 1999-09-10 11:06 5600 ----a-w- c:\windows\system\WINASPI.DLL
2009-12-07 15:24 . 1999-09-10 11:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE
2009-12-07 15:24 . 1999-09-10 11:06 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-12-07 15:24 . 1999-09-10 11:06 25244 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-12-07 15:24 . 2009-12-08 16:00 -------- d-----w- c:\program files\DVDZip 4.0
2009-12-06 11:30 . 2009-12-06 11:31 -------- d-----w- c:\program files\PSPad editor
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----w- c:\program files\Common Files\Skype
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----r- c:\program files\Skype
2009-12-03 17:26 . 2009-12-22 11:05 -------- d-----w- c:\program files\HighGrow
2009-11-30 19:37 . 2009-11-30 19:37 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-29 14:56 . 2009-11-29 15:14 -------- d-----w- c:\program files\Safari
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Common Files\Apple
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Apple Software Update
2009-11-29 10:55 . 2009-11-29 10:55 -------- d-sh--w- c:\documents and settings\Hanka\PrivacIE
2009-11-29 10:34 . 2009-11-29 10:34 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-29 10:30 . 2009-11-29 10:31 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-11-27 19:13 . 2009-11-27 19:13 299008 ----a-w- c:\windows\system32\miccyhook.dll
2009-11-27 17:12 . 2006-05-03 10:57 520192 ------w- c:\windows\system32\ati2sgag.exe
2009-11-27 17:06 . 2009-11-27 17:06 -------- d-----w- c:\program files\ATI Technologies
2009-11-27 16:57 . 2009-11-27 16:57 -------- d-----w- C:\ATI
2009-11-27 13:13 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2009-11-26 18:46 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-26 18:46 . 2008-10-08 08:45 606208 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-26 18:46 . 2004-07-04 05:08 139264 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-26 18:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-26 18:46 . 2009-11-04 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-26 18:46 . 2009-11-26 18:46 -------- d-----w- c:\program files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-26 11:40 . 2009-10-31 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 11:15 . 2009-11-21 10:32 -------- d-----w- c:\program files\Ubisoft
2009-12-25 14:13 . 2009-11-16 09:19 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-25 14:13 . 2009-11-16 09:18 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-22 09:35 . 2009-11-01 16:27 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-22 09:35 . 2009-11-01 16:27 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-22 09:35 . 2009-11-01 16:27 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-22 09:35 . 2009-11-01 16:27 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-19 13:59 . 2009-10-31 18:32 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-10 13:02 . 2003-04-16 12:00 47386 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 13:02 . 2003-04-16 12:00 313244 ----a-w- c:\windows\system32\perfh005.dat
2009-11-24 15:15 . 2009-11-24 15:04 -------- d-----w- c:\program files\Common Files\Real
2009-11-24 15:04 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-24 15:04 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-24 14:59 . 2009-11-24 14:57 -------- d-----w- c:\program files\Google
2009-11-24 14:35 . 2009-11-24 14:35 -------- d-----w- c:\program files\VideoLAN
2009-11-21 16:03 . 2009-10-31 18:25 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-21 16:03 . 2009-10-31 18:25 2982 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-11-19 16:33 . 2009-11-19 16:33 -------- d-----w- c:\program files\Creative
2009-11-16 16:58 . 2009-11-16 16:58 554 ----a-w- c:\windows\eReg.dat
2009-11-16 09:18 . 2009-11-16 09:18 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-16 09:18 . 2009-11-16 09:18 2395944 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2009-11-08 10:06 . 2009-11-08 10:06 -------- d-----w- c:\program files\Microsoft Works
2009-11-07 20:36 . 2009-11-07 20:36 -------- d-----w- c:\program files\MSXML 4.0
2009-11-07 10:48 . 2009-11-07 10:48 -------- d-----w- c:\program files\D-Link DSLs
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-11-06 21:01 . 2009-11-06 21:00 -------- d-----w- c:\program files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\MSXML 6.0
2009-11-06 16:38 . 2009-11-06 16:38 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-05 17:08 . 2009-11-05 17:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-05 17:08 . 2009-11-05 17:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-05 14:37 . 2009-11-05 14:37 -------- d-----w- c:\program files\uTorrent
2009-11-05 11:54 . 2009-11-05 11:54 -------- d-----w- c:\program files\DsNET Corp
2009-11-04 15:57 . 2009-11-04 15:57 -------- d-----w- c:\program files\Common Files\InterVideo
2009-11-04 15:56 . 2009-11-04 15:56 -------- d-----w- c:\program files\Windows Media Components
2009-11-04 15:56 . 2009-11-04 15:55 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-11-04 15:55 . 2009-11-04 15:55 -------- d-----w- c:\program files\Ulead Systems
2009-11-02 17:25 . 2009-11-02 17:25 -------- d-----w- c:\program files\X2Xsoft
2009-11-02 16:42 . 2009-11-02 16:42 -------- d-----w- c:\program files\Analog Devices
2009-11-02 15:51 . 2009-11-01 09:41 -------- d-----w- c:\program files\Hewlett-Packard
2009-11-02 15:44 . 2009-11-02 15:44 -------- d-----w- c:\program files\QIP
2009-11-02 15:17 . 2009-11-02 15:17 0 ----a-w- c:\windows\nsreg.dat
2009-11-01 09:37 . 2009-11-01 09:37 -------- d-----w- c:\program files\AVG
2009-10-31 19:19 . 2009-10-31 18:25 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2009-10-31 18:26 . 2009-10-31 18:26 -------- d-----w- c:\program files\microsoft frontpage
2009-10-31 18:23 . 2009-10-31 18:23 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-29 07:43 . 2003-04-16 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2009-10-31 19:17 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:40 . 2009-10-31 19:17 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-10-31 19:17 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2003-04-16 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2003-04-16 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2003-04-16 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-22 2033432]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-26 172032]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Hanka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-11-30 3181456]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-22 09:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ubisoft\\IL-2 Sturmovik 1946\\il2fb.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.11.2009 18:07 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1.11.2009 17:27 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1.11.2009 17:27 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [22.12.2009 10:35 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [22.12.2009 10:35 285392]
S2 gupdate1ca6d169a02c9a4;Služba Google Update (gupdate1ca6d169a02c9a4);c:\program files\Google\Update\GoogleUpdate.exe [24.11.2009 15:58 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 22:01 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 22:01 8320]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Hanka\Data aplikací\Mozilla\Firefox\Profiles\zjkubz0x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-26 16:31
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spqy.sys >>UNKNOWN [0x8974E938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf763bf28
\Driver\ACPI -> ACPI.sys @ 0xf74a3cb8
\Driver\atapi -> atapi.sys @ 0xf7849b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1993962763-1960408961-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:89,4a,8f,b4,4e,e8,74,42,bf,1b,8b,54,30,1d,06,43,4d,9d,72,56,47,04,5e,
95,4d,b3,79,56,8d,bd,b0,fe,14,76,cb,b9,39,0f,60,1a,6b,27,2e,f3,c4,5d,2e,a0,\
"??"=hex:97,b7,3d,ed,42,88,99,ae,c6,e5,05,1d,9f,2b,fc,1c
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3712)
c:\program files\Xfire\xfire_toucan_40405.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2009-12-26 16:38:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-12-26 15:38
ComboFix2.txt 2009-12-25 20:45
Před spuštěním: Volných bajtů: 25 914 802 176
Po spuštění: Volných bajtů: 25 894 158 336
- - End Of File - - E0D37B13B3BF5FAFA82A5F45822421FC
ComboFix 09-12-25.02 - Hanka 26.12.2009 16:22:04.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.885 [GMT 1:00]
Spuštěný z: c:\documents and settings\Hanka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Hanka\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"c:\windows\system32\ezsidmv.dat"
"c:\windows\system32\mini.exe"
"c:\windows\system32\mlfcache.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\windows\system32\ezsidmv.dat
c:\windows\system32\mini.exe
c:\windows\system32\mlfcache.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-26 do 2009-12-26 )))))))))))))))))))))))))))))))
.
2009-12-26 12:03 . 2009-12-26 12:04 -------- d-----w- c:\program files\Xfire
2009-12-26 11:41 . 2009-12-26 11:41 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- C:\rsit
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\trend micro
2009-12-25 18:29 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-25 18:29 . 2009-12-25 18:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-25 18:29 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-25 16:37 . 2009-12-25 16:38 -------- d-----w- c:\program files\CCleaner
2009-12-25 16:25 . 2009-12-25 16:25 -------- d-----w- c:\program files\TrendMicro
2009-12-24 12:47 . 2009-12-24 12:47 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-24 12:37 . 2009-12-24 12:37 -------- d-----w- c:\program files\SCi Games
2009-12-24 11:47 . 2009-12-24 11:47 -------- d-----w- c:\program files\Opera
2009-12-23 14:56 . 2009-12-23 14:57 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-12-22 11:12 . 2009-12-22 11:12 -------- d-----w- c:\program files\IObit
2009-12-21 16:05 . 2009-12-21 16:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-20 15:10 . 2009-12-20 15:11 -------- d-s---w- c:\program files\HLSW
2009-12-19 14:14 . 2009-12-19 14:14 -------- d-----w- c:\program files\GamePark
2009-12-19 14:00 . 2009-12-19 14:00 -------- d-----w- c:\program files\Activision
2009-12-15 15:43 . 2009-12-15 15:43 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-12-12 13:09 . 2009-12-12 13:09 -------- d-----w- c:\program files\Leawo
2009-12-12 12:49 . 2009-12-12 12:49 -------- d-----w- c:\program files\Nero
2009-12-12 12:48 . 2009-12-12 12:50 -------- d-----w- c:\program files\Common Files\Nero
2009-12-11 20:04 . 2009-12-11 20:04 -------- d-----w- c:\program files\Flash DVD Ripper
2009-12-11 19:59 . 2009-12-11 19:59 -------- d-----w- c:\program files\Kibisoft
2009-12-10 13:05 . 2009-12-10 13:05 -------- d-----w- C:\My Video
2009-12-10 13:04 . 2009-12-10 13:06 1 ----a-w- c:\windows\system32\SysDVDtoAVI.dat
2009-12-10 13:04 . 2004-07-14 12:44 23040 ----a-w- c:\windows\system32\auth.dll
2009-12-10 13:04 . 2003-08-07 13:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-10 13:04 . 2002-05-23 19:40 110080 ----a-w- c:\windows\system32\advd.dll
2009-12-10 13:04 . 2009-12-10 13:04 -------- d-----w- c:\program files\MyDVDTools
2009-12-07 15:24 . 1999-09-10 11:06 5600 ----a-w- c:\windows\system\WINASPI.DLL
2009-12-07 15:24 . 1999-09-10 11:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE
2009-12-07 15:24 . 1999-09-10 11:06 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-12-07 15:24 . 1999-09-10 11:06 25244 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-12-07 15:24 . 2009-12-08 16:00 -------- d-----w- c:\program files\DVDZip 4.0
2009-12-06 11:30 . 2009-12-06 11:31 -------- d-----w- c:\program files\PSPad editor
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----w- c:\program files\Common Files\Skype
2009-12-04 19:02 . 2009-12-04 19:02 -------- d-----r- c:\program files\Skype
2009-12-03 17:26 . 2009-12-22 11:05 -------- d-----w- c:\program files\HighGrow
2009-11-30 19:37 . 2009-11-30 19:37 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-29 14:56 . 2009-11-29 15:14 -------- d-----w- c:\program files\Safari
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Common Files\Apple
2009-11-29 14:55 . 2009-11-29 14:55 -------- d-----w- c:\program files\Apple Software Update
2009-11-29 10:55 . 2009-11-29 10:55 -------- d-sh--w- c:\documents and settings\Hanka\PrivacIE
2009-11-29 10:34 . 2009-11-29 10:34 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-29 10:30 . 2009-11-29 10:31 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-11-27 19:13 . 2009-11-27 19:13 299008 ----a-w- c:\windows\system32\miccyhook.dll
2009-11-27 17:12 . 2006-05-03 10:57 520192 ------w- c:\windows\system32\ati2sgag.exe
2009-11-27 17:06 . 2009-11-27 17:06 -------- d-----w- c:\program files\ATI Technologies
2009-11-27 16:57 . 2009-11-27 16:57 -------- d-----w- C:\ATI
2009-11-27 13:13 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2009-11-26 18:46 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-26 18:46 . 2008-10-08 08:45 606208 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-26 18:46 . 2004-07-04 05:08 139264 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-26 18:46 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-26 18:46 . 2009-11-04 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-26 18:46 . 2009-11-26 18:46 -------- d-----w- c:\program files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-26 11:40 . 2009-10-31 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 11:15 . 2009-11-21 10:32 -------- d-----w- c:\program files\Ubisoft
2009-12-25 14:13 . 2009-11-16 09:19 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-25 14:13 . 2009-11-16 09:18 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-22 09:35 . 2009-11-01 16:27 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-22 09:35 . 2009-11-01 16:27 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-22 09:35 . 2009-11-01 16:27 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-22 09:35 . 2009-11-01 16:27 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-19 13:59 . 2009-10-31 18:32 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-10 13:02 . 2003-04-16 12:00 47386 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 13:02 . 2003-04-16 12:00 313244 ----a-w- c:\windows\system32\perfh005.dat
2009-11-24 15:15 . 2009-11-24 15:04 -------- d-----w- c:\program files\Common Files\Real
2009-11-24 15:04 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-24 15:04 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-24 14:59 . 2009-11-24 14:57 -------- d-----w- c:\program files\Google
2009-11-24 14:35 . 2009-11-24 14:35 -------- d-----w- c:\program files\VideoLAN
2009-11-21 16:03 . 2009-10-31 18:25 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-21 16:03 . 2009-10-31 18:25 2982 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-11-19 16:33 . 2009-11-19 16:33 -------- d-----w- c:\program files\Creative
2009-11-16 16:58 . 2009-11-16 16:58 554 ----a-w- c:\windows\eReg.dat
2009-11-16 09:18 . 2009-11-16 09:18 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-16 09:18 . 2009-11-16 09:18 2395944 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2009-11-08 10:06 . 2009-11-08 10:06 -------- d-----w- c:\program files\Microsoft Works
2009-11-07 20:36 . 2009-11-07 20:36 -------- d-----w- c:\program files\MSXML 4.0
2009-11-07 10:48 . 2009-11-07 10:48 -------- d-----w- c:\program files\D-Link DSLs
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-06 21:04 . 2009-11-06 21:04 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-11-06 21:01 . 2009-11-06 21:00 -------- d-----w- c:\program files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-06 21:00 . 2009-11-06 21:00 -------- d-----w- c:\program files\MSXML 6.0
2009-11-06 16:38 . 2009-11-06 16:38 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-05 17:08 . 2009-11-05 17:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-05 17:08 . 2009-11-05 17:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-05 14:37 . 2009-11-05 14:37 -------- d-----w- c:\program files\uTorrent
2009-11-05 11:54 . 2009-11-05 11:54 -------- d-----w- c:\program files\DsNET Corp
2009-11-04 15:57 . 2009-11-04 15:57 -------- d-----w- c:\program files\Common Files\InterVideo
2009-11-04 15:56 . 2009-11-04 15:56 -------- d-----w- c:\program files\Windows Media Components
2009-11-04 15:56 . 2009-11-04 15:55 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-11-04 15:55 . 2009-11-04 15:55 -------- d-----w- c:\program files\Ulead Systems
2009-11-02 17:25 . 2009-11-02 17:25 -------- d-----w- c:\program files\X2Xsoft
2009-11-02 16:42 . 2009-11-02 16:42 -------- d-----w- c:\program files\Analog Devices
2009-11-02 15:51 . 2009-11-01 09:41 -------- d-----w- c:\program files\Hewlett-Packard
2009-11-02 15:44 . 2009-11-02 15:44 -------- d-----w- c:\program files\QIP
2009-11-02 15:17 . 2009-11-02 15:17 0 ----a-w- c:\windows\nsreg.dat
2009-11-01 09:37 . 2009-11-01 09:37 -------- d-----w- c:\program files\AVG
2009-10-31 19:19 . 2009-10-31 18:25 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2009-10-31 18:26 . 2009-10-31 18:26 -------- d-----w- c:\program files\microsoft frontpage
2009-10-31 18:23 . 2009-10-31 18:23 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-29 07:43 . 2003-04-16 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2009-10-31 19:17 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:40 . 2009-10-31 19:17 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-10-31 19:17 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2003-04-16 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2003-04-16 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2003-04-16 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-22 2033432]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-26 172032]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Hanka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-11-30 3181456]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-22 09:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ubisoft\\IL-2 Sturmovik 1946\\il2fb.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.11.2009 18:07 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1.11.2009 17:27 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1.11.2009 17:27 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [22.12.2009 10:35 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [22.12.2009 10:35 285392]
S2 gupdate1ca6d169a02c9a4;Služba Google Update (gupdate1ca6d169a02c9a4);c:\program files\Google\Update\GoogleUpdate.exe [24.11.2009 15:58 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 22:01 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 22:01 8320]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Hanka\Data aplikací\Mozilla\Firefox\Profiles\zjkubz0x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-26 16:31
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spqy.sys >>UNKNOWN [0x8974E938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf763bf28
\Driver\ACPI -> ACPI.sys @ 0xf74a3cb8
\Driver\atapi -> atapi.sys @ 0xf7849b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1993962763-1960408961-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:89,4a,8f,b4,4e,e8,74,42,bf,1b,8b,54,30,1d,06,43,4d,9d,72,56,47,04,5e,
95,4d,b3,79,56,8d,bd,b0,fe,14,76,cb,b9,39,0f,60,1a,6b,27,2e,f3,c4,5d,2e,a0,\
"??"=hex:97,b7,3d,ed,42,88,99,ae,c6,e5,05,1d,9f,2b,fc,1c
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3712)
c:\program files\Xfire\xfire_toucan_40405.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2009-12-26 16:38:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-12-26 15:38
ComboFix2.txt 2009-12-25 20:45
Před spuštěním: Volných bajtů: 25 914 802 176
Po spuštění: Volných bajtů: 25 894 158 336
- - End Of File - - E0D37B13B3BF5FAFA82A5F45822421FC
NTB : Lenovo Y570
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Re: HJT kontrola
NTB : Lenovo Y570
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
Intel Core i5-2450M (Sandy Bridge, 2.5GHz, TB až 3.2GHz)
Nvidia GeForce GT555M 2GB
HDD: 750GB / SSD 32GB
RAM : 8GB 1333 MHZ
Windows 7 Ultimate 64-bit OEM :(
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: HJT kontrola
Stáhni si program OTM (by OldTimer)
http://www.edisk.cz/stahni/07995/OTMove ... .39KB.html
a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE
- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.
Toto otestuj na Virustotal
c:\windows\system32\SysDVDtoAVI.dat
Vlož sem pak odkaz na stránku s výsledky.
Napiš jak to je s internetem..
http://www.edisk.cz/stahni/07995/OTMove ... .39KB.html
a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE
Kód: Vybrat vše
:Processes
explorer.exe
:Services
:Reg
:Files
c:\windows\system32\miccyhook.dll
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.
Toto otestuj na Virustotal
c:\windows\system32\SysDVDtoAVI.dat
Vlož sem pak odkaz na stránku s výsledky.
Napiš jak to je s internetem..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 97 hostů