Čuss lidi v pc mi hlásil avast něco o sshnas21.dll já s nerozvážností klikl smazat a od té doby mi nejde internet vše na síti jdou jen mě ne.
Hjt log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:02:41, on 29.6.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 4555 bytes
Nejde internet pls kontrolu :D Vyřešeno
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Nejde internet pls kontrolu :D
mbam:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4052
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
29.6.2010 21:01:21
mbam-log-2010-06-29 (21-01-21).txt
Typ skenu: Rychlý sken
Skenované objekty: 121279
Uplynulý čas: 9 minuta(y), 22 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
Infikované soubory:
D:\WINDOWS\WINDOWS (Backdoor.Hupigon) -> Not selected for removal.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4052
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
29.6.2010 21:01:21
mbam-log-2010-06-29 (21-01-21).txt
Typ skenu: Rychlý sken
Skenované objekty: 121279
Uplynulý čas: 9 minuta(y), 22 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
Infikované soubory:
D:\WINDOWS\WINDOWS (Backdoor.Hupigon) -> Not selected for removal.
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Nejde internet pls kontrolu :D
Combo fix:
ComboFix 10-06-28.01 - PoKaRko 29.06.2010 20:39:28.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1513 [GMT 2:00]
Spuštěný z: d:\documents and settings\PoKaRko\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100629-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Cheat Engine\dbk32.sys
d:\windows\Bnukua.exe
d:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-28 do 2010-06-29 )))))))))))))))))))))))))))))))
.
2010-06-29 13:20 . 2010-06-02 02:55 74072 ----a-w- d:\windows\system32\XAPOFX1_5.dll
2010-06-29 13:20 . 2010-06-02 02:55 527192 ----a-w- d:\windows\system32\XAudio2_7.dll
2010-06-29 13:20 . 2010-06-02 02:55 239960 ----a-w- d:\windows\system32\xactengine3_7.dll
2010-06-29 13:20 . 2010-05-26 09:41 2106216 ----a-w- d:\windows\system32\D3DCompiler_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 248672 ----a-w- d:\windows\system32\d3dx11_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 1868128 ----a-w- d:\windows\system32\d3dcsx_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 470880 ----a-w- d:\windows\system32\d3dx10_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 1998168 ----a-w- d:\windows\system32\D3DX9_43.dll
2010-06-28 14:33 . 2009-06-16 22:02 616600 ----a-w- d:\windows\system32\FontInstaller.dll
2010-06-28 14:33 . 2010-06-28 14:33 -------- d-----w- c:\program files\High-Logic FontCreator6
2010-06-28 11:37 . 2009-02-26 14:34 94650 ----a-w- d:\windows\system32\HKCU_GNU.reg
2010-06-28 11:37 . 2009-02-26 14:34 2004 ----a-w- d:\windows\system32\HKLM_GNU.reg
2010-06-28 11:37 . 2008-12-17 23:22 57344 ----a-w- d:\windows\system32\ff_vfw.dll
2010-06-28 11:37 . 2008-06-15 08:01 60273 ----a-w- d:\windows\system32\pthreadGC2.dll
2010-06-28 11:37 . 2008-06-15 08:01 258352 ----a-w- d:\windows\system32\unicows.dll
2010-06-28 11:37 . 2006-07-17 19:42 14909 ----a-w- d:\windows\system32\A_reg.reg
2010-06-26 18:15 . 2010-06-26 18:15 -------- d-----w- c:\program files\Adobe Media Player
2010-06-26 18:13 . 2010-06-26 18:13 -------- d-----w- d:\program files\Common Files\Adobe AIR
2010-06-26 18:05 . 2010-06-26 18:05 -------- d-----w- c:\program files\CENZURA HD
2010-06-25 18:36 . 2010-06-25 18:36 -------- d-----w- c:\program files\rgcaudio software
2010-06-20 09:14 . 2010-06-20 09:14 -------- d-----w- c:\program files\Creative Labs
2010-06-20 09:14 . 1999-07-06 12:13 40960 ----a-w- d:\windows\system32\eax.dll
2010-06-20 09:13 . 2010-06-20 09:14 -------- d-----w- c:\program files\EidosNet
2010-06-20 09:13 . 2010-06-20 09:13 -------- d-----w- c:\program files\Eidos Interactive
2010-06-19 18:06 . 2010-06-19 18:07 -------- d-----w- d:\windows\system32\drivers\UMDF
2010-06-19 18:05 . 2009-03-25 15:48 109864 ----a-w- d:\windows\system32\drivers\s1018unic.sys
2010-06-19 18:05 . 2009-03-25 15:48 10792 ----a-w- d:\windows\system32\drivers\s1018cr.sys
2010-06-19 18:05 . 2009-03-25 15:48 106208 ----a-w- d:\windows\system32\drivers\s1018mgmt.sys
2010-06-19 18:05 . 2009-03-25 15:48 26024 ----a-w- d:\windows\system32\drivers\s1018nd5.sys
2010-06-19 18:05 . 2009-03-25 15:48 104744 ----a-w- d:\windows\system32\drivers\s1018obex.sys
2010-06-19 18:05 . 2009-03-25 15:48 15016 ----a-w- d:\windows\system32\drivers\s1018mdfl.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018cmnt.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018cm.sys
2010-06-19 18:05 . 2009-03-25 15:48 114728 ----a-w- d:\windows\system32\drivers\s1018mdm.sys
2010-06-19 18:05 . 2009-03-25 15:48 86824 ----a-w- d:\windows\system32\drivers\s1018bus.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018whnt.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018wh.sys
2010-06-17 16:48 . 2005-12-15 13:27 34639 ----a-w- d:\windows\system32\drivers\UFS2XX.sys
2010-06-17 16:48 . 2005-12-24 17:10 77824 ----a-w- d:\windows\system32\UFS2XXUN.exe
2010-06-17 16:48 . 2005-12-24 12:41 81920 ----a-w- d:\windows\system32\UFS2XX.dll
2010-06-16 19:21 . 2010-06-16 19:21 -------- d-----w- c:\program files\Digiarty
2010-06-16 16:13 . 2010-06-16 16:13 -------- d-----w- c:\program files\Ubisoft
2010-06-16 16:12 . 2010-06-20 08:45 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-16 16:10 . 2010-06-20 08:26 -------- d-----w- c:\program files\ICQ7.2
2010-06-13 14:51 . 2010-06-13 14:51 -------- d-----w- d:\windows\system32\cs-CZ
2010-06-13 14:44 . 2010-06-13 14:44 -------- d-----w- d:\windows\system32\xlive
2010-06-13 14:44 . 2010-06-13 14:44 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-06-13 14:39 . 2010-06-13 14:49 -------- d-----w- d:\windows\system32\NtmsData
2010-06-13 14:25 . 2010-06-13 14:25 -------- d-----w- d:\program files\Common Files\EZB Systems
2010-06-13 14:25 . 2010-06-13 14:25 -------- d-----w- c:\program files\UltraISO
2010-06-13 06:39 . 2010-06-13 06:39 94080 ----a-w- d:\windows\system32\drivers\ezplay.sys
2010-06-12 22:32 . 2010-06-12 22:34 -------- d-----w- c:\program files\IDM Computer Solutions
2010-06-11 21:20 . 2010-06-11 21:20 -------- d-----w- c:\program files\WinImage
2010-06-11 21:02 . 2010-06-11 21:02 -------- d-----w- c:\program files\DIFX
2010-06-11 21:02 . 2009-05-12 13:53 16896 ----a-w- d:\windows\system32\drivers\FlashUSB.sys
2010-06-11 20:12 . 2008-11-11 11:42 24832 ----a-w- d:\windows\system32\drivers\lgusbmodem.sys
2010-06-11 20:12 . 2008-11-11 11:41 19968 ----a-w- d:\windows\system32\drivers\lgusbdiag.sys
2010-06-11 20:12 . 2008-11-11 11:41 13056 ----a-w- d:\windows\system32\drivers\lgusbbus.sys
2010-06-11 20:12 . 2010-06-11 20:12 -------- d-----w- c:\program files\LG Electronics
2010-06-11 20:11 . 2007-11-08 14:26 1164728 ----a-w- d:\windows\system32\NMSDVDXU.dll
2010-06-11 20:10 . 2010-06-14 14:55 -------- d-----w- c:\program files\LG PC Suite II
2010-06-09 19:48 . 2010-06-09 19:48 45056 ----a-w- d:\windows\TRNOEH.DLL
2010-06-09 19:48 . 2010-06-09 19:48 294912 ----a-w- d:\windows\TrnWord.dll
2010-06-09 19:48 . 2010-06-09 19:48 26624 ----a-w- d:\windows\OETRN.EXE
2010-06-09 19:48 . 2010-06-09 19:48 200704 ----a-w- d:\windows\TRNOET.DLL
2010-06-09 19:47 . 2010-06-09 19:47 516096 ----a-w- d:\windows\UN32.EXE
2010-06-05 07:19 . 2010-06-05 07:23 -------- d-----w- c:\program files\Valve
2010-06-04 15:24 . 2010-06-04 15:24 -------- d-----w- c:\program files\ImTOO
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-29 18:45 . 2009-11-29 19:49 -------- d-----w- c:\program files\Cheat Engine
2010-06-29 14:52 . 2010-01-02 23:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-29 14:40 . 2009-12-11 21:25 -------- d-----w- c:\program files\FreeFixer
2010-06-28 11:37 . 2009-11-29 13:12 -------- d-----w- c:\program files\Cucusoft
2010-06-27 09:58 . 2001-11-24 18:02 491064 ----a-w- d:\windows\system32\perfh005.dat
2010-06-27 09:58 . 2001-11-24 18:02 98588 ----a-w- d:\windows\system32\perfc005.dat
2010-06-27 07:53 . 2009-11-28 22:20 -------- d-----w- c:\program files\Metin2_CZ
2010-06-26 22:47 . 2010-01-24 00:44 -------- d-----w- d:\program files\Common Files\Adobe
2010-06-25 18:38 . 2010-05-07 18:24 -------- d-----w- c:\program files\VstPlugins
2010-06-25 18:33 . 2009-12-18 22:28 -------- d-----w- c:\program files\Image-Line
2010-06-16 16:13 . 2009-10-17 13:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-14 17:31 . 2010-05-05 11:35 -------- d-----w- c:\program files\Ask.com
2010-06-13 06:39 . 2009-12-02 17:22 -------- d-----w- c:\program files\VSO
2010-06-09 16:11 . 2009-10-18 12:10 -------- d-----w- c:\program files\CCleaner
2010-06-09 15:22 . 2010-02-11 10:54 66872 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-05-30 08:54 . 2010-05-18 07:21 -------- d-----w- c:\program files\Styler
2010-05-30 08:50 . 2010-05-20 19:41 -------- d-----w- c:\program files\AntiFirewall
2010-05-29 22:55 . 2010-05-29 22:55 -------- d-----w- c:\program files\MTA San Andreas
2010-05-27 12:47 . 2010-04-09 21:18 -------- d-----w- c:\program files\IDoser
2010-05-22 11:38 . 2010-03-14 12:33 -------- d-----w- c:\program files\Startup Manager
2010-05-22 11:38 . 2010-03-02 14:58 -------- d-----w- c:\program files\GStudio7
2010-05-22 11:38 . 2010-02-20 20:37 -------- d-----w- c:\program files\VirtualDJ
2010-05-22 11:36 . 2010-05-22 11:36 -------- d-----w- c:\program files\7-Zip
2010-05-21 17:27 . 2010-05-21 17:27 1700352 ----a-w- d:\windows\system32\gdiplus.dll
2010-05-21 17:26 . 2009-10-17 14:39 -------- d-----w- c:\program files\uTorrent
2010-05-20 19:39 . 2010-05-20 19:39 -------- d-----w- c:\program files\Kismet
2010-05-20 19:38 . 2010-05-20 19:38 -------- d-----w- c:\program files\WinPcap
2010-05-20 19:38 . 2010-05-20 19:38 -------- d-----w- c:\program files\CACE Technologies
2010-05-20 19:36 . 2010-05-20 19:36 -------- d-----w- c:\program files\Network Stumbler
2010-05-18 14:04 . 2010-05-18 14:04 -------- d-----w- c:\program files\KONAMI
2010-05-18 07:42 . 2010-05-18 07:42 -------- d-----w- c:\program files\VistaSwitcher
2010-05-17 11:46 . 2010-05-17 11:45 -------- d-----w- c:\program files\Winamp
2010-05-12 23:12 . 2010-05-12 23:12 -------- d-----w- c:\program files\FreeArc
2010-05-12 23:10 . 2010-05-12 23:10 -------- d-----w- c:\program files\GnuWin32
2010-05-12 23:03 . 2010-05-12 23:03 -------- d-----w- c:\program files\KGB Archiver
2010-05-11 14:50 . 2009-10-24 18:01 -------- d-----w- c:\program files\IObit
2010-05-08 21:53 . 2010-05-08 21:53 281760 ----a-w- d:\windows\system32\drivers\atksgt.sys
2010-05-08 21:53 . 2010-05-08 21:53 25888 ----a-w- d:\windows\system32\drivers\lirsgt.sys
2010-05-08 21:53 . 2010-01-13 21:03 -------- d-----w- c:\program files\AGEIA Technologies
2010-05-08 21:52 . 2010-05-08 21:52 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2010-05-08 11:51 . 2010-05-08 11:51 -------- d-----w- c:\program files\DoISO
2010-05-08 11:50 . 2010-01-22 16:57 87643 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-08 11:50 . 2010-01-22 16:57 3052 ----a-w- d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-05-08 11:50 . 2010-05-08 11:50 -------- d-----w- c:\program files\Windows Resource Kits
2010-05-05 11:36 . 2010-05-05 11:36 -------- d-----w- c:\program files\Demo_Kernel for SQL Database
2010-05-05 11:25 . 2010-05-05 11:25 -------- d-----w- c:\program files\Alcohol Soft
2010-04-29 13:39 . 2010-01-23 08:56 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-01-23 08:56 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-04-08 16:17 . 2010-04-08 16:17 151552 ----a-w- d:\windows\system32\nvRegDev.dll
2010-04-04 16:52 . 2004-07-17 09:36 163644 ----a-w- d:\windows\system32\drivers\secdrv.sys
2010-04-01 10:23 . 2010-01-22 20:40 444952 ----a-w- d:\windows\system32\wrap_oal.dll
2010-04-01 10:23 . 2010-01-22 20:40 109080 ----a-w- d:\windows\system32\OpenAL32.dll
.
------- Sigcheck -------
[-] 2001-11-24 17:58 . 15AFB5576C32CC292E5DD469D96B4909 . 924432 . . [4.1.6140] . . d:\windows\system32\mfc40u.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"AdobeCS4ServiceManager"="d:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2.bin"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Autodesk\\3dsMax8\\3dsmax.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\hry\\Enemy Territory - QUAKE Wars\\etqw.exe"=
"c:\\xampp\\apache\\bin\\httpd.exe"=
"c:\\xampp\\mysql\\bin\\mysqld.exe"=
"c:\\xampp\\FileZillaFTP\\FileZilla Server.exe"=
"c:\\xampp\\MercuryMail\\mercury.exe"=
"d:\\Documents and Settings\\PoKaRko\\Plocha\\metin\\PortMap.exe"=
"c:\\Program Files\\PremiumSoft\\Navicat Lite 8.2\\navicat.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin.exe"=
"c:\\hry\\NBA 2K10 RePack by Chikatila\\nba2k10.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Média\\MOJE\\sa mp\\samp-server.exe"=
"c:\\Média\\MOJE\\sa mp\\samp022server.win32\\samp-server.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\hry\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\hry\\Metin2_CZ\\metin2.bin"=
"c:\\hry\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\Metin2_CZ\\metin2 unpatched.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"d:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 d347bus;d347bus;d:\windows\system32\drivers\d347bus.sys [23.1.2010 18:57 155136]
R0 d347prt;d347prt;d:\windows\system32\drivers\d347prt.sys [23.1.2010 18:57 5248]
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [19.2.2010 15:56 114768]
R1 VBoxDrv;VirtualBox Service;d:\windows\system32\drivers\VBoxDrv.sys [28.2.2010 0:32 123280]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;d:\windows\system32\drivers\VBoxUSBMon.sys [28.2.2010 0:32 41616]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [19.2.2010 15:56 20560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 16:05 1021256]
R3 Egatebus;Egatebus;d:\windows\system32\drivers\egatebus.sys [19.5.2006 10:22 15328]
R3 Egaterdr;Egaterdr;d:\windows\system32\drivers\egaterdr.sys [19.5.2006 10:22 13440]
R3 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\drivers\mbamswissarmy.sys [23.1.2010 10:56 38224]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;d:\windows\system32\drivers\VBoxNetAdp.sys [17.12.2009 16:02 99152]
R3 VBoxNetFlt;VBoxNetFlt Service;d:\windows\system32\drivers\VBoxNetFlt.sys [17.12.2009 15:02 110096]
S0 vax347s;vax347s;d:\windows\system32\drivers\vax347s.sys [5.5.2010 13:25 5248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 FlashUSB;FlashUSB;d:\windows\system32\drivers\FlashUSB.sys [11.6.2010 23:02 16896]
S3 ggflt;SEMC USB Flash Driver Filter;d:\windows\system32\drivers\ggflt.sys [25.2.2009 9:16 13352]
S3 NPF;NetGroup Packet Filter Driver;d:\windows\system32\drivers\npf.sys [21.6.2007 22:55 42512]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);d:\windows\system32\drivers\s1018bus.sys [19.6.2010 20:05 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;d:\windows\system32\drivers\s1018mdfl.sys [19.6.2010 20:05 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;d:\windows\system32\drivers\s1018mdm.sys [19.6.2010 20:05 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);d:\windows\system32\drivers\s1018mgmt.sys [19.6.2010 20:05 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);d:\windows\system32\drivers\s1018nd5.sys [19.6.2010 20:05 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;d:\windows\system32\drivers\s1018obex.sys [19.6.2010 20:05 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);d:\windows\system32\drivers\s1018unic.sys [19.6.2010 20:05 109864]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;d:\windows\system32\drivers\ScreamingBAudio.sys --> d:\windows\system32\drivers\ScreamingBAudio.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe --> c:\program files\ICQ6Toolbar\ICQ Service.exe [?]
S4 vax347b;vax347b;d:\windows\system32\drivers\vax347b.sys [5.5.2010 13:25 159616]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - MBAMSWISSARMY
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-06-25 d:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-06-29 d:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-10-24 12:11]
2010-06-29 d:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-10-24 15:20]
2010-06-28 d:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-05-11 14:48]
.
.
------- Doplňkový sken -------
.
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - d:\documents and settings\PoKaRko\Data aplikací\Mozilla\Firefox\Profiles\1ii8yyw2.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - http:/google.cz/#
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.2&q=
FF - component: d:\program files\NetSoftware\gemgecko\components\gemgecko.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: d:\program files\Windows Media Player\npdrmv2.dll
FF - plugin: d:\program files\Windows Media Player\npdsplay.dll
FF - plugin: d:\program files\Windows Media Player\npwmsdrm.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-FINAL FANTASY VIII - c:\program files\Eidos Interactive\Square Soft
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-29 20:49
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A5664A0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecfc3
\Driver\ACPI -> ACPI.sys @ 0xb9f31cb8
\Driver\atapi -> 0x8a5664a0
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> ntkrnlpa.exe @ 0x8058155c
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> ntkrnlpa.exe @ 0x8058155c
NDIS: Realtek RTL8139 Family PCI Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb9d88bc3
PacketIndicateHandler -> NDIS.sys @ 0xb9d94b21
SendHandler -> NDIS.sys @ 0xb9d88d33
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="FB6646591F5D92751C729385B3C602CB2997419178C218A60F1616AF49EB09598C79F28C9E4C50A6255F28DD6B58B1D6D8B59381380B795F321F8F2B207F189922D735218E280D062DB0ED8E57929A27E81C52DC9C33D266FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D5D575E7D6A3B9808FEBC9E127BECC74C8ECE25319F9729766C89337ACDAEA72F3D7856039496B730859CD608777C2A872537D295A84F1AACD3519E5E718EFBE3EC5477AE61B2EEB690B70668571A6C7A88BC288F5011B9E4083516EF945EB737BDDF5445A169F4F025D06FF8796C18943C6F11F72E389C037E015D074A00555EACBDA33D87474604ED02E1F54DC7518EBB8411E70C00AAEE9A22C9425C3B20922EB7B0D6773AB61C8C0E3B5E75E58F247154BBC36B0C9E96B8A9C50248B8BA1229B5DA148A176BE614D6F0F548609B1640DBBAAC7F5F8A6925CC4FEA3C88189D784717BB8F94DD170EE48B42CE3994A57C3D4B0C2E654F5D22E7F8E51E1C82FB6B9FE856874F5C6474642690CA546E9BEEBBBF8D946BA6696677E9A1864A957645166FB228448708B8A4F2EE2BFBEE455540FBA181A19B0C9A9D5A0F424D425ABCA558E2DA58D6C13D1A343019D9326FDF5979FB791E0FC45E219AE1D0434E787B6BE53E3DD392535CDB436BED802570B3364595335AB298C3698B15E6AED029232CF05DA0E0D804E0A68C7CB7620C9DEA2C02A91AB39090CF86A4E36DF5B842C5CE641F8A8E1B9D0BDA0F82BAD97BD39135E3394DEA82B8FC29EED081E345A568DDBF25355121EF0EFA61DFEB21E172A8ED3588A126B92238298AA172268B31880794D68DFE82CC132FA9BC765B7ADD2615D09E1EEE38E0E5FDA75D46CF734D959E0C5CB455AD8B36C42503380B5AFCF192AA487DB2D88ED9C78D52B3583C626F9BE1A50172E407062B2463C499E63B69EDC695B0C14446DEC59691A99774DD709863E4FBD93D9C87F3894FE1525C88DDD3BE5BD9537BAAB3E0AFF0C5CD81B161D2740FE1F2A130345A507F0B66475994154030517ED25F8921DD095E9C9CD403AF8DDD25884EA7F43882EEED698DA445A70CF1A2C2F18C86B335B6FA0BD1BE8735B852EB4B55ED2C0D41DBECD4E2659D23F6408D0054DE44EC601C5A02036E958F962B0F4D9D722DFEC04A9E84D39BBF45EAFE04FCC809D1411E1DE95263E5C78AD8F09C8760A64054C9004EB8BECBBF6EE455306275BCB0CA40E250ACFCA82F9B47EC54D3AB802179B70AF917D57D2724F6326BBD4F35D7C72E5B66282CC24DD7BCAC2EF1DFFC7FFDFAB55326A13BF08FC442C57F23ADAF19603836BDA1C098FB2A83D206B3997F161818C2537A95117C0AFC83FE12669645E56D034EE2B4FD6611079E96B258"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1848)
d:\windows\system32\Ati2evxx.dll
d:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(3532)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\system32\wscntfy.exe
c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
**************************************************************************
.
Celkový čas: 2010-06-29 20:54:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-29 18:54
Před spuštěním: Volných bajtů: 27 106 402 304
Po spuštění: Volných bajtů: 26 984 062 976
- - End Of File - - 0E2AB29F981321C4A62F5F74467A9B70
ComboFix 10-06-28.01 - PoKaRko 29.06.2010 20:39:28.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1513 [GMT 2:00]
Spuštěný z: d:\documents and settings\PoKaRko\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100629-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Cheat Engine\dbk32.sys
d:\windows\Bnukua.exe
d:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-28 do 2010-06-29 )))))))))))))))))))))))))))))))
.
2010-06-29 13:20 . 2010-06-02 02:55 74072 ----a-w- d:\windows\system32\XAPOFX1_5.dll
2010-06-29 13:20 . 2010-06-02 02:55 527192 ----a-w- d:\windows\system32\XAudio2_7.dll
2010-06-29 13:20 . 2010-06-02 02:55 239960 ----a-w- d:\windows\system32\xactengine3_7.dll
2010-06-29 13:20 . 2010-05-26 09:41 2106216 ----a-w- d:\windows\system32\D3DCompiler_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 248672 ----a-w- d:\windows\system32\d3dx11_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 1868128 ----a-w- d:\windows\system32\d3dcsx_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 470880 ----a-w- d:\windows\system32\d3dx10_43.dll
2010-06-29 13:20 . 2010-05-26 09:41 1998168 ----a-w- d:\windows\system32\D3DX9_43.dll
2010-06-28 14:33 . 2009-06-16 22:02 616600 ----a-w- d:\windows\system32\FontInstaller.dll
2010-06-28 14:33 . 2010-06-28 14:33 -------- d-----w- c:\program files\High-Logic FontCreator6
2010-06-28 11:37 . 2009-02-26 14:34 94650 ----a-w- d:\windows\system32\HKCU_GNU.reg
2010-06-28 11:37 . 2009-02-26 14:34 2004 ----a-w- d:\windows\system32\HKLM_GNU.reg
2010-06-28 11:37 . 2008-12-17 23:22 57344 ----a-w- d:\windows\system32\ff_vfw.dll
2010-06-28 11:37 . 2008-06-15 08:01 60273 ----a-w- d:\windows\system32\pthreadGC2.dll
2010-06-28 11:37 . 2008-06-15 08:01 258352 ----a-w- d:\windows\system32\unicows.dll
2010-06-28 11:37 . 2006-07-17 19:42 14909 ----a-w- d:\windows\system32\A_reg.reg
2010-06-26 18:15 . 2010-06-26 18:15 -------- d-----w- c:\program files\Adobe Media Player
2010-06-26 18:13 . 2010-06-26 18:13 -------- d-----w- d:\program files\Common Files\Adobe AIR
2010-06-26 18:05 . 2010-06-26 18:05 -------- d-----w- c:\program files\CENZURA HD
2010-06-25 18:36 . 2010-06-25 18:36 -------- d-----w- c:\program files\rgcaudio software
2010-06-20 09:14 . 2010-06-20 09:14 -------- d-----w- c:\program files\Creative Labs
2010-06-20 09:14 . 1999-07-06 12:13 40960 ----a-w- d:\windows\system32\eax.dll
2010-06-20 09:13 . 2010-06-20 09:14 -------- d-----w- c:\program files\EidosNet
2010-06-20 09:13 . 2010-06-20 09:13 -------- d-----w- c:\program files\Eidos Interactive
2010-06-19 18:06 . 2010-06-19 18:07 -------- d-----w- d:\windows\system32\drivers\UMDF
2010-06-19 18:05 . 2009-03-25 15:48 109864 ----a-w- d:\windows\system32\drivers\s1018unic.sys
2010-06-19 18:05 . 2009-03-25 15:48 10792 ----a-w- d:\windows\system32\drivers\s1018cr.sys
2010-06-19 18:05 . 2009-03-25 15:48 106208 ----a-w- d:\windows\system32\drivers\s1018mgmt.sys
2010-06-19 18:05 . 2009-03-25 15:48 26024 ----a-w- d:\windows\system32\drivers\s1018nd5.sys
2010-06-19 18:05 . 2009-03-25 15:48 104744 ----a-w- d:\windows\system32\drivers\s1018obex.sys
2010-06-19 18:05 . 2009-03-25 15:48 15016 ----a-w- d:\windows\system32\drivers\s1018mdfl.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018cmnt.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018cm.sys
2010-06-19 18:05 . 2009-03-25 15:48 114728 ----a-w- d:\windows\system32\drivers\s1018mdm.sys
2010-06-19 18:05 . 2009-03-25 15:48 86824 ----a-w- d:\windows\system32\drivers\s1018bus.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018whnt.sys
2010-06-19 18:05 . 2009-03-25 15:48 12200 ----a-w- d:\windows\system32\drivers\s1018wh.sys
2010-06-17 16:48 . 2005-12-15 13:27 34639 ----a-w- d:\windows\system32\drivers\UFS2XX.sys
2010-06-17 16:48 . 2005-12-24 17:10 77824 ----a-w- d:\windows\system32\UFS2XXUN.exe
2010-06-17 16:48 . 2005-12-24 12:41 81920 ----a-w- d:\windows\system32\UFS2XX.dll
2010-06-16 19:21 . 2010-06-16 19:21 -------- d-----w- c:\program files\Digiarty
2010-06-16 16:13 . 2010-06-16 16:13 -------- d-----w- c:\program files\Ubisoft
2010-06-16 16:12 . 2010-06-20 08:45 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-16 16:10 . 2010-06-20 08:26 -------- d-----w- c:\program files\ICQ7.2
2010-06-13 14:51 . 2010-06-13 14:51 -------- d-----w- d:\windows\system32\cs-CZ
2010-06-13 14:44 . 2010-06-13 14:44 -------- d-----w- d:\windows\system32\xlive
2010-06-13 14:44 . 2010-06-13 14:44 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-06-13 14:39 . 2010-06-13 14:49 -------- d-----w- d:\windows\system32\NtmsData
2010-06-13 14:25 . 2010-06-13 14:25 -------- d-----w- d:\program files\Common Files\EZB Systems
2010-06-13 14:25 . 2010-06-13 14:25 -------- d-----w- c:\program files\UltraISO
2010-06-13 06:39 . 2010-06-13 06:39 94080 ----a-w- d:\windows\system32\drivers\ezplay.sys
2010-06-12 22:32 . 2010-06-12 22:34 -------- d-----w- c:\program files\IDM Computer Solutions
2010-06-11 21:20 . 2010-06-11 21:20 -------- d-----w- c:\program files\WinImage
2010-06-11 21:02 . 2010-06-11 21:02 -------- d-----w- c:\program files\DIFX
2010-06-11 21:02 . 2009-05-12 13:53 16896 ----a-w- d:\windows\system32\drivers\FlashUSB.sys
2010-06-11 20:12 . 2008-11-11 11:42 24832 ----a-w- d:\windows\system32\drivers\lgusbmodem.sys
2010-06-11 20:12 . 2008-11-11 11:41 19968 ----a-w- d:\windows\system32\drivers\lgusbdiag.sys
2010-06-11 20:12 . 2008-11-11 11:41 13056 ----a-w- d:\windows\system32\drivers\lgusbbus.sys
2010-06-11 20:12 . 2010-06-11 20:12 -------- d-----w- c:\program files\LG Electronics
2010-06-11 20:11 . 2007-11-08 14:26 1164728 ----a-w- d:\windows\system32\NMSDVDXU.dll
2010-06-11 20:10 . 2010-06-14 14:55 -------- d-----w- c:\program files\LG PC Suite II
2010-06-09 19:48 . 2010-06-09 19:48 45056 ----a-w- d:\windows\TRNOEH.DLL
2010-06-09 19:48 . 2010-06-09 19:48 294912 ----a-w- d:\windows\TrnWord.dll
2010-06-09 19:48 . 2010-06-09 19:48 26624 ----a-w- d:\windows\OETRN.EXE
2010-06-09 19:48 . 2010-06-09 19:48 200704 ----a-w- d:\windows\TRNOET.DLL
2010-06-09 19:47 . 2010-06-09 19:47 516096 ----a-w- d:\windows\UN32.EXE
2010-06-05 07:19 . 2010-06-05 07:23 -------- d-----w- c:\program files\Valve
2010-06-04 15:24 . 2010-06-04 15:24 -------- d-----w- c:\program files\ImTOO
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-29 18:45 . 2009-11-29 19:49 -------- d-----w- c:\program files\Cheat Engine
2010-06-29 14:52 . 2010-01-02 23:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-29 14:40 . 2009-12-11 21:25 -------- d-----w- c:\program files\FreeFixer
2010-06-28 11:37 . 2009-11-29 13:12 -------- d-----w- c:\program files\Cucusoft
2010-06-27 09:58 . 2001-11-24 18:02 491064 ----a-w- d:\windows\system32\perfh005.dat
2010-06-27 09:58 . 2001-11-24 18:02 98588 ----a-w- d:\windows\system32\perfc005.dat
2010-06-27 07:53 . 2009-11-28 22:20 -------- d-----w- c:\program files\Metin2_CZ
2010-06-26 22:47 . 2010-01-24 00:44 -------- d-----w- d:\program files\Common Files\Adobe
2010-06-25 18:38 . 2010-05-07 18:24 -------- d-----w- c:\program files\VstPlugins
2010-06-25 18:33 . 2009-12-18 22:28 -------- d-----w- c:\program files\Image-Line
2010-06-16 16:13 . 2009-10-17 13:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-14 17:31 . 2010-05-05 11:35 -------- d-----w- c:\program files\Ask.com
2010-06-13 06:39 . 2009-12-02 17:22 -------- d-----w- c:\program files\VSO
2010-06-09 16:11 . 2009-10-18 12:10 -------- d-----w- c:\program files\CCleaner
2010-06-09 15:22 . 2010-02-11 10:54 66872 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-05-30 08:54 . 2010-05-18 07:21 -------- d-----w- c:\program files\Styler
2010-05-30 08:50 . 2010-05-20 19:41 -------- d-----w- c:\program files\AntiFirewall
2010-05-29 22:55 . 2010-05-29 22:55 -------- d-----w- c:\program files\MTA San Andreas
2010-05-27 12:47 . 2010-04-09 21:18 -------- d-----w- c:\program files\IDoser
2010-05-22 11:38 . 2010-03-14 12:33 -------- d-----w- c:\program files\Startup Manager
2010-05-22 11:38 . 2010-03-02 14:58 -------- d-----w- c:\program files\GStudio7
2010-05-22 11:38 . 2010-02-20 20:37 -------- d-----w- c:\program files\VirtualDJ
2010-05-22 11:36 . 2010-05-22 11:36 -------- d-----w- c:\program files\7-Zip
2010-05-21 17:27 . 2010-05-21 17:27 1700352 ----a-w- d:\windows\system32\gdiplus.dll
2010-05-21 17:26 . 2009-10-17 14:39 -------- d-----w- c:\program files\uTorrent
2010-05-20 19:39 . 2010-05-20 19:39 -------- d-----w- c:\program files\Kismet
2010-05-20 19:38 . 2010-05-20 19:38 -------- d-----w- c:\program files\WinPcap
2010-05-20 19:38 . 2010-05-20 19:38 -------- d-----w- c:\program files\CACE Technologies
2010-05-20 19:36 . 2010-05-20 19:36 -------- d-----w- c:\program files\Network Stumbler
2010-05-18 14:04 . 2010-05-18 14:04 -------- d-----w- c:\program files\KONAMI
2010-05-18 07:42 . 2010-05-18 07:42 -------- d-----w- c:\program files\VistaSwitcher
2010-05-17 11:46 . 2010-05-17 11:45 -------- d-----w- c:\program files\Winamp
2010-05-12 23:12 . 2010-05-12 23:12 -------- d-----w- c:\program files\FreeArc
2010-05-12 23:10 . 2010-05-12 23:10 -------- d-----w- c:\program files\GnuWin32
2010-05-12 23:03 . 2010-05-12 23:03 -------- d-----w- c:\program files\KGB Archiver
2010-05-11 14:50 . 2009-10-24 18:01 -------- d-----w- c:\program files\IObit
2010-05-08 21:53 . 2010-05-08 21:53 281760 ----a-w- d:\windows\system32\drivers\atksgt.sys
2010-05-08 21:53 . 2010-05-08 21:53 25888 ----a-w- d:\windows\system32\drivers\lirsgt.sys
2010-05-08 21:53 . 2010-01-13 21:03 -------- d-----w- c:\program files\AGEIA Technologies
2010-05-08 21:52 . 2010-05-08 21:52 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2010-05-08 11:51 . 2010-05-08 11:51 -------- d-----w- c:\program files\DoISO
2010-05-08 11:50 . 2010-01-22 16:57 87643 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-08 11:50 . 2010-01-22 16:57 3052 ----a-w- d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-05-08 11:50 . 2010-05-08 11:50 -------- d-----w- c:\program files\Windows Resource Kits
2010-05-05 11:36 . 2010-05-05 11:36 -------- d-----w- c:\program files\Demo_Kernel for SQL Database
2010-05-05 11:25 . 2010-05-05 11:25 -------- d-----w- c:\program files\Alcohol Soft
2010-04-29 13:39 . 2010-01-23 08:56 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-01-23 08:56 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-04-08 16:17 . 2010-04-08 16:17 151552 ----a-w- d:\windows\system32\nvRegDev.dll
2010-04-04 16:52 . 2004-07-17 09:36 163644 ----a-w- d:\windows\system32\drivers\secdrv.sys
2010-04-01 10:23 . 2010-01-22 20:40 444952 ----a-w- d:\windows\system32\wrap_oal.dll
2010-04-01 10:23 . 2010-01-22 20:40 109080 ----a-w- d:\windows\system32\OpenAL32.dll
.
------- Sigcheck -------
[-] 2001-11-24 17:58 . 15AFB5576C32CC292E5DD469D96B4909 . 924432 . . [4.1.6140] . . d:\windows\system32\mfc40u.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"AdobeCS4ServiceManager"="d:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2.bin"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Autodesk\\3dsMax8\\3dsmax.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\hry\\Enemy Territory - QUAKE Wars\\etqw.exe"=
"c:\\xampp\\apache\\bin\\httpd.exe"=
"c:\\xampp\\mysql\\bin\\mysqld.exe"=
"c:\\xampp\\FileZillaFTP\\FileZilla Server.exe"=
"c:\\xampp\\MercuryMail\\mercury.exe"=
"d:\\Documents and Settings\\PoKaRko\\Plocha\\metin\\PortMap.exe"=
"c:\\Program Files\\PremiumSoft\\Navicat Lite 8.2\\navicat.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin.exe"=
"c:\\hry\\NBA 2K10 RePack by Chikatila\\nba2k10.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Média\\MOJE\\sa mp\\samp-server.exe"=
"c:\\Média\\MOJE\\sa mp\\samp022server.win32\\samp-server.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\hry\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\hry\\Metin2_CZ\\metin2.bin"=
"c:\\hry\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\Metin2_CZ\\metin2 unpatched.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"d:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 d347bus;d347bus;d:\windows\system32\drivers\d347bus.sys [23.1.2010 18:57 155136]
R0 d347prt;d347prt;d:\windows\system32\drivers\d347prt.sys [23.1.2010 18:57 5248]
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [19.2.2010 15:56 114768]
R1 VBoxDrv;VirtualBox Service;d:\windows\system32\drivers\VBoxDrv.sys [28.2.2010 0:32 123280]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;d:\windows\system32\drivers\VBoxUSBMon.sys [28.2.2010 0:32 41616]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [19.2.2010 15:56 20560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 16:05 1021256]
R3 Egatebus;Egatebus;d:\windows\system32\drivers\egatebus.sys [19.5.2006 10:22 15328]
R3 Egaterdr;Egaterdr;d:\windows\system32\drivers\egaterdr.sys [19.5.2006 10:22 13440]
R3 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\drivers\mbamswissarmy.sys [23.1.2010 10:56 38224]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;d:\windows\system32\drivers\VBoxNetAdp.sys [17.12.2009 16:02 99152]
R3 VBoxNetFlt;VBoxNetFlt Service;d:\windows\system32\drivers\VBoxNetFlt.sys [17.12.2009 15:02 110096]
S0 vax347s;vax347s;d:\windows\system32\drivers\vax347s.sys [5.5.2010 13:25 5248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 FlashUSB;FlashUSB;d:\windows\system32\drivers\FlashUSB.sys [11.6.2010 23:02 16896]
S3 ggflt;SEMC USB Flash Driver Filter;d:\windows\system32\drivers\ggflt.sys [25.2.2009 9:16 13352]
S3 NPF;NetGroup Packet Filter Driver;d:\windows\system32\drivers\npf.sys [21.6.2007 22:55 42512]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);d:\windows\system32\drivers\s1018bus.sys [19.6.2010 20:05 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;d:\windows\system32\drivers\s1018mdfl.sys [19.6.2010 20:05 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;d:\windows\system32\drivers\s1018mdm.sys [19.6.2010 20:05 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);d:\windows\system32\drivers\s1018mgmt.sys [19.6.2010 20:05 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);d:\windows\system32\drivers\s1018nd5.sys [19.6.2010 20:05 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;d:\windows\system32\drivers\s1018obex.sys [19.6.2010 20:05 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);d:\windows\system32\drivers\s1018unic.sys [19.6.2010 20:05 109864]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;d:\windows\system32\drivers\ScreamingBAudio.sys --> d:\windows\system32\drivers\ScreamingBAudio.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe --> c:\program files\ICQ6Toolbar\ICQ Service.exe [?]
S4 vax347b;vax347b;d:\windows\system32\drivers\vax347b.sys [5.5.2010 13:25 159616]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - MBAMSWISSARMY
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-06-25 d:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-06-29 d:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-10-24 12:11]
2010-06-29 d:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-10-24 15:20]
2010-06-28 d:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-05-11 14:48]
.
.
------- Doplňkový sken -------
.
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - d:\documents and settings\PoKaRko\Data aplikací\Mozilla\Firefox\Profiles\1ii8yyw2.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - http:/google.cz/#
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.2&q=
FF - component: d:\program files\NetSoftware\gemgecko\components\gemgecko.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: d:\program files\Windows Media Player\npdrmv2.dll
FF - plugin: d:\program files\Windows Media Player\npdsplay.dll
FF - plugin: d:\program files\Windows Media Player\npwmsdrm.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-FINAL FANTASY VIII - c:\program files\Eidos Interactive\Square Soft
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-29 20:49
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A5664A0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecfc3
\Driver\ACPI -> ACPI.sys @ 0xb9f31cb8
\Driver\atapi -> 0x8a5664a0
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> ntkrnlpa.exe @ 0x8058155c
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> ntkrnlpa.exe @ 0x8058155c
NDIS: Realtek RTL8139 Family PCI Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb9d88bc3
PacketIndicateHandler -> NDIS.sys @ 0xb9d94b21
SendHandler -> NDIS.sys @ 0xb9d88d33
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="FB6646591F5D92751C729385B3C602CB2997419178C218A60F1616AF49EB09598C79F28C9E4C50A6255F28DD6B58B1D6D8B59381380B795F321F8F2B207F189922D735218E280D062DB0ED8E57929A27E81C52DC9C33D266FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D5D575E7D6A3B9808FEBC9E127BECC74C8ECE25319F9729766C89337ACDAEA72F3D7856039496B730859CD608777C2A872537D295A84F1AACD3519E5E718EFBE3EC5477AE61B2EEB690B70668571A6C7A88BC288F5011B9E4083516EF945EB737BDDF5445A169F4F025D06FF8796C18943C6F11F72E389C037E015D074A00555EACBDA33D87474604ED02E1F54DC7518EBB8411E70C00AAEE9A22C9425C3B20922EB7B0D6773AB61C8C0E3B5E75E58F247154BBC36B0C9E96B8A9C50248B8BA1229B5DA148A176BE614D6F0F548609B1640DBBAAC7F5F8A6925CC4FEA3C88189D784717BB8F94DD170EE48B42CE3994A57C3D4B0C2E654F5D22E7F8E51E1C82FB6B9FE856874F5C6474642690CA546E9BEEBBBF8D946BA6696677E9A1864A957645166FB228448708B8A4F2EE2BFBEE455540FBA181A19B0C9A9D5A0F424D425ABCA558E2DA58D6C13D1A343019D9326FDF5979FB791E0FC45E219AE1D0434E787B6BE53E3DD392535CDB436BED802570B3364595335AB298C3698B15E6AED029232CF05DA0E0D804E0A68C7CB7620C9DEA2C02A91AB39090CF86A4E36DF5B842C5CE641F8A8E1B9D0BDA0F82BAD97BD39135E3394DEA82B8FC29EED081E345A568DDBF25355121EF0EFA61DFEB21E172A8ED3588A126B92238298AA172268B31880794D68DFE82CC132FA9BC765B7ADD2615D09E1EEE38E0E5FDA75D46CF734D959E0C5CB455AD8B36C42503380B5AFCF192AA487DB2D88ED9C78D52B3583C626F9BE1A50172E407062B2463C499E63B69EDC695B0C14446DEC59691A99774DD709863E4FBD93D9C87F3894FE1525C88DDD3BE5BD9537BAAB3E0AFF0C5CD81B161D2740FE1F2A130345A507F0B66475994154030517ED25F8921DD095E9C9CD403AF8DDD25884EA7F43882EEED698DA445A70CF1A2C2F18C86B335B6FA0BD1BE8735B852EB4B55ED2C0D41DBECD4E2659D23F6408D0054DE44EC601C5A02036E958F962B0F4D9D722DFEC04A9E84D39BBF45EAFE04FCC809D1411E1DE95263E5C78AD8F09C8760A64054C9004EB8BECBBF6EE455306275BCB0CA40E250ACFCA82F9B47EC54D3AB802179B70AF917D57D2724F6326BBD4F35D7C72E5B66282CC24DD7BCAC2EF1DFFC7FFDFAB55326A13BF08FC442C57F23ADAF19603836BDA1C098FB2A83D206B3997F161818C2537A95117C0AFC83FE12669645E56D034EE2B4FD6611079E96B258"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1848)
d:\windows\system32\Ati2evxx.dll
d:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(3532)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\system32\wscntfy.exe
c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
**************************************************************************
.
Celkový čas: 2010-06-29 20:54:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-29 18:54
Před spuštěním: Volných bajtů: 27 106 402 304
Po spuštění: Volných bajtů: 26 984 062 976
- - End Of File - - 0E2AB29F981321C4A62F5F74467A9B70
Re: Nejde internet pls kontrolu :D
Ahoj,
V mbamu to smaž
****
Otestuj na http://www.virustotal.com
d:\windows\TRNOET.DLL
d:\windows\UN32.EXE
d:\windows\system32\mfc40u.dll
-Do okénka zkopíruj cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
-Sem vlož link s výsledky.
****
Po combofixu Ti už internet jde?
V mbamu to smaž
****
Otestuj na http://www.virustotal.com
d:\windows\TRNOET.DLL
d:\windows\UN32.EXE
d:\windows\system32\mfc40u.dll
-Do okénka zkopíruj cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
-Sem vlož link s výsledky.
****
Po combofixu Ti už internet jde?
Re: Nejde internet pls kontrolu :D
Co máš za připojení? kabel nebo wifi? Zkus restartovat modem, nebo odpojit a znovu připojit kabel.
Používáš daemon nebo alcohol?
Ten internet Ti přestal jít hned po smazání toho souboru?
Používáš daemon nebo alcohol?
Ten internet Ti přestal jít hned po smazání toho souboru?
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Nejde internet pls kontrolu :D
No internet mam lan na modem k modemu je ještě wifi všude v baráku net jde jak na wifi tak i po lanu chybu vidím v pc.
ANO DEAMON i acohol používám.
Internet mi přestal fungovat hned jak sem smazal twain a twain32 a sshnas protože tam byly viry.
ANO DEAMON i acohol používám.
Internet mi přestal fungovat hned jak sem smazal twain a twain32 a sshnas protože tam byly viry.
Re: Nejde internet pls kontrolu :D
Ty soubory máš v karanténě, nebo jsi je smazal?
Můžeš mi prosím tě napsat přesný název těch souborů?
Obnovu systému jsi nezkoušel?
Můžeš mi prosím tě napsat přesný název těch souborů?
Obnovu systému jsi nezkoušel?
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Nejde internet pls kontrolu :D
obnovy mam vply xD v karanténě mam shnas21.dll d:windoows:system32
a ty 2 jsou :twain.dll twain_32.dll
a ty 2 jsou :twain.dll twain_32.dll
Re: Nejde internet pls kontrolu :D
Ty dva twainy vytáhni z karantény a otestuj na www.virustotal.com.
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Nejde internet pls kontrolu :D
Ty nebyly v karanténě ty sem si z5 nakopíroval z notebooku. xD
Re: Nejde internet pls kontrolu :D
Já už v tom mám zmatek 
Prosím tě jak je to s těma twainama?
Prosím tě jak je to s těma twainama?
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů