Dobrý den,
při spuštění počítače mi najednou přestal fungovat zvuk házelo to BSOD a teď nemůžu ani nic kopírovat i text nemůžu, dole na liště windows není nic zobrazeno co mám právě spuštěno, některé programy nejdou spustit jako třeba icq nebo ad-aware...v siťových připojení není nic zobrazeno, žádná síť a přitom internet funguje...u zvuku mi to vypisuje že žádná zařízení neexistuje a to jsem znova přeinstaloval ovladače...ve správci zařízení není nic neobvyklého...
právě teď zkouším čistit pc od trojanů a pod.
Děkuji za pomoc
hod sem log na hijack...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:39:10, on 16.4.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRAM FILES\KYE\LUXEMATE525\Luxemate525.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\spywarebegone\SpywareBeGone.exe
C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
C:\Documents and Settings\Seth\Plocha\delete programy\a-squared Anti-Malware\a2service.exe
C:\Documents and Settings\Seth\Plocha\delete programy\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Documents and Settings\Seth\Plocha\delete programy\nod32\ekrn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LuxeMate525] C:\PROGRAM FILES\KYE\LUXEMATE525\LuxeMateLoader.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Documents and Settings\Seth\Plocha\delete programy\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Documents and Settings\Seth\Plocha\delete programy\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Spyware Begone] "C:\spywarebegone\SpywareBeGone.exe" -FastScan
O4 - HKUS\S-1-5-21-1275210071-113007714-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1275210071-113007714-839522115-1003\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear (User '?')
O4 - HKUS\S-1-5-21-1275210071-113007714-839522115-1003\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1275210071-113007714-839522115-1003\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-1275210071-113007714-839522115-1003\..\Run: [SetDefaultMIDI] MIDIDef.exe (User '?')
O4 - HKUS\S-1-5-21-1275210071-113007714-839522115-1003\..\Run: [Spyware Begone] "C:\spywarebegone\SpywareBeGone.exe" -FastScan (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Anti-Virus&Trojan.lnk = C:\Program Files\Anti-Virus&Trojan\Anti-Virus&Trojan.exe
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Documents and Settings\Seth\Plocha\delete programy\a-squared Anti-Malware\a2service.exe
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Documents and Settings\Seth\Plocha\delete programy\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Documents and Settings\Seth\Plocha\delete programy\nod32\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - ESET - C:\Documents and Settings\Seth\Plocha\delete programy\nod32\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 11440 bytes
ehm?
ahoj, ja sem mel narocny vikend, nejak jsem se k tomu nedostal :) dem na to :)
fixni:
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - (no file)
divam se, ze pouzivas nekolik anti-spyware produktu, firewally atd... odeber ty ktere nepouzivas a nech jen jeden, nemaji se obvykle v lasce... osobne doporucuji spyware terminator, ktery pri instalaci muze zahrnout AV Clam antivir, takze nemusis zbytecne pouzivat nekolik dalsich reseni... (antivir zadny nepouzivas, co sem se dival)... firewalll muzes mit obecne vypnuty, v dnesnich domacich podminkach je uplne zbytecny (ten virtualni hype kolem toho je sileny)... posli screen te BSOD obrazovky, nebo aspon kod chyby...
hoj, ok, vsechno to smazu, stahoval jsem jich dost pac kazdej najde neco jinýho :D jako antivira jsem mel avasta a pak jsem přešel na noda, kterej se mi nakonec nějak pochroumal, co se týče bsod tak to nebylo klasické, byla to spíš kritiscký chyba disku, modrá stránka byla jenom z půlky plná takže tam žádnej kód nebyl, jinak ted když pustím pc tak mi vždycky naběhne scan disk ale když ho nechám projet tak to nemá konce (po 2 hodinách jsem to ukončil)...takže to nenechávám projet, no a pak jsem normálně v xp kde jde vše v poho až na: nejde nic kopírovat, nejde přesunovat složky, už jenom po ploše ne, nejde zvuk(kouknu se na zvukovku dneska odpo) a dole na panelu xp se mi nic nezobrazuje ať mám spuštěného cokoliv...
nedavno jsem mel na servis podobny problem, bylo to zavirovane... zkusime silnejsi kalibr...
stahni Combofix - www.bleepingcomputer.com - hod na plochu, spust, nainstaluj konzoli pro zotaveni, nech projet scan a posli log, pak uvidime jestli budem mazat dal...
este stahni http://www.slunecnice.cz/sw/hdd-scan/ a nech projet, jestli je disk opravdu zdravy...
SmitFraudFix v2.412
Scan done at 21:15:30,17, st 22.04.2009
Run from C:\Documents and Settings\Seth\Plocha\SmitfraudFix
OS: Microsoft Windows XP [Verze 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\Program Files\totalvid\ Deleted
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK.2
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Reboot
C:\WINDOWS\system32\systems.txt Please, Reboot and Run SmitfraudFix option 2 once again.
»»»»»»»»»»»»»»»»»»»»»»»» End
ComboFix 09-04-23.02 - Seth 22.04.2009 21:36.4 - NTFSx86
Spuštěný z: c:\documents and settings\Seth\Plocha\ComboFix.exe
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Nabídka Start\Programy\Anti-Virus&Trojan
c:\documents and settings\All Users\Nabídka Start\Programy\Anti-Virus&Trojan\Anti-Virus&Trojan.lnk
c:\documents and settings\All Users\Nabídka Start\Programy\Anti-Virus&Trojan\Help.lnk
c:\documents and settings\All Users\Nabídka Start\Programy\Anti-Virus&Trojan\Uninstall.lnk
c:\documents and settings\All Users\Nabídka Start\Programy\Anti-Virus&Trojan\Visit Our Site.lnk
c:\program files\Anti-Virus&Trojan
c:\program files\Anti-Virus&Trojan\Anti-Virus&Trojan.exe
c:\program files\Anti-Virus&Trojan\Anti_Virus Help.chm
c:\program files\Anti-Virus&Trojan\hook.dll
c:\program files\Anti-Virus&Trojan\Products.htm
c:\program files\Anti-Virus&Trojan\unins000.dat
c:\program files\Anti-Virus&Trojan\unins000.exe
c:\program files\Anti-Virus&Trojan\virus.update
c:\program files\Anti-Virus&Trojan\Visit Our Site.url
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
E:\resycled
F:\resycled
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-03-23 do 2009-04-23 )))))))))))))))))))))))))))))))
.
2009-04-21 16:17 . 2009-04-21 21:01 78023 ----a-w c:\windows\War3Unin.dat
2009-04-21 16:17 . 2009-04-21 16:26 2829 ----a-w c:\windows\War3Unin.pif
2009-04-21 16:17 . 2009-04-21 16:26 139264 ----a-w c:\windows\War3Unin.exe
2009-04-20 08:09 . 2009-04-20 08:13 -------- d-----w c:\program files\Air Conflicts
2009-04-15 20:49 . 2009-04-16 05:39 -------- d-----w C:\spywarebegone
2009-04-15 20:49 . 2009-04-15 20:49 170 ----a-w c:\windows\spywarebegone-fullversion-installed.html
2009-04-15 17:18 . 2009-04-15 17:18 2813 ----a-w C:\SMax.log.bak
2009-04-15 17:10 . 2003-10-02 10:48 53248 ----a-r c:\windows\system32\P17CPI.dll
2009-04-15 17:10 . 2002-04-11 01:41 65536 ----a-r c:\windows\system32\A3d.dll
2009-04-15 17:10 . 2005-07-07 08:14 1389056 ----a-r c:\windows\system32\drivers\P17.sys
2009-04-15 17:10 . 2005-06-13 05:03 137728 ----a-r c:\windows\system32\P17res.dll
2009-04-15 17:10 . 2005-05-03 11:38 64512 ----a-r c:\windows\system32\P17.dll
2009-04-15 17:10 . 2005-01-10 10:15 106496 ----a-r c:\windows\system32\drivers\ctoss2k.sys
2009-04-15 17:10 . 2005-01-10 10:15 20992 ----a-r c:\windows\system32\sfman32.dll
2009-04-15 17:10 . 2005-01-10 10:15 115200 ----a-r c:\windows\system32\sfms32.dll
2009-04-15 17:10 . 2005-01-10 10:15 138752 ----a-r c:\windows\system32\drivers\ctsfm2k.sys
2009-04-15 17:10 . 1999-09-22 07:18 2167684 ----a-r c:\windows\system32\ct2mgm.sf2
2009-04-15 16:42 . 2005-06-22 02:11 23552 ----a-r c:\windows\system32\PostProc.dll
2009-04-15 16:42 . 2009-04-15 16:42 -------- d-----w c:\program files\Analog Devices
2009-04-15 16:42 . 2005-03-04 12:53 127872 ----a-r c:\windows\system32\drivers\aeaudio.sys
2009-04-15 16:42 . 2001-09-19 05:47 765952 ----a-r c:\windows\system\crlds3d.dll
2009-04-15 16:42 . 2005-10-05 09:21 141312 ----a-r c:\windows\system32\drivers\ADIHdAud.sys
2009-04-15 16:42 . 2005-08-11 05:49 393088 ----a-r c:\windows\system32\drivers\senfilt.sys
2009-04-15 15:24 . 2009-04-15 15:58 21132 ----a-w c:\windows\Ascd_tmp.ini
2009-04-15 14:00 . 2009-04-15 14:00 -------- d-----w c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\NVIDIA Corporation
2009-04-15 14:00 . 2009-04-15 14:00 -------- d-----w c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\NVIDIA Corporation
2009-04-06 18:51 . 2009-04-01 21:14 2804893 ----a-w c:\windows\system32\GameMon.des
2009-04-05 09:32 . 2009-04-05 09:32 -------- d-----w c:\documents and settings\LocalService\Data aplikací\Xfire
2009-04-04 09:38 . 2009-04-04 09:38 -------- d-----w C:\AeriaGames
2009-04-01 20:50 . 2009-04-01 20:50 -------- d-----w c:\program files\Common Files\INCA Shared
2009-04-01 20:50 . 2005-01-04 18:43 4682 ----a-w c:\windows\system32\npptNT2.sys
2009-04-01 20:50 . 2003-07-21 03:17 5174 ----a-w c:\windows\system32\nppt9x.vxd
2009-04-01 20:39 . 2009-04-01 20:39 -------- d-----w c:\program files\Games-Masters.com
2009-03-29 21:16 . 2009-04-13 19:27 -------- d-----w c:\program files\Dofus
2009-03-27 16:13 . 2008-04-19 15:36 -------- d-----w c:\windows\system32\NtmsData
2009-03-27 10:51 . 2009-01-12 13:47 32 ----a-w c:\windows\LuxeMate525.INI
2009-03-27 10:51 . 2009-03-27 10:51 -------- d-----w c:\documents and settings\All Users\Data aplikací\InstallShield
2009-03-27 10:51 . 2007-06-28 10:07 5030 ----a-w c:\windows\system32\SyCoinst.dll
2009-03-27 10:50 . 2008-04-14 07:51 21504 ----a-w c:\windows\system32\hidserv.dll
2009-03-27 10:50 . 2008-04-14 06:59 14592 ----a-w c:\windows\system32\drivers\kbdhid.sys
2009-03-26 16:51 . 2008-05-13 06:57 -------- d-----w c:\documents and settings\Seth\Local Settings\Data aplikací\WMTools Downloaded Files
2009-03-26 15:48 . 2009-02-25 20:05 -------- d---a-w c:\documents and settings\All Users\Data aplikací\TEMP
2009-03-26 15:48 . 2009-02-01 22:25 -------- d-----w C:\Fraps
2009-03-25 16:45 . 2009-03-25 16:45 -------- d-----w c:\documents and settings\All Users\Data aplikací\nView_Profiles
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-22 19:22 . 2009-04-15 17:18 2813 ----a-w C:\SMax.log
2009-04-22 19:21 . 2009-04-22 19:15 1936 ----a-w C:\rapport.txt
2009-04-22 15:53 . 2008-07-05 13:08 -------- d-----w c:\program files\Warcraft III
2009-04-21 16:29 . 2008-10-31 01:45 -------- d-----w c:\program files\Serials 2005
2009-04-16 14:04 . 2008-10-05 18:20 -------- d-----w c:\program files\SUPERAntiSpyware
2009-04-16 11:24 . 2007-11-03 07:42 -------- d-----w c:\program files\Miranda IM
2009-04-15 20:49 . 2007-11-15 08:04 724992 ----a-w c:\windows\iun6002.exe
2009-04-15 19:54 . 2009-02-24 17:57 -------- d-----w c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2009-04-15 19:45 . 2009-02-24 17:57 -------- d-----w c:\documents and settings\Seth\Data aplikací\Spyware Terminator
2009-04-15 19:45 . 2009-02-24 17:57 -------- d-----w c:\program files\Spyware Terminator
2009-04-15 19:28 . 2008-01-01 11:21 -------- d-----w c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2009-04-06 21:41 . 2007-11-06 08:13 100808 ----a-w c:\documents and settings\Seth\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2009-04-06 21:30 . 2007-11-05 10:01 -------- d-----w c:\documents and settings\Seth\Data aplikací\Hamachi
2009-04-04 12:12 . 2008-10-30 13:32 -------- d-----w c:\program files\Webteh
2009-04-04 09:38 . 2007-11-03 07:29 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-27 10:50 . 2007-11-03 07:28 -------- d-----w c:\program files\Common Files\InstallShield
2009-03-23 19:22 . 2009-01-15 23:44 -------- d-----w c:\program files\Sierra On-Line
2009-03-15 19:14 . 2008-06-01 21:24 -------- d-----w c:\program files\ICQ6
2009-03-10 17:35 . 2009-03-10 17:01 -------- d-----w c:\program files\Hero Editor
2009-03-10 17:00 . 2008-02-05 17:29 249856 ------w c:\windows\Setup1.exe
2009-03-10 17:00 . 2008-02-05 17:29 73216 ----a-w c:\windows\ST6UNST.EXE
2009-02-26 19:52 . 2007-11-15 17:29 107888 ----a-w c:\windows\system32\CmdLineExt.dll
2009-02-25 14:04 . 2008-02-28 18:50 -------- d-----w c:\program files\Valve
2009-02-25 14:02 . 2009-01-09 13:42 -------- d-----w c:\program files\TuneUp Utilities 2008
2009-02-25 14:02 . 2008-10-15 21:14 -------- d-----w c:\program files\System
2009-02-25 14:01 . 2007-11-04 15:58 -------- d-----w c:\program files\Starcraft
2009-02-25 14:01 . 2008-07-02 16:45 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-25 13:59 . 2008-02-14 19:59 -------- d-----w c:\program files\RealWorld Cursor Editor
2009-02-25 13:59 . 2007-11-10 08:39 -------- d-----w c:\program files\PlayLinc
2009-02-25 13:59 . 2008-02-13 18:22 -------- d-----w c:\program files\NVIDIA nTune Performance Application
2009-02-25 13:56 . 2008-11-19 20:13 -------- d-----w c:\program files\NetBeans 6.1
2009-02-25 13:37 . 2008-11-07 08:24 -------- d-----w c:\program files\Legend - Hand of God
2009-02-25 13:26 . 2007-11-05 10:01 -------- d-----w c:\program files\Hamachi
2009-02-25 13:25 . 2008-11-19 20:18 -------- d-----w c:\program files\glassfish-v2ur2
2009-02-25 13:16 . 2008-09-21 17:19 -------- d-----w c:\program files\Garena
2009-02-25 13:16 . 2009-01-02 15:47 -------- d-----w c:\program files\Free YouTube Downloader Converter
2009-02-25 13:16 . 2008-03-31 12:48 -------- d-----w c:\program files\Evrsoft First Page 2006
2009-02-25 13:15 . 2007-11-10 18:17 -------- d-----w c:\program files\Efficient WMA MP3 Converter
2009-02-25 13:15 . 2009-01-15 18:26 -------- d-----w c:\program files\DesetiPrsty
2009-02-25 13:07 . 2008-10-23 12:42 -------- d-----w c:\program files\DAEMON Tools Lite
2009-02-25 13:06 . 2008-12-31 14:47 -------- d-----w c:\program files\Counter-Strike Source
2009-02-25 13:00 . 2007-12-31 17:08 -------- d-----w c:\program files\Counter-Strike 1.6
2009-02-25 13:00 . 2007-12-19 16:06 -------- d-----w c:\program files\Cossacks - The Art Of War
2009-02-25 13:00 . 2008-01-05 15:23 -------- d-----w c:\program files\coolpro2
2009-02-25 12:59 . 2008-07-08 06:51 -------- d-----w c:\program files\Common Files\Autodesk Shared
2009-02-25 12:49 . 2009-02-24 17:45 -------- d-----w c:\program files\CCleaner
2009-02-25 12:47 . 2008-05-07 16:29 -------- d-----w c:\program files\BlueVoda Website Builder
2009-02-25 12:47 . 2008-07-11 08:19 -------- d-----w c:\program files\AutoCAD 2005
2009-02-25 12:37 . 2008-01-08 19:50 -------- d-----w c:\program files\AceMenu Creator
2009-02-25 12:37 . 2009-01-20 20:11 -------- d-----w c:\program files\A4Desk
2009-02-25 11:45 . 2007-11-10 17:42 -------- d-----w c:\program files\WC3Banlist
2009-02-25 11:44 . 2009-01-15 18:16 -------- d-----w c:\program files\UPSANI
2009-02-25 11:44 . 2008-03-03 09:08 -------- d-----w c:\program files\PSPad editor
2009-02-25 11:44 . 2007-11-03 07:39 -------- d-----w c:\program files\PowerISO
2009-02-25 11:44 . 2008-12-05 00:02 -------- d-----w c:\program files\OpenAL
2009-02-25 11:44 . 2008-07-20 15:26 -------- d-----w c:\program files\K-Lite Codec Pack
2009-02-25 11:41 . 2008-12-02 15:26 -------- d-----w c:\program files\SpeedFan
2009-02-25 00:55 . 2001-10-25 14:00 82380 ----a-w c:\windows\system32\perfc005.dat
2009-02-25 00:55 . 2001-10-25 14:00 419334 ----a-w c:\windows\system32\perfh005.dat
2009-02-25 00:53 . 2009-02-25 00:51 -------- d-----w c:\documents and settings\Seth\Data aplikací\GetRightToGo
2009-02-24 21:56 . 2009-01-17 11:55 -------- d-----w c:\program files\ATMA V
2009-02-24 21:56 . 2009-01-08 09:33 -------- d-----w c:\program files\Winamp
2009-02-24 17:57 . 2009-02-24 17:57 142592 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2009-02-24 15:25 . 2008-08-21 14:15 20934 ----a-w c:\windows\system32\drivers\fwdrv.err
2009-02-23 17:58 . 2009-02-23 17:58 -------- d-----w c:\program files\Deep Silver
2009-02-23 15:56 . 2008-02-22 20:59 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-23 15:55 . 2008-11-01 22:24 -------- d-----w c:\program files\AGEIA Technologies
2009-02-23 01:26 . 2008-11-05 16:10 -------- d-----w c:\program files\GODS
2009-02-23 01:24 . 2008-11-02 08:45 -------- d-----w c:\program files\Ascaron Entertainment
2009-02-21 10:38 . 2009-01-13 12:16 36852 ----a-w c:\windows\DIIUnin.dat
2009-02-02 09:50 . 2009-02-02 09:52 44555 ----a-w C:\v.jpg
2008-07-18 15:59 . 2008-07-18 15:59 128 ----a-w c:\documents and settings\Uzivatel\Local Settings\Data aplikací\fusioncache.dat
2008-05-24 12:59 . 2008-05-24 12:59 124 ----a-w c:\documents and settings\Seth\Local Settings\Data aplikací\fusioncache.dat
2008-02-20 06:06 . 2008-02-20 06:06 1 ----a-w c:\documents and settings\Seth\SI.bin
2008-01-04 10:25 . 2008-01-04 10:25 32 ----a-w c:\documents and settings\All Users\Data aplikací\ezsid.dat
2007-11-19 22:00 . 2007-11-19 22:00 241664 ----a-w c:\windows\system32\config\systemprofile\NTUSER(2).DAT
.
------- Sigcheck -------
[-] 2004-08-17 13:49 14336 DFBA2915B0BF58ABB288CD4C9318CB3F c:\windows\$NtServicePackUninstall$\svchost.exe
[-] 2008-04-14 07:52 14336 BE4A520E29B6391F49E79CCC52044D93 c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 07:52 14336 BE4A520E29B6391F49E79CCC52044D93 c:\windows\system32\svchost.exe
[-] 2004-08-17 13:49 577024 1B4CCC59980DA34E75F20E42B283B027 c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2008-04-14 07:52 578560 E16E0990967374E76F3E40CACAFD3D53 c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 07:52 578560 E16E0990967374E76F3E40CACAFD3D53 c:\windows\system32\user32.dll
[-] 2004-08-17 13:49 82944 382E9B87F1282E697C67AF84E34E35E2 c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2008-04-14 07:52 82432 951D473917C51F21496D914CF6E5DDD1 c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 07:52 82432 951D473917C51F21496D914CF6E5DDD1 c:\windows\system32\ws2_32.dll
[-] 2004-08-17 13:49 657408 50D263E3454E8357D13BB598129185AD c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2008-04-14 07:52 667136 3FE5E65A7ED9EC98AEE9167CA07812D3 c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-04-14 07:52 667136 3FE5E65A7ED9EC98AEE9167CA07812D3 c:\windows\system32\wininet.dll
[-] 2004-08-03 21:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-04-13 23:50 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-04-13 23:50 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\system32\drivers\tcpip.sys
[-] 2004-08-17 13:49 502272 221C29AE1B4CC61D11D8B27DE78B2307 c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2008-04-14 07:52 507904 CDDB1F8E1AEA356F3AD106F2CF9B7FEA c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 07:52 507904 CDDB1F8E1AEA356F3AD106F2CF9B7FEA c:\windows\system32\winlogon.exe
[-] 2004-08-03 21:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[-] 2008-04-13 23:50 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 23:50 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 21:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[-] 2008-04-13 23:23 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 23:23 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-17 13:57 2059008 E86DD06F2B8F919DDF23F78A3BF2AA23 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2008-04-14 07:06 2067968 4DEE41C45E803DB91A72FD1BA69C05EE c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2008-04-14 07:06 2067968 4DEE41C45E803DB91A72FD1BA69C05EE c:\windows\system32\ntkrnlpa.exe
[-] 2004-08-17 13:45 2183168 12C80E46DCEC9B82473D1B1B9DA1F16B c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2008-04-14 07:07 2191104 C1536014AC1CB1D5397E31D9735E6571 c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2008-04-14 07:07 2191104 C1536014AC1CB1D5397E31D9735E6571 c:\windows\system32\ntoskrnl.exe
[-] 2008-04-14 07:52 1034240 27AFD587C462E280EE046B8CCA3C2CD1 c:\windows\explorer.exe
[-] 2004-08-17 13:49 1032704 53114D57AB73A406AC7F602227781A99 c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2008-04-14 07:52 1034240 27AFD587C462E280EE046B8CCA3C2CD1 c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 13:49 108544 6E401E61F952FBBF708AFBECEFAFAE81 c:\windows\$NtServicePackUninstall$\services.exe
[-] 2008-04-14 07:52 108544 F0D2AE69035092BF22DAD6B50FAB85C2 c:\windows\ServicePackFiles\i386\services.exe
[-] 2008-04-14 07:52 108544 F0D2AE69035092BF22DAD6B50FAB85C2 c:\windows\system32\services.exe
[-] 2004-08-17 13:49 13312 82A362FE1D4980B71B588D9C10748511 c:\windows\$NtServicePackUninstall$\lsass.exe
[-] 2008-04-14 07:52 13312 ED0A176354487CEED65B80A7148AB739 c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 07:52 13312 ED0A176354487CEED65B80A7148AB739 c:\windows\system32\lsass.exe
[-] 2004-08-17 13:49 15360 A5BAA91475167161DEA02BA3C4CA4F59 c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2008-04-14 07:52 15360 A756B8F0F7BAFBA6DFE39F7D169F2519 c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 07:52 15360 A756B8F0F7BAFBA6DFE39F7D169F2519 c:\windows\system32\ctfmon.exe
[-] 2004-08-17 13:49 57856 21B6FAA88044A41640E03EBB68BE93E8 c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2008-04-14 07:52 57856 CB1090BCA0E7B40D0B5B4E4D66531809 c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 07:52 57856 CB1090BCA0E7B40D0B5B4E4D66531809 c:\windows\system32\spoolsv.exe
[-] 2004-08-17 13:49 24576 836F7960362FF95C5D49E40B891F2CFC c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2008-04-14 07:52 26112 7DC1830F22E7D275B438127B68030239 c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 07:52 26112 7DC1830F22E7D275B438127B68030239 c:\windows\system32\userinit.exe
[-] 2004-08-17 13:49 295936 2F5919F2F6EE7A845893D9C3AA2BC56A c:\windows\$NtServicePackUninstall$\termsrv.dll
[-] 2008-04-14 07:52 295936 A75DD6FC3DBEE4FFF5EBC9F2C28BB66E c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 07:52 295936 A75DD6FC3DBEE4FFF5EBC9F2C28BB66E c:\windows\system32\termsrv.dll
[-] 2004-08-17 13:49 982016 98DA079F61265BC26D4587E280B79F30 c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2008-04-14 07:51 988160 FD91CD95A1C663DF54DD371CC8A234DE c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2008-04-14 07:51 988160 FD91CD95A1C663DF54DD371CC8A234DE c:\windows\system32\kernel32.dll
[-] 2004-08-17 13:49 17408 134B95A1D8FAFD74A68E4B2116DEFA7D c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2008-04-14 07:51 17408 9FA69781CAA7A1DA981A24F240A61A60 c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 07:51 17408 9FA69781CAA7A1DA981A24F240A61A60 c:\windows\system32\powrprof.dll
[-] 2004-08-17 13:49 110080 2413635113361E54B62F0C40E4E4DAE6 c:\windows\$NtServicePackUninstall$\imm32.dll
[-] 2008-04-14 07:51 110080 6C60CA8AC7470AC01CFD3D24C7283CD1 c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 07:51 110080 6C60CA8AC7470AC01CFD3D24C7283CD1 c:\windows\system32\imm32.dll
[-] 2004-08-17 13:49 1548288 5CA2E2BA624D6F2C7A581C91E70394CB c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[-] 2008-04-14 07:51 1571840 56A6034E7764E23D9114223EB3523925 c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 07:51 1571840 56A6034E7764E23D9114223EB3523925 c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-01-15 1830128]
"Spyware Begone"="c:\spywarebegone\SpywareBeGone.exe" [2008-08-06 1236992]
"SetDefaultMIDI"="MIDIDef.exe" - c:\windows\MIDIDEF.EXE [2002-12-03 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 270336]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 68640]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-19 144792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"LuxeMate525"="c:\program files\KYE\LUXEMATE525\LuxeMateLoader.exe" [2007-09-10 45056]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"a-squared"="c:\documents and settings\Seth\Plocha\delete programy\a-squared Anti-Malware\a2guard.exe" [2009-02-26 2799760]
"'Ashampoo AntiSpyWare 2 Guard'"="c:\documents and settings\Seth\Plocha\delete programy\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe" [2008-09-08 2349912]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"P17Helper"="P17.dll" - c:\windows\system32\P17.dll [2005-05-03 64512]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0lsdelete
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\EA GAMES\\Command and Conquer Generals\\game.dat"=
"c:\\Program Files\\EA GAMES\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\sniper elite\\SniperElite.exe"=
"c:\\Program Files\\Warcraft III\\war3.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Seth\\Plocha\\plocha\\bulánci\\bulanci.exe"=
"c:\\Documents and Settings\\Seth\\Plocha\\plocha\\kohout\\Battlefield Vietnam\\BfVietnam.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"e:\\GRID.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Trust\Trust R-series Mouse And Keyboard\KMWDSrv.exe [2007-02-28 208896]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
R3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664]
R3 MemStPCI;Řadič Sony Memory Stick (PCI);c:\windows\system32\DRIVERS\MemStPCI.SYS [2008-04-13 26112]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-04-01 2804893]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
S1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-04-26 302000]
S1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-04-26 72624]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-01-15 8944]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-01-15 55024]
S2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;c:\documents and settings\Seth\Plocha\delete programy\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [2008-09-08 749400]
S2 ekrn;Eset Service;c:\documents and settings\Seth\Plocha\delete programy\nod32\ekrn.exe [2008-07-01 468224]
S2 nxsIO32;NextSensor Kernel I/O Driver;c:\windows\System32\DRIVERS\nxsIO32.sys [2007-12-26 2208]
S3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\psched.sys [2008-04-13 69120]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - a2AntiMalware
*Deregistered* - AASW2_Service
*Deregistered* - AFD
*Deregistered* - Arp1394
*Deregistered* - audstub
*Deregistered* - Beep
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - Creative Service for CDROM Access
*Deregistered* - ctsfm2k
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - eamon
*Deregistered* - easdrv
*Deregistered* - ekrn
*Deregistered* - epfwtdir
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - ForcewareWebInterface
*Deregistered* - Ftdisk
*Deregistered* - fwdrv
*Deregistered* - giveio
*Deregistered* - Gpc
*Deregistered* - hamachi
*Deregistered* - InterBaseGuardian
*Deregistered* - InterBaseServer
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - Kbdclass
*Deregistered* - khips
*Deregistered* - KMWDSERVICE
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - MemStPCI
*Deregistered* - mnmdd
*Deregistered* - Mouclass
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Npfs
*Deregistered* - nSvcIp
*Deregistered* - nSvcLog
*Deregistered* - Ntfs
*Deregistered* - nTuneService
*Deregistered* - Null
*Deregistered* - NVR0Dev
*Deregistered* - NVSvc
*Deregistered* - NwlnkIpx
*Deregistered* - NwlnkNb
*Deregistered* - NwlnkSpx
*Deregistered* - nxsIO32
*Deregistered* - ossrv
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PCLEPCI
*Deregistered* - PnkBstrA
*Deregistered* - PptpMiniport
*Deregistered* - prodrv06
*Deregistered* - prohlp02
*Deregistered* - prosync1
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - SASDIFSV
*Deregistered* - SASENUM
*Deregistered* - SASKUTIL
*Deregistered* - SCDEmu
*Deregistered* - Secdrv
*Deregistered* - seclogon
*Deregistered* - serenum
*Deregistered* - sfdrv01
*Deregistered* - sfhlp01
*Deregistered* - sfhlp02
*Deregistered* - sfsync02
*Deregistered* - sp_rssrv
*Deregistered* - speedfan
*Deregistered* - SPF4
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - Srv
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - Themes
*Deregistered* - UleadBurningHelper
*Deregistered* - Update
*Deregistered* - UxTuneUp
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WS2IFSL
*Deregistered* - wuauserv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ca7b857-88ba-11dd-a2da-000e2e3466ea}]
\Shell\AutoRun\command - xc9f3l6.cmd
\Shell\explore\Command - xc9f3l6.cmd
\Shell\open\Command - xc9f3l6.cmd
.
Obsah adresáře 'Naplánované úlohy'
2009-04-03 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-01-08 12:31]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{D187A56B-A33F-4CBE-9D77-459FC0BAE012} - (no file)
WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
FF - ProfilePath - c:\documents and settings\Seth\Data aplikací\Mozilla\Firefox\Profiles\unfqnvh5.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-22 21:42
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1275210071-113007714-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4d,02,84,aa,92,5a,c3,a5,81,97,3a,3f,cd,b7,e7,00,8b,e2,de,6f,3b,ea,2b,
58,7e,c2,0a,84,4a,a7,b0,26,42,a7,81,ac,f3,ab,5f,6a,88,c4,cb,eb,6e,13,5f,04,\
"??"=hex:ec,7f,62,96,57,2c,d6,08,cc,a5,1f,55,b4,c4,7c,48
[HKEY_USERS\S-1-5-21-1275210071-113007714-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:70,e2,ca,e9,cd,01,7e,6b,30,87,8f,ec,b5,73,c8,dd,94,8b,e4,5e,88,
e9,ac,d1,46,e1,02,87,94,4a,f9,da,44,53,bc,3b,dc,ad,00,e8,cc,43,f6,93,ad,82,\
"rkeysecu"=hex:ab,66,4e,b8,c5,ad,f8,7f,63,3a,5e,6c,85,5c,a0,ec
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,a0,f9,20,49,80,
c4,97,e1,e2,63,26,f1,3f,c8,ff,68,41,78,54,6b,cb,25,73,5e,e2,63,26,f1,3f,c8,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,89,ec,16,16,56,
81,67,7d,6a,9c,d6,61,af,45,84,18,38,bb,d5,45,c2,68,70,5c,6a,9c,d6,61,af,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,a5,a2,cc,60,d2,
9a,a7,b5,ff,7c,85,e0,43,d4,0e,fe,e7,38,ef,42,95,63,97,c3,ff,7c,85,e0,43,d4,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,7f,59,08,14,32,
68,e4,32,86,8c,21,01,be,91,eb,e7,ba,33,a5,03,1a,41,48,16,86,8c,21,01,be,91,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,3b,4d,50,47,17,
a8,e6,6a,f5,1d,4d,73,a8,13,5c,05,1d,83,69,e8,ac,fb,66,38,f5,1d,4d,73,a8,13,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,f4,24,e1,67,af,
a6,d5,8b,df,20,58,62,78,6b,cf,c8,4e,9e,52,48,ec,c0,a7,1c,df,20,58,62,78,6b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,be,c5,a2,75,d8,
50,f2,60,fb,a7,78,e6,12,2f,9a,ea,e2,c6,0d,83,3a,45,f8,77,fb,a7,78,e6,12,2f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:aa,52,c6,00,84,3c,26,64,86,60,16,69,2b,
9b,ac,2d,01,3a,48,fc,e8,04,4a,f1,82,29,83,2f,7d,40,7b,d2,01,3a,48,fc,e8,04,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,a1,0b,2f,97,f4,
50,23,2e,f6,0f,4e,58,98,5b,89,c9,25,df,65,00,2e,63,32,b1,f6,0f,4e,58,98,5b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,a4,24,67,0b,5b,
17,ba,52,3d,ce,ea,26,2d,45,aa,78,37,32,9f,41,5c,1f,78,77,3d,ce,ea,26,2d,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,91,54,7d,2a,be,
d0,33,4b,2a,b7,cc,b5,b9,7f,41,e7,8b,2c,6d,d9,31,77,a6,50,2a,b7,cc,b5,b9,7f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,6d,15,be,9e,3e,
fa,5a,c9,6c,43,2d,1e,aa,22,2f,9c,92,e1,1e,0f,d6,06,73,36,6c,43,2d,1e,aa,22,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="6BAEA8D8F53F4474C1B9806CBF42C9ABE29660C72CBDD6552FC65CDDC286A7F4D8630EAEA8A6B17C2368BC3769869A582F4327A34BEBC54EDAB95359B942EAB23321EE52B53DC4E46A5B474063BFCAA16DB2C60A1A1C762484FC87130F9C2615778BFBD20965004CD575983B2B1DF25EC0279DF645683C814BCC656BC0BB83BD69FD4717917206E6E8CD0E35BFBD51760B147339FE5F0C2495183A16D0BB525D8D06C9D8C0AC9E7EECAEE68BA43745E7F41FF0F4F88380DE0D85379C442985BCAF645DA40D4F36ECE9964771E092D5C36A2523A2EEC8D6961D6C755C250AB4B55C8EC1DEF18ADB24B1B738EE824DA9AE1CB57B0E1CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CFEBC9E127BECC74CA2D97226D213B5557E5F8D537AA09BEB65F2F0F5CC3421084C471CAF51574CBD17F3056B7A20A69C8E2FDAA88B78C55F8E41A0C8B1E38740849405F065D0925E3B4E19F1207D3738F1F74ECEDE6615AD53BA4545FACC919AA72BF36D4A4421FAE6A00FEC17DC642093A34FADDE4C07F9E9E2FEB16F38836D56465D7045052338C9FE4F4740B75AEACE3CDAEF2A6D6FEA7ADD7C9B8BD3F510A84147864D4814408620542D31709BB2F1F3018593F174AD22F304D2FCB153DDA721CB001029C3C0B55E2D91B448FD98C29BE520A0E61170F1116F6BA9C55CB9508819F2EEA6586B60B87DABC767AABBF82E43380CBC14E7EFC82BBC28EAA407964470B77C21C97507D2FBF41C59A0C5C046638946479F4B944E386442DC1430DEC029EB82E1E5981C72F52B960D30DE3923A7916F3F2B564B7A2DC27ABE669E05102E70FD11CB130603C7D050D5003877A98494DFC081C777CB32F902952A4555E7FCEA1D3D72A52013E62C976C0A0303E1029820CCC1E46C6105F24249C51992A228C4C65AA017BA56D9476E6A9AF4D7763C6A70475D74F30075DB5529ED92723ED4A992BDF32F1723BA7089CFD5CBE5B8E217C3F91D424B91EBA10BE5AF2C9FDB3F8CCDA1DDBEED75BBB9D201AF42909B3BF33F0F991E23A3DE7B6794EB6937C134A0F7A42114E76A9D78E7C3F29D32371D97BD19C2DB20E45E5FA0AE564DCC5A16614649598626C638C71AC4BC2414C8F4DB4D0ADBD15CAC880A251274E0E4B25B8920F570703CEE77066E927F21F7ADC360B1BCFA5D647193FB110024B1F97E0F1CA3F4292D2EF05AD59FA17F61916B9B8A5F6C8A5D38D24A793A1D144E79114EDCA0F418A07978749A9AC8593888AAA67D84B8C9B5CE8E090AA6F449CD47654C561C8825300D5B6B020042F7FCF93521A87B284B4D8F0D407992721A46371BCED5CC258D44CA0FFB7727AF1E0AF37CDA37D9A1F61158D4765A6E67B35794F0B0EA21A5E24A8A2EF5"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(956)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Celkový čas: 2009-04-22 21:45
ComboFix-quarantined-files.txt 2009-04-22 19:44
ComboFix2.txt 2009-02-24 14:12
ComboFix3.txt 2009-01-12 13:37
Před spuštěním: 3 162 308 608
Po spuštění: 3 144 880 128
552
jo ještě mi nefunguje nouzový systém, hází to akorát blikající čárku v levo nahoře na černý obrazovce
dej start > spustit > Combofix /u
tim odinstalujes combofix... jsou tam nejake klice, ktere neznam, combofix sam provedl docela velky vymaz, v registrech neco je, ale nevypada to nijak nebezpecne... zmenilo se neco?
comfix nejde odinstalovat at delam co delam, jinak zadna zmena az na to ze mi zmizel obrazek z pozadi plochy :) projel jsem to jeste par anti ale nic, jinak ostatni veci jako ad-aware vubec nejdou spustit ani odinstalovat...jo jeste jen tak pro upozorneni, nerad bych formatoval :D
omlouvam se, nevsiml jsem si zmeny na foru...
Combofix odinstalujes pomoci nasledujiciho souboru, kdyz nefunguje uninstal:
http://sweb.cz/Marinus/T-Cleaner.bat
jde o to, ze odinstalace provede nekolik ukolu souvisejicich s Combofixem - vrati nastaveni hodin, resetuje bod obnoveni, smaze souvisejici soubory atd...
obrazek na pozadi si tam vratis... hm hm... ale tohle je divne dost no... ten test na disk si delal?
ten test disku nejde nainstalovat :( zkusim stahnout neco podobneho
tak jsem to projel a zadna chyba...zacinam silet co s tim je :))
takze jake problemy pretrvavaji?
no porad stejny:) nejde nic kopirovat, nejde zvuk a dolni panel xp nezabruzuje stranky a pod.
mno... tak pejsek je zakopany nekde hluboko.. kazdopadne mas jistotu, ze to neni virem :)
asi doporucim reinstall v tomto pripade... i kdyz si stejnak myslim ze se to tyka disku...
mozna to pomuze, nejde mi obnova disku, porad to chce jenom restartovat, a pak pri nekterem pokusnem kopirovani mi to napise chybu: Server RPC není k dispozici
je to nejake rozhasene, zalohuj vsechno potrebne a hura do reinstalu... a doporucuji stahnout veci k desce (v pripade ze nemas cd s ovladaci) predem, at pak nemusis resit neco... ;)