Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:01
delal sem to podle viry.cz a oni tam nemaj zaskrtli D://, takze taky delam jen C://, mam pak udelat i d://, nebo ne?
Stránka 3 z 4
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:09
Stačí jen C, pokuď je to systémový disk. A k tomu i ten rychlý sken.
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:17
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-12-13 19:55:23
Windows 5.1.2600 Service Pack 3
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.14 ----
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-12-13 20:16:09
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.14 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xBAD6F576]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xBAD6F432]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xBAD6F910]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xBAD6F00A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xBAD6F50C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xBAD6EF4A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xBAD6EFAE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xBAD6F62C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xBAD6F5EC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xBAD6F76C]
---- Kernel code sections - GMER 1.0.14 ----
? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS The system cannot find the file specified. !
? C:\ComboFix\catchme.sys The system cannot find the path specified. !
---- User code sections - GMER 1.0.14 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[240] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 01611040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Mozilla Firefox\firefox.exe[240] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 016111E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Mozilla Firefox\firefox.exe[240] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 01611120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[528] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 015F1040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[528] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 015F11E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[528] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 015F1120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Steam\Steam.exe[988] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 01291040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Steam\Steam.exe[988] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 012911E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Steam\Steam.exe[988] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 01291120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\WINDOWS\explorer.exe[1756] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 03FD1040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\WINDOWS\explorer.exe[1756] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 03FD11E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\WINDOWS\explorer.exe[1756] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 03FD1120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Documents and Settings\ERIKA VASEK\Desktop\gmer.exe[1984] USER32.DLL!SetWindowPos 7E4299F3 5 Bytes JMP 10001040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Documents and Settings\ERIKA VASEK\Desktop\gmer.exe[1984] USER32.DLL!DrawIconEx 7E42CB84 5 Bytes JMP 100011E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Documents and Settings\ERIKA VASEK\Desktop\gmer.exe[1984] USER32.DLL!GetIconInfo 7E42D427 5 Bytes JMP 10001120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
---- Kernel IAT/EAT - GMER 1.0.14 ----
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
---- User IAT/EAT - GMER 1.0.14 ----
IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- Registry - GMER 1.0.14 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Encyklopedie Přírody 2.0
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Encyklopedie Přírody 2.0@SlowInfoCache 0x28 0x02 0x00 0x00 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Encyklopedie Přírody 2.0@Changed 0
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Encyklopedie Přírody 2.0
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Encyklopedie Přírody 2.0@UninstallString C:\WINDOWS\IsUn0405.exe -f"C:\Program Files\BSP Multimedia\Encyklopedie Prirody 2.0\Uninst.isu"
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Encyklopedie Přírody 2.0@DisplayName Encyklopedie P??rody 2.0
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BSP Multimedia\Encyklopedie Přírody 2.0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BSP Multimedia\Encyklopedie Přírody 2.0@Order 0x08 0x00 0x00 0x00 ...
---- Files - GMER 1.0.14 ----
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor2on.jpg 7260 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\sbbottom2.jpg 6857 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\bar.jpg 5152 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\bar2.jpg 5111 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX\family1_face.jpg 2789 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX\family1_full.jpg 9749 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX\faminfo_1_-239311147 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\familyhome.html 20344 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\familymember1.html 11746 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\family_a.jpg 6982 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\family_b.jpg 6507 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\family_c.jpg 6969 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house.html 12090 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor1off.jpg 6662 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor1on.jpg 6785 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor2dis.jpg 6672 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor2off.jpg 7290 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\houseroofoff.jpg 8302 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\houseroofon.jpg 8645 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house_a.jpg 7189 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house_b.jpg 6794 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house_c.jpg 6940 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\logo.jpg 11265 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\logo2.jpg 10950 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\photo_a.jpg 7263 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\photo_b.jpg 6828 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\photo_c.jpg 6750 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\sbbottom.jpg 7146 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapbook1.html 10921 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_icon.jpg 13249 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_next_a.jpg 5514 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_next_b.jpg 5527 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_prev_a.jpg 5538 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_prev_b.jpg 5520 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrappatt.jpg 6139 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\StockGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\thesims.css 2902 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\vbar.jpg 5453 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\vbar2.jpg 5366 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\yellowback.jpg 5393 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\family_c.jpg 6969 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\houseroofon.jpg 8645 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\bar.jpg 5152 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\bar2.jpg 5111 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family5_face.jpg 2577 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family1_face.jpg 2795 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family1_full.jpg 9680 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family2_face.jpg 2529 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family2_full.jpg 9664 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family3_face.jpg 2684 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family3_full.jpg 9893 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family4_face.jpg 2758 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family4_full.jpg 9934 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family5_full.jpg 9849 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family6_face.jpg 2635 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family6_full.jpg 9887 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family7_face.jpg 2486 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family7_full.jpg 7307 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_1_805811108 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_2_-811403648 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_3_1727120840 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_4_39051550 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_5_-595005520 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_6_-1048667347 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_7_-1795165458 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familyhome.html 20332 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember1.html 11741 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember2.html 11740 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember3.html 11741 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember4.html 11731 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember5.html 11742 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember6.html 11740 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember7.html 11713 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\family_a.jpg 6982 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\family_b.jpg 6507 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house.html 12072 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor1off.jpg 6662 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor1on.jpg 6785 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor2dis.jpg 6672 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor2off.jpg 7290 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor2on.jpg 7260 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\houseroofoff.jpg 8302 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house_a.jpg 7189 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house_b.jpg 6794 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house_c.jpg 6940 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\logo.jpg 11265 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\logo2.jpg 10950 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\photo_a.jpg 7263 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\photo_b.jpg 6828 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\photo_c.jpg 6750 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\sbbottom.jpg 7146 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\sbbottom2.jpg 6857 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapbook1.html 10885 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_icon.jpg 13249 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_next_a.jpg 5514 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_next_b.jpg 5527 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_prev_a.jpg 5538 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_prev_b.jpg 5520 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrappatt.jpg 6139 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\StockGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\thesims.css 2902 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\vbar.jpg 5453 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\vbar2.jpg 5366 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\yellowback.jpg 5393 bytes
---- EOF - GMER 1.0.14 ----
Rootkit scan 2008-12-13 19:55:23
Windows 5.1.2600 Service Pack 3
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.14 ----
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-12-13 20:16:09
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.14 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xBAD6F576]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xBAD6F432]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xBAD6F910]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xBAD6F00A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xBAD6F50C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xBAD6EF4A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xBAD6EFAE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xBAD6F62C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xBAD6F5EC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xBAD6F76C]
---- Kernel code sections - GMER 1.0.14 ----
? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS The system cannot find the file specified. !
? C:\ComboFix\catchme.sys The system cannot find the path specified. !
---- User code sections - GMER 1.0.14 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[240] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 01611040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Mozilla Firefox\firefox.exe[240] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 016111E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Mozilla Firefox\firefox.exe[240] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 01611120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[528] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 015F1040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[528] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 015F11E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[528] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 015F1120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Steam\Steam.exe[988] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 01291040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Steam\Steam.exe[988] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 012911E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Program Files\Steam\Steam.exe[988] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 01291120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\WINDOWS\explorer.exe[1756] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 03FD1040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\WINDOWS\explorer.exe[1756] USER32.dll!DrawIconEx 7E42CB84 5 Bytes JMP 03FD11E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\WINDOWS\explorer.exe[1756] USER32.dll!GetIconInfo 7E42D427 5 Bytes JMP 03FD1120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Documents and Settings\ERIKA VASEK\Desktop\gmer.exe[1984] USER32.DLL!SetWindowPos 7E4299F3 5 Bytes JMP 10001040 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Documents and Settings\ERIKA VASEK\Desktop\gmer.exe[1984] USER32.DLL!DrawIconEx 7E42CB84 5 Bytes JMP 100011E0 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
.text C:\Documents and Settings\ERIKA VASEK\Desktop\gmer.exe[1984] USER32.DLL!GetIconInfo 7E42D427 5 Bytes JMP 10001120 C:\Program Files\Stardock\CursorFX\CurXP0.dll (CursorFX support DLL/ )
---- Kernel IAT/EAT - GMER 1.0.14 ----
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F7B47684] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F7B476B2] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F7B473FC] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F7B47458] NDISRD.sys (NDISRD helper driver/NT Kernel Resources)
---- User IAT/EAT - GMER 1.0.14 ----
IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- Registry - GMER 1.0.14 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Encyklopedie Přírody 2.0
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Encyklopedie Přírody 2.0@SlowInfoCache 0x28 0x02 0x00 0x00 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Encyklopedie Přírody 2.0@Changed 0
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Encyklopedie Přírody 2.0
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Encyklopedie Přírody 2.0@UninstallString C:\WINDOWS\IsUn0405.exe -f"C:\Program Files\BSP Multimedia\Encyklopedie Prirody 2.0\Uninst.isu"
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Encyklopedie Přírody 2.0@DisplayName Encyklopedie P??rody 2.0
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BSP Multimedia\Encyklopedie Přírody 2.0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BSP Multimedia\Encyklopedie Přírody 2.0@Order 0x08 0x00 0x00 0x00 ...
---- Files - GMER 1.0.14 ----
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor2on.jpg 7260 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\sbbottom2.jpg 6857 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\bar.jpg 5152 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\bar2.jpg 5111 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX\family1_face.jpg 2789 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX\family1_full.jpg 9749 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\FamilyGFX\faminfo_1_-239311147 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\familyhome.html 20344 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\familymember1.html 11746 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\family_a.jpg 6982 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\family_b.jpg 6507 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\family_c.jpg 6969 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house.html 12090 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor1off.jpg 6662 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor1on.jpg 6785 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor2dis.jpg 6672 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\housefloor2off.jpg 7290 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\houseroofoff.jpg 8302 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\houseroofon.jpg 8645 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house_a.jpg 7189 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house_b.jpg 6794 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\house_c.jpg 6940 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\logo.jpg 11265 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\logo2.jpg 10950 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\photo_a.jpg 7263 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\photo_b.jpg 6828 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\photo_c.jpg 6750 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\sbbottom.jpg 7146 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapbook1.html 10921 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_icon.jpg 13249 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_next_a.jpg 5514 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_next_b.jpg 5527 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_prev_a.jpg 5538 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrapnav_prev_b.jpg 5520 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\scrappatt.jpg 6139 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\StockGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\thesims.css 2902 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\vbar.jpg 5453 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\vbar2.jpg 5366 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\.......................\yellowback.jpg 5393 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\family_c.jpg 6969 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\houseroofon.jpg 8645 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\bar.jpg 5152 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\bar2.jpg 5111 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family5_face.jpg 2577 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family1_face.jpg 2795 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family1_full.jpg 9680 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family2_face.jpg 2529 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family2_full.jpg 9664 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family3_face.jpg 2684 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family3_full.jpg 9893 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family4_face.jpg 2758 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family4_full.jpg 9934 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family5_full.jpg 9849 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family6_face.jpg 2635 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family6_full.jpg 9887 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family7_face.jpg 2486 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\family7_full.jpg 7307 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_1_805811108 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_2_-811403648 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_3_1727120840 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_4_39051550 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_5_-595005520 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_6_-1048667347 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\FamilyGFX\faminfo_7_-1795165458 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familyhome.html 20332 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember1.html 11741 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember2.html 11740 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember3.html 11741 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember4.html 11731 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember5.html 11742 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember6.html 11740 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\familymember7.html 11713 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\family_a.jpg 6982 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\family_b.jpg 6507 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house.html 12072 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor1off.jpg 6662 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor1on.jpg 6785 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor2dis.jpg 6672 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor2off.jpg 7290 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\housefloor2on.jpg 7260 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\houseroofoff.jpg 8302 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house_a.jpg 7189 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house_b.jpg 6794 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\house_c.jpg 6940 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\logo.jpg 11265 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\logo2.jpg 10950 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\photo_a.jpg 7263 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\photo_b.jpg 6828 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\photo_c.jpg 6750 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\sbbottom.jpg 7146 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\sbbottom2.jpg 6857 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapbook1.html 10885 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_icon.jpg 13249 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_next_a.jpg 5514 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_next_b.jpg 5527 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_prev_a.jpg 5538 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrapnav_prev_b.jpg 5520 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\scrappatt.jpg 6139 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\StockGFX 0 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\thesims.css 2902 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\vbar.jpg 5453 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\vbar2.jpg 5366 bytes
File C:\Program Files\Maxis\The Sims\UserData\Web Pages\ABC..\yellowback.jpg 5393 bytes
---- EOF - GMER 1.0.14 ----
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:19
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:19:35, on 13.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:90
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC315NC Webcam
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Thoosje Vista Sidebar.lnk = C:\Program Files\Thoosje Sidebar V2.3\Thoosje Vista Sidebar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TrayMin315.exe.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: Hlede&j v ČR - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v &encyklopedii - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5108
O8 - Extra context menu item: Hledej ve &světě - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Hledej ve &zboží - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5107
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - http://download.seznam.cz/listicka/toolbar2007.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://neo.csa.cz/dana-cached/setup/Ju ... tupSP1.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O24 - Desktop Component 0: (no name) - http://p.webshots.com/ProThumbs/72/4527 ... per280.jpg
O24 - Desktop Component 1: (no name) - http://dekanat.johns.cz/gifs/hvezda.jpg
O24 - Desktop Component 2: (no name) - http://jablonna.webzdarma.cz/OrcDrD.JPG
O24 - Desktop Component 3: (no name) - http://upload.wikimedia.org/wikipedia/c ... ca.svg.png
O24 - Desktop Component 4: (no name) - http://www.spnw.de/images/clearpixel.gif
--
End of file - 12319 bytes
Scan saved at 20:19:35, on 13.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:90
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC315NC Webcam
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Thoosje Vista Sidebar.lnk = C:\Program Files\Thoosje Sidebar V2.3\Thoosje Vista Sidebar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TrayMin315.exe.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: Hlede&j v ČR - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v &encyklopedii - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5108
O8 - Extra context menu item: Hledej ve &světě - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Hledej ve &zboží - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5107
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - http://download.seznam.cz/listicka/toolbar2007.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://neo.csa.cz/dana-cached/setup/Ju ... tupSP1.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O24 - Desktop Component 0: (no name) - http://p.webshots.com/ProThumbs/72/4527 ... per280.jpg
O24 - Desktop Component 1: (no name) - http://dekanat.johns.cz/gifs/hvezda.jpg
O24 - Desktop Component 2: (no name) - http://jablonna.webzdarma.cz/OrcDrD.JPG
O24 - Desktop Component 3: (no name) - http://upload.wikimedia.org/wikipedia/c ... ca.svg.png
O24 - Desktop Component 4: (no name) - http://www.spnw.de/images/clearpixel.gif
--
End of file - 12319 bytes
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:30
Logy jsou v pohodě. Jak se nyní chová PC? Nejsou nějaké problémy?
Na PC chybí firewall. Doporučuji nějaký nainstalovat. Výběr zde na foru viry.cz v sekci Firewally. Osobně mohu doporučit Kerio Personal Firewall, Zone Alarm, Outpost Firewall Pro, Comodo Firewall, ...
Pročisti ještě PC s T-Cleanerem.
Na PC chybí firewall. Doporučuji nějaký nainstalovat. Výběr zde na foru viry.cz v sekci Firewally. Osobně mohu doporučit Kerio Personal Firewall, Zone Alarm, Outpost Firewall Pro, Comodo Firewall, ...
Pročisti ještě PC s T-Cleanerem.
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:34
je keiro zdarma?
A ano, chova se "divne" , ale v dobrem slovasmyslu, jede rychleji.
Dekuji za pomoc a muzu pozadat jeste jednu vec: zitra´nebo pozdeji bych vam napsal sem soubory, ktere bech chtel spolehlive smazat / poradit se o nic, poud byste mi mohl dat tipy a rady proti vyrum a nesmyslnym programum, byl bych vdecny
, Dekuji
T-C se zeptal jen na tool kerej nepouzivam od cf a cmd, ten obcas jo, takze tot vse, dik
A ano, chova se "divne" , ale v dobrem slovasmyslu, jede rychleji.
Dekuji za pomoc a muzu pozadat jeste jednu vec: zitra´nebo pozdeji bych vam napsal sem soubory, ktere bech chtel spolehlive smazat / poradit se o nic, poud byste mi mohl dat tipy a rady proti vyrum a nesmyslnym programum, byl bych vdecny
, DekujiT-C se zeptal jen na tool kerej nepouzivam od cf a cmd, ten obcas jo, takze tot vse, dik
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:40
Není zač, samozřejmě se ozvi (jestli teda mohu stále tykat 
) a poradím, s čimkoliv bude třeba. Hodně štěstí, a když bude zase někdy nějaký problém, víš, kde nás hledat.
EDIT: Jo, Kerio je zdarma.
) a poradím, s čimkoliv bude třeba. Hodně štěstí, a když bude zase někdy nějaký problém, víš, kde nás hledat.EDIT: Jo, Kerio je zdarma.
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:43
sakra, ted se pc zacal lagovat... hlavne pri psani mi to nepise a pak to napise vse najednou. tkay se pri psani obcas lagne tak, ze nemuzu nic
jj, ja tady na foru nekdy tikam, nekdy vykam, sem totiz jeste teenager.
jj, ja tady na foru nekdy tikam, nekdy vykam, sem totiz jeste teenager.
Re: Kontrola logu
Napsal: sob 13. pro 2008, 20:50
Já jsem také ještě teenager, vždyť je mi 15, viz můj profil.
OK, a sekal se i dříve? Ještě vlož pro jistotu log z MWAVu, abychom mohli vyloučit softwarový problém. Může se totiž jednat o přehřívání PC, ... ale na to mrkneme až, když log bude plně OK.
Návod (citace):
Stáhněte jednorázový skener MWAV.
Na této stránce najdete přesný návod, jak skener aplikovat, postupujte přesne podle něj předevšim při čištění počítače od nepotřebných souborů, abyste předešli zbytečnému skenování adresářů typu Temp a Temporary Internet Files, což prodlužuje dobu skenování.
Při prvním spuštění zvolte v okénku Language možnost češtiny...
V hlavní (skenovací) obrazovce zkontrolujte stáří virové databáze a případně tlačítkem Update (Aktualizovat) jí zaktualizujte.
Poté zatrhněte Drive a All Local Drives (popř. Disk a Místní disky) a stiskněte tlačítko Scan (Test); Sken trvá neskutečně dlouho, navíc systém bude při skenu plně vytížen, čili neplánujte žádné další akce s počítačem.
Během skenu na Vás pravděpodobně vyskočí okno s hlášením o nalezeném šmejdu a dodatkem, že odstranění bude možné pouze po zakoupení plné verze MWAV; ignorujte a potvrďte hlášku OK.
Poté vložte log z okna Virus Log Information (Informace o nalezených hrozbách) dle výše uvedeného návodu.
Upozornění: Pokud používáte Spyware Terminator nebo jiný Anti-spyware produkt, deaktivujte jeho rezidenční štít - je vhodné na dobu skenu deaktivovat i štít Antiviru, ale není to nutné).
OK, a sekal se i dříve? Ještě vlož pro jistotu log z MWAVu, abychom mohli vyloučit softwarový problém. Může se totiž jednat o přehřívání PC, ... ale na to mrkneme až, když log bude plně OK.
Návod (citace):
Stáhněte jednorázový skener MWAV.
Na této stránce najdete přesný návod, jak skener aplikovat, postupujte přesne podle něj předevšim při čištění počítače od nepotřebných souborů, abyste předešli zbytečnému skenování adresářů typu Temp a Temporary Internet Files, což prodlužuje dobu skenování.
Při prvním spuštění zvolte v okénku Language možnost češtiny...
V hlavní (skenovací) obrazovce zkontrolujte stáří virové databáze a případně tlačítkem Update (Aktualizovat) jí zaktualizujte.
Poté zatrhněte Drive a All Local Drives (popř. Disk a Místní disky) a stiskněte tlačítko Scan (Test); Sken trvá neskutečně dlouho, navíc systém bude při skenu plně vytížen, čili neplánujte žádné další akce s počítačem.
Během skenu na Vás pravděpodobně vyskočí okno s hlášením o nalezeném šmejdu a dodatkem, že odstranění bude možné pouze po zakoupení plné verze MWAV; ignorujte a potvrďte hlášku OK.
Poté vložte log z okna Virus Log Information (Informace o nalezených hrozbách) dle výše uvedeného návodu.
Upozornění: Pokud používáte Spyware Terminator nebo jiný Anti-spyware produkt, deaktivujte jeho rezidenční štít - je vhodné na dobu skenu deaktivovat i štít Antiviru, ale není to nutné).
Re: Kontrola logu
Napsal: sob 13. pro 2008, 21:00
jsem o rok mladsi a pc to delal predtim vyjimecne, ale ted to nemuzu stahnout, pise mi to hlasku: The system cannot find the file specified.
Re: Kontrola logu
Napsal: sob 13. pro 2008, 21:18
Dobře. Tak to zkus projet tímto (je to něco podobného):
Citace:
Aplikujte skener Cure It dle tohoto návodu
Po ukončeni skenu nahlaste výsledky, když něco najde, smaž jej a napiš, kde a co to bylo)
Citace:
Aplikujte skener Cure It dle tohoto návodu
Po ukončeni skenu nahlaste výsledky, když něco najde, smaž jej a napiš, kde a co to bylo)
Re: Kontrola logu
Napsal: sob 13. pro 2008, 22:05
scanuju, al trvato
Re: Kontrola logu
Napsal: sob 13. pro 2008, 22:14
V archivu jsou infikované objekty
přesunout?
Co mam dat??
přesunout?
Co mam dat??
Re: Kontrola logu
Napsal: sob 13. pro 2008, 22:23
Smazat, když nepůjde, tak přesunout.
Re: Kontrola logu
Napsal: sob 13. pro 2008, 22:40
neslo, ale pak sem zjistlil, ze to byl je CF, takze sem dal presunout. mam tak 25 %
Re: Kontrola logu
Napsal: sob 13. pro 2008, 22:42
OK, vždy prostě zkusit smazat a když nepůjde, tak dát přesunout.
Re: Kontrola logu
Napsal: sob 13. pro 2008, 22:48
ok, ja ho stejne cca za hodku vypnu ( dam pausu ), dam spat pc a pak rano pude dal diky
dikyRe: Kontrola logu
Napsal: sob 13. pro 2008, 23:41
Jasně, a když to bude hardwarový problém, taktéž se ho pokusíme vyřešit
Re: Kontrola logu
Napsal: ned 14. pro 2008, 10:37
SAHPackage.exe sem dal smazat cesta: C:/temp a pak tam mam 3 vei s combo fixem, tak sem je smazal taky, kdyztak stahnu pak. Ale 2 adresare cF se nejako nedaj smazat, poslilam screen : http://uloz.to/1050738/untitled.bmp
Re: Kontrola logu
Napsal: ned 14. pro 2008, 11:12
To je v pohodě, ComboFix smaž takto:
Dej Start - Spustit - napiš tam: combofix /u
Zkontroluj teploty PC, můžeš v BIOSu nebo třeba v Everestu - ve Windowsech. A napiš teploty.
Dej Start - Spustit - napiš tam: combofix /u
Zkontroluj teploty PC, můžeš v BIOSu nebo třeba v Everestu - ve Windowsech. A napiš teploty.