Z vikend 4000 nedorucitelnych mailu

[Roli]

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Pak mi sem dej aktuální log z Rsit a písni jaký je stav PC.

[sartaj]

Nod pri spusteni cehokoli ihned vyhodi hlasku viz foto a prikladam log z RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Standa at 2013-10-22 14:23:46
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 407 GB (85%) free of 477 GB
Total RAM: 3292 MB (75% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-02-25 18791456]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-04-23 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-04-23 174104]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-04-23 144920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-07-25 20684656]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ADnews.lnk]
C:\AUTO-D~2\ADnews.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Service Manager.lnk]
C:\PROGRA~1\MI6841~1\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Standa^Nabídka Start^Programy^Po spuštění^RT-Updater.lnk]
C:\AUTO-D~2\vagcom.exe [2013-01-21 1164288]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
ADnews.lnk - C:\Auto-diagnostika\Auto-diagnostika.exe

C:\Documents and Settings\Standa\Nabídka Start\Programy\Po spuštění
DOSPRN.lnk - C:\Program Files\DOSPRN\DOSprn.exe
RT-Updater.lnk - C:\Auto-diagnostika\vagcom.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-04-21 213504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableVirtualization"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\APP\PPS\mozilla.exe"="C:\APP\PPS\mozilla.exe:*:Enabled:Mozilla"
"C:\APPLIC\Portail\mozilla.exe"="C:\APPLIC\Portail\mozilla.exe:*:Enabled:Mozilla"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"="C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server"
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"="C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\pemicro\prog08sz\prog08sz.exe"="C:\pemicro\prog08sz\prog08sz.exe:*:Enabled:prog08sz"
"C:\Program Files\Air Live IP Wizard II\IPWizardII.exe"="C:\Program Files\Air Live IP Wizard II\IPWizardII.exe:*:Enabled:IP Wizard II"
"C:\Program Files\VideoViewer\VideoViewer.exe"="C:\Program Files\VideoViewer\VideoViewer.exe:*:Enabled:VideoViewer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2013-10-22 14:23:46 ----D---- C:\rsit
2013-10-22 10:38:31 ----SHD---- C:\RECYCLER
2013-10-22 10:37:36 ----A---- C:\SRStatus2.txt
2013-10-22 08:11:39 ----D---- C:\WINDOWS\temp
2013-10-22 07:25:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2013-10-22 07:25:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2013-10-22 07:17:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2884256$
2013-10-22 07:17:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$
2013-10-22 07:16:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2883150$
2013-10-22 07:16:31 ----A---- C:\WINDOWS\imsins.BAK
2013-10-22 07:16:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2013-10-21 19:10:14 ----D---- C:\30e5266ce5920a3c32
2013-10-21 12:47:05 ----D---- C:\WINDOWS\erdnt
2013-10-21 09:01:50 ----D---- C:\FRST
2013-10-21 08:43:55 ----D---- C:\AdwCleaner
2013-10-21 07:46:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\iolo
2013-10-16 12:32:55 ----D---- C:\Program Files\Professional Lambda Remover
2013-10-16 12:32:26 ----D---- C:\Program Files\Professional DPF Remover
2013-10-16 12:32:03 ----D---- C:\Program Files\Professional EGR Remover
2013-10-09 09:24:38 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-10-09 07:23:48 ----D---- C:\Dell
2013-10-08 07:46:45 ----D---- C:\Documents and Settings\Standa\Data aplikací\SUPERAntiSpyware.com
2013-10-07 16:08:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\ngXrVU33
2013-10-07 10:36:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla

======List of files/folders modified in the last 1 months======

2013-10-22 14:23:47 ----D---- C:\Program Files\trend micro
2013-10-22 14:23:35 ----D---- C:\A lek
2013-10-22 14:20:08 ----D---- C:\Documents and Settings\Standa\Data aplikací\Skype
2013-10-22 14:19:26 ----D---- C:\WINDOWS\Prefetch
2013-10-22 14:19:24 ----A---- C:\WINDOWS\win.ini
2013-10-22 14:18:55 ----D---- C:\WINDOWS
2013-10-22 14:18:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\organiser
2013-10-22 14:18:28 ----A---- C:\WINDOWS\BRMFBIDI.INI
2013-10-22 14:18:26 ----D---- C:\Temp
2013-10-22 14:17:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-22 14:17:25 ----D---- C:\WINDOWS\system32\drivers
2013-10-22 13:17:55 ----D---- C:\Program Files\PINReader
2013-10-22 13:11:48 ----D---- C:\Program Files\CarSoftware
2013-10-22 13:04:16 ----D---- C:\Immo Tool
2013-10-22 12:37:07 ----D---- C:\ADCDA2
2013-10-22 12:29:39 ----RD---- C:\Program Files
2013-10-22 12:29:38 ----SD---- C:\WINDOWS\Tasks
2013-10-22 12:28:16 ----SHD---- C:\WINDOWS\Installer
2013-10-22 12:28:10 ----D---- C:\Config.Msi
2013-10-22 12:27:56 ----HD---- C:\WINDOWS\inf
2013-10-22 12:27:45 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-22 11:36:41 ----D---- C:\Program Files\ESET
2013-10-22 11:36:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2013-10-22 10:37:08 ----D---- C:\WINDOWS\system32\Restore
2013-10-22 08:13:18 ----A---- C:\WINDOWS\system.ini
2013-10-22 08:10:06 ----D---- C:\WINDOWS\system32
2013-10-22 08:10:06 ----D---- C:\WINDOWS\AppPatch
2013-10-22 08:10:04 ----D---- C:\Program Files\Common Files
2013-10-22 07:32:56 ----RSD---- C:\WINDOWS\assembly
2013-10-22 07:31:58 ----D---- C:\WINDOWS\Microsoft.NET
2013-10-22 07:27:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-10-22 07:27:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-22 07:27:21 ----D---- C:\WINDOWS\WinSxS
2013-10-22 07:25:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-10-22 07:23:50 ----D---- C:\WINDOWS\system32\MRT
2013-10-22 07:18:45 ----D---- C:\WINDOWS\Debug
2013-10-22 07:18:43 ----A---- C:\WINDOWS\system32\MRT.exe
2013-10-22 07:16:52 ----D---- C:\Program Files\Internet Explorer
2013-10-21 13:01:58 ----D---- C:\WINDOWS\system32\config
2013-10-21 12:54:09 ----D---- C:\WINDOWS\SoftwareDistribution
2013-10-21 12:25:23 ----D---- C:\Documents and Settings\Standa\Data aplikací\DAEMON Tools Lite
2013-10-21 12:24:42 ----D---- C:\Program Files\CCleaner
2013-10-21 11:31:01 ----D---- C:\Carprog
2013-10-21 08:25:27 ----A---- C:\WINDOWS\uPD78dash.ini
2013-10-18 14:13:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2013-10-18 11:24:34 ----D---- C:\Program Files\VideoViewer
2013-10-18 11:24:34 ----A---- C:\WINDOWS\PP2CAN.INI
2013-10-11 19:15:14 ----D---- C:\Documents and Settings\Standa\Data aplikací\vlc
2013-10-09 10:24:28 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 07:19:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-10-09 07:19:03 ----RD---- C:\Program Files\Skype
2013-10-08 11:00:06 ----D---- C:\Firma
2013-10-08 08:10:12 ----D---- C:\Auto-diagnostika
2013-10-08 07:54:54 ----D---- C:\WINDOWS\Minidump
2013-10-08 07:32:23 ----D---- C:\WINDOWS\Resources
2013-10-08 07:14:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-10-07 15:46:00 ----A---- C:\WINDOWS\hc08.ini
2013-10-07 09:25:15 ----D---- C:\Program Files\Immo Bypass v2.0.0.1
2013-09-27 11:31:31 ----D---- C:\Program Files\MultiProg
2013-09-26 18:26:30 ----A---- C:\WINDOWS\hc912.ini
2013-09-26 13:38:48 ----D---- C:\Program Files\Immo Bypass v3.4
2013-09-23 23:55:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2013-09-23 20:25:11 ----N---- C:\WINDOWS\system32\occache.dll
2013-09-23 20:25:11 ----N---- C:\WINDOWS\system32\mstime.dll
2013-09-23 20:25:11 ----A---- C:\WINDOWS\system32\wininet.dll
2013-09-23 20:25:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2013-09-23 20:25:11 ----A---- C:\WINDOWS\system32\url.dll
2013-09-23 20:25:10 ----A---- C:\WINDOWS\system32\mshtmled.dll
2013-09-23 20:25:10 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-09-23 20:25:09 ----N---- C:\WINDOWS\system32\jsproxy.dll
2013-09-23 20:25:09 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 20:25:09 ----A---- C:\WINDOWS\system32\msfeeds.dll
2013-09-23 20:25:09 ----A---- C:\WINDOWS\system32\licmgr10.dll
2013-09-23 20:25:08 ----A---- C:\WINDOWS\system32\iertutil.dll
2013-09-23 20:25:08 ----A---- C:\WINDOWS\system32\iepeers.dll
2013-09-23 20:25:06 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2013-09-23 20:25:06 ----A---- C:\WINDOWS\system32\corpol.dll
2013-09-23 20:06:49 ----N---- C:\WINDOWS\system32\ie4uinit.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2010-04-27 19496]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-11 232512]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-09-16 184664]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-16 134248]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2013-09-16 61600]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2010-03-19 23360]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 DS1410D;DS1410D; C:\WINDOWS\SYSTEM32\drivers\DS1410D.SYS [2005-07-07 6689]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-09-16 174400]
R2 pardrv;pardrv; C:\WINDOWS\system32\drivers\pardrv.sys [2008-01-23 9728]
R2 PEDRV;P&E Microcomputer System PCI Driver.; C:\WINDOWS\system32\drivers\PEDRV.sys [2009-10-16 28080]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R2 STM Parallel Driver;STM Parallel Driver; \??\C:\WINDOWS\system32\drivers\parstm.sys []
R2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 adatadrv;Autodata Protection Service; C:\WINDOWS\system32\DRIVERS\adatadrv.sys [2009-07-01 762112]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2011-07-19 160288]
R3 BrUsbScn;Ovladač skeneru Brother MFC USB; C:\WINDOWS\System32\Drivers\BrUsbScn.sys [2001-08-17 10368]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-07-22 26240]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2013-09-16 38952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-04-21 1917344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-25 5864480]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 PciPPorts;PCI ECP Parallel Port; C:\WINDOWS\system32\DRIVERS\PciPPorts.sys [2009-07-23 82944]
R3 PciSPorts;High-Speed PCI Serial Port; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [2008-12-19 115200]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2008-07-11 37088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2010-11-08 199912]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AMTCAR;Amt-Cartech System Driver (AmtCar.Sys); C:\WINDOWS\System32\Drivers\AmtCar.sys [2007-03-03 31712]
S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CTU2K;CTU2K.SYS CTU2K device driver; C:\WINDOWS\System32\Drivers\CTU2K.sys [2003-01-24 24197]
S3 CYUSB3;UPA-USB3.0 Driver; C:\WINDOWS\System32\Drivers\UPAUSB.sys [2013-02-05 49320]
S3 ezusb;ezusb; C:\WINDOWS\system32\DRIVERS\ezusb.sys []
S3 FTD2XX;VAGUSB.sys VAG-Com USB driver; C:\WINDOWS\System32\Drivers\VAGUSB.sys [2003-10-30 25596]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-08-25 73096]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GIVEIO;GIVEIO; \??\C:\WINDOWS\SYSTEM32\DRIVERS\GIVEIO.SYS []
S3 HS4l;Handyscope HS4 driver (before renumeration); C:\WINDOWS\system32\DRIVERS\HS4l.sys [2010-02-26 18944]
S3 HS4r;Handyscope HS4 driver; C:\WINDOWS\system32\DRIVERS\HS4r.sys [2010-02-26 19840]
S3 jlink;J-Link driver; C:\WINDOWS\System32\Drivers\jlink.sys [2009-10-12 14208]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2012-06-11 20864]
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2012-01-25 8448]
S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2012-06-08 6656]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2012-06-08 23808]
S3 motusbdevice;Motorola USB Dev Driver; C:\WINDOWS\system32\DRIVERS\motusbdevice.sys [2011-11-08 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RT-USB;Ross-Tech USB driver; C:\WINDOWS\system32\drivers\RT-USB.SYS [2010-06-16 59464]
S3 SIUSBXP;SIUSBXP; C:\WINDOWS\system32\drivers\SiUSBXp.sys [2011-10-10 14592]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SmokXX;SmokXX.SYS FT8U2XX device driver; C:\WINDOWS\System32\Drivers\SmokXX.sys [2011-08-18 29292]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 umpusbxp;VCP Serial Port Driver; C:\WINDOWS\system32\DRIVERS\umpusbxp.sys [2007-08-21 76768]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 VCommUSB;Service for ACTIA USB Devices; C:\WINDOWS\System32\Drivers\VCommUSB.sys [2008-12-15 40576]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zlportio;zlportio; \??\Z:\Car\Dashboard\Utility\Calculators\Licznik 8 novy !!!!\Licznik 8\licznic686\licznik8\zlportio.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 661008]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-19 2480048]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2010-03-18 126976]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\APP\FIREBIRD\bin\fbguard.exe [2007-01-31 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 LcSvrAdm;ELSA Administration Service; C:\ElsaWin\bin\LcSvrAdm.exe [2009-07-06 147456]
R2 LcSvrDba;ELSA DBA Server; C:\ElsaWin\bin\LcSvrDba.exe [2009-07-06 241664]
R2 LcSvrHis;ELSA Historie Server; C:\ElsaWin\bin\LcSvrHis.exe [2009-07-06 217088]
R2 LcSvrPAS;ELSA PASS Server; C:\ElsaWin\bin\LcSvrPas.exe [2009-07-06 368640]
R2 LcSvrSaz;ELSA APOSpro Server; C:\ElsaWin\bin\LcSvrSaz.exe [2009-07-06 258048]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Motorola Device Manager;Motorola Device Manager Service; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-24 120728]
R2 MSSQL$SFN;MSSQL$SFN; C:\Program Files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlservr.exe [2002-12-17 7520337]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2008-07-11 328992]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2008-07-11 226592]
R2 VSGate;ELSA Vaudis Service; C:\ElsaWin\bin\VSgate.exe [2009-07-06 81920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\APP\FIREBIRD\bin\fbserver.exe [2007-01-31 1527893]
R3 LcSvrAuf;ELSA Auftragsverwaltungs Service; C:\ElsaWin\bin\LcSvrAuf.exe [2009-07-06 1306624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-08 116648]
S2 ivscheduler;Mcontrol; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S2 W8335XP;Hsfhwazl; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 WorkshopDBService;WorkshopDBService; C:\PROGRA~1\VIVIDW~1\WORKSH~1.EXE [2011-11-28 114688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-08 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 SQLAgent$SFN;SQLAgent$SFN; C:\Program Files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Roli]

Spusť skener Cure It podle TOHOTO návodu

po skončení skenu chci sem výsledky.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)

Pak dej vědět jak to dopadlo.


Co ta složka o které jsem psal, testoval jsi ?

[sartaj]

Tak test proveden, nalezena jedna infekce nejaky Boot atd. stiskl jsem neutralize a chtelo to restart. Zatim vse bezi bez problemu a NOD nepise zadnou detekci haveti. Nemuzu ale najit nikde log z CUREIT abych ho sem poslal. Nevis kde je?? Mimochodem ty soubory v podzrele slozce co jsi psal jsem otestovat Virustotalem a jsou OK. Mam jeste nejak otestoat stroj abychom si byli jisti, ze vse bude OK??

Dik

[Roli]

Nemuzu ale najit nikde log z CUREIT abych ho sem poslal. Nevis kde je??

Měl by být ve složce C:\Documents and Settings\Standa\Data aplikací\Doctor Web

Nebo hned po skenu v okně kliknout na Open report.

Mam jeste nejak otestoat stroj abychom si byli jisti, ze vse bude OK??

Stáhni TDSSKiller a ulož ho na plochu.

Spusť aplikaci, vyber volbu Spustit kontrolu a klik na Start sken

Pokud aplikace najde infikovaný soubor, ukáže se Ti předvolená akce Cure,

v tom případě potvrď tlačítko Continue

Pokud bude chtít apliakce restartovat počítač, klikni na tlačítko Reboot Now

Pokud si restart nevyžádá, klikni na tlačítko Report.

Po té na Tebe vypadne log, jeho obsah zkopíruj sem.

Pokud se log nezobrazí, je uložený na C:\TDSSKiller

[sartaj]

Log z Doctor Web v priloze

[sartaj]

A tady log z TDSS Killeru

Mam zacit slavit ?, konecne otevru tu flasku co je na skrini

[Roli]

Mam zacit slavit ?, .........

Ano začni

........, konecne otevru tu flasku co je na skrini

Otevři a dej si i za mě

Jen PC protáhni CCleanerem a mělo by to být ready

[sartaj]

Ok. DIK moooooooooooc. Kam poslat odmenu ??

[Roli]

Kam poslat odmenu ??

Odkud jsi ?
Že bychom si tu lahvinku dali spolu ne vážně stačí ČÍST

Ok. DIK moooooooooooc

Není zač a pokud již nic s PC potřebuješ je to z mé strany vše.