prosím o kontrolu logu- kolísavá rychlost internetu

Zpráva

Adamis · #1 Příspěvek od **Adamis** » 02 led 2010 12:07

Zravím vás

jsem tu poprvé, tak snad se tu, co nejdřív rozkoukám...

Hraju online hru cs 1.6 a mám ping třeba 20, ale třeba nastane chvilka, kdy mi to začne lítat 20-800...měřím rychlost netu a 3000kb/s za 30 sekund dám měřit a rychlost je 200kb/s...kolísavá rychlost prostě...jelikož brouzdám všude možně na netu, tak mě napadlo jeslti v něm nemám viry...už to budu také řešit s poskytovatelem, pokud vás něco napadá pište

Tak tedy poprosím zkontrolovat log at můžu rovnou vyloučit např. ty viry...

Logfile of random's system information tool 1.06 (written by random/random)
Run by uzivatel at 2010-01-02 12:05:32
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 90 GB (59%) free of 153 GB
Total RAM: 2047 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:36, on 2.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GM4IE\GM4IE.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Documents and Settings\uzivatel\Plocha\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\GM4IE.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS3\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS4\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 9008 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Automatic troubleshooting.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2008-09-24 1193984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-26 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-23 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-26 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2008-09-24 1193984]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-26 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-11-13 1783808]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"GM4IE"=C:\Program Files\GM4IE\GM4IE.exe [2006-07-23 61440]
"Steam"=c:\program files\valve\steam\steam.exe [2009-12-20 1217808]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-05-01 68856]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-09-14 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2007-11-15 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent"
"C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\DsNET Corp\aTube Catcher 1.0\smh.exe"="C:\Program Files\DsNET Corp\aTube Catcher 1.0\smh.exe:*:Enabled:Smart Media Hunter 0.7"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\uzivatel\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\uzivatel\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike beta\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike beta\hl.exe:*:Enabled:Half-Life Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-01-02 12:05:32 ----D---- C:\rsit
2010-01-01 21:22:42 ----D---- C:\Program Files\Trend Micro
2010-01-01 12:17:28 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-01-01 12:17:27 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-01-01 12:17:10 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\TuneUp Software
2010-01-01 12:16:42 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-01-01 12:16:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-01-01 12:16:09 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-31 16:52:10 ----D---- C:\37e22ea9aa11f61bfe3cb827a136a87a
2009-12-30 16:31:12 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-12-30 16:31:00 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-12-30 16:24:27 ----D---- C:\67a9b814df480fc9e4aed2964c725ce9
2009-12-30 15:43:08 ----D---- C:\Program Files\QuickTime
2009-12-30 15:42:49 ----D---- C:\Program Files\iPod
2009-12-30 15:42:04 ----D---- C:\Program Files\Teamspeak2_RC2
2009-12-30 15:41:58 ----D---- C:\Program Files\SweetIM
2009-12-30 15:41:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\SweetIM
2009-12-30 15:41:56 ----D---- C:\Program Files\Xvid
2009-12-30 15:39:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2009-12-30 15:38:33 ----D---- C:\Program Files\Common Files\ATI Technologies
2009-12-30 15:34:32 ----D---- C:\WINDOWS\LastGood(2)
2009-12-29 22:32:14 ----D---- C:\ATI
2009-12-28 18:22:21 ----D---- C:\Program Files\Lavalys
2009-12-28 11:31:05 ----D---- C:\Program Files\AMD
2009-12-27 11:34:56 ----D---- C:\Program Files\VideoMach-3.4.1
2009-12-27 10:52:46 ----D---- C:\Fraps
2009-12-26 21:02:36 ----D---- C:\Program Files\iPod(3)
2009-12-26 20:36:30 ----D---- C:\Program Files\QuickTime(3)
2009-12-24 23:07:30 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Logitech
2009-12-24 23:06:51 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Leadertech
2009-12-24 23:04:33 ----DC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-12-24 23:03:13 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2009-12-24 23:03:06 ----A---- C:\WINDOWS\system32\KemXML.dll
2009-12-24 23:03:06 ----A---- C:\WINDOWS\system32\KemWnd.dll
2009-12-24 23:03:06 ----A---- C:\WINDOWS\system32\kemutb.dll
2009-12-24 23:03:05 ----A---- C:\WINDOWS\system32\KemUtil.dll
2009-12-24 23:02:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Logitech
2009-12-24 23:02:20 ----D---- C:\Program Files\Common Files\Logishrd
2009-12-24 23:02:08 ----D---- C:\Program Files\Logitech
2009-12-24 23:01:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\LogiShrd
2009-12-15 21:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-14 21:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-14 21:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-14 21:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-14 21:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-14 21:47:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-14 21:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-14 21:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-14 21:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-14 21:15:25 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\PingTesterDataBas
2009-12-14 21:15:14 ----A---- C:\WINDOWS\iun6002.exe

======List of files/folders modified in the last 1 months======

2010-01-02 12:04:36 ----D---- C:\Program Files\Crawler
2010-01-02 12:04:33 ----D---- C:\Program Files\Mozilla Firefox
2010-01-02 11:18:15 ----D---- C:\WINDOWS\Temp
2010-01-02 10:37:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-02 10:20:20 ----D---- C:\WINDOWS\Prefetch
2010-01-01 23:21:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-01 21:22:42 ----RD---- C:\Program Files
2010-01-01 21:04:10 ----D---- C:\WINDOWS
2010-01-01 20:17:04 ----D---- C:\Program Files\Light Artist
2010-01-01 20:11:54 ----D---- C:\Program Files\Spyware Terminator
2010-01-01 20:11:54 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Spyware Terminator
2010-01-01 20:11:14 ----A---- C:\WINDOWS\win.ini
2010-01-01 13:48:33 ----D---- C:\WINDOWS\Minidump
2010-01-01 13:47:23 ----D---- C:\WINDOWS\system32\config
2010-01-01 12:17:39 ----SHD---- C:\WINDOWS\Installer
2010-01-01 12:17:39 ----D---- C:\Config.Msi
2010-01-01 12:17:38 ----SD---- C:\WINDOWS\Tasks
2010-01-01 12:17:28 ----D---- C:\WINDOWS\system32
2009-12-31 22:16:59 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\ICQ
2009-12-31 17:41:17 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-31 17:23:25 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-31 17:23:23 ----RSD---- C:\WINDOWS\Fonts
2009-12-31 17:22:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-31 17:22:10 ----RSD---- C:\WINDOWS\assembly
2009-12-31 17:22:05 ----D---- C:\WINDOWS\WinSxS
2009-12-31 17:17:18 ----D---- C:\WINDOWS\Registration
2009-12-31 17:13:26 ----SD---- C:\Documents and Settings\uzivatel\Data aplikací\Microsoft
2009-12-30 22:07:06 ----D---- C:\Program Files\ICQ6.5
2009-12-30 19:15:11 ----D---- C:\WINDOWS\Debug
2009-12-30 16:31:00 ----HD---- C:\WINDOWS\inf
2009-12-30 16:30:40 ----D---- C:\WINDOWS\system32\cs-cz
2009-12-30 15:57:57 ----D---- C:\Program Files\Common Files
2009-12-30 15:57:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-30 15:57:25 ----D---- C:\Program Files\Nvu
2009-12-30 15:47:20 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-30 15:43:42 ----D---- C:\WINDOWS\system32\wbem
2009-12-30 15:43:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-30 15:43:29 ----D---- C:\WINDOWS\system32\drivers
2009-12-30 15:42:54 ----D---- C:\Program Files\iTunes
2009-12-30 15:42:49 ----D---- C:\Program Files\Common Files\Apple
2009-12-30 15:39:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-30 15:29:54 ----D---- C:\Program Files\ATI Technologies
2009-12-30 10:38:00 ----D---- C:\Program Files\WinClamAVShield
2009-12-26 23:48:17 ----D---- C:\Program Files\Fx Image Manager
2009-12-26 22:24:42 ----D---- C:\Program Files\Bonjour
2009-12-24 23:05:01 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-24 22:28:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2009-12-16 17:36:00 ----D---- C:\WINDOWS\AppPatch
2009-12-15 21:14:25 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-15 19:11:49 ----D---- C:\Program Files\Next Video Converter
2009-12-14 21:47:35 ----D---- C:\Program Files\Internet Explorer
2009-12-14 21:47:29 ----D---- C:\WINDOWS\ie7updates
2009-12-11 19:47:50 ----A---- C:\WINDOWS\WORDPAD.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2001-11-27 11886]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2009-01-29 15424]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2009-01-29 512096]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-09-14 2455040]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2006-09-15 10205696]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2003-11-10 174464]
S2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2004-05-17 41984]
S3 ATICDSDr;ATICDSDr; \??\D:\Install Pack\bin\atiicdxx.sys []
S3 atinrvxx;ATI WDM Rage Theater Video (Microsoft Corporation); C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-03 104960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gel90xne;gel90xne; \??\C:\DOCUME~1\uzivatel\LOCALS~1\Temp\gel90xne.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-30 25280]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MVDCODEC;ATI WDM Specialized MVD Codec (Microsoft Corporation); C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-09-14 483328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-01-29 552064]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-09 66872]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-11-13 570880]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-09-14 593920]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-28 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-26 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2007-11-15 121360]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-01 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Unlimited_Killer

Na logu se pracuje

Unlimited_Killer

Jdeme na to.

~~~

Stáhněte OTM na Plochu. Spusťte ho dvojklikem na OTMoveIt3.exe, pokud máte Vistu, pravým tlačítkem na soubor -> Run as Administrator [spustit jako administrátor].
Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:processes
Explorer.EXE
CToolbar.exe

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"KernelFaultCheck"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tbr]

:files
C:\PROGRA~1\Crawler
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\DOCUME~1\uzivatel\LOCALS~1\Temp\gel90xne.sys

:services
JavaQuickStarterService
gel90xne

:commands
[emptytemp]
[reboot]

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra. Pokud se zobrazí hláška k restartování, klikněte na Yes. Po restartu log najdete v C:\_OTM\MovedFiles

~~~

Spusťte přejmenované HiJackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_usera.exe
Klikněte na 'Do a system scan only'.
U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe

Pokud by tam nějaká položka nebyla, vynechte ji.

~~~

Stáhněte MBAM a postupujte podle popisu. Zatím nic nemažte, MBAM má občas falešné detekce.
Potom mi sem vložte log.

~~~

Po všech těchto krocích budu chtít logy z OTM, MBAM a nový RSIT log.

Adamis · #4 Příspěvek od **Adamis** » 02 led 2010 13:39

LOG Z OTM

All processes killed
========== PROCESSES ==========
No active process named Explorer.EXE was found!
No active process named CToolbar.exe was found!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tbr\ deleted successfully.
========== FILES ==========
C:\PROGRA~1\Crawler\WSGData\domains folder moved successfully.
C:\PROGRA~1\Crawler\WSGData folder moved successfully.
C:\PROGRA~1\Crawler\Update folder moved successfully.
C:\PROGRA~1\Crawler\TBR5LanguageAct folder moved successfully.
C:\PROGRA~1\Crawler\STWSGLanguageAct folder moved successfully.
C:\PROGRA~1\Crawler\Languages folder moved successfully.
C:\PROGRA~1\Crawler\firefox\components folder moved successfully.
C:\PROGRA~1\Crawler\firefox\chrome folder moved successfully.
C:\PROGRA~1\Crawler\firefox folder moved successfully.
C:\PROGRA~1\Crawler\Download folder moved successfully.
C:\PROGRA~1\Crawler\Cache(2)\STWSG(2) folder moved successfully.
C:\PROGRA~1\Crawler\Cache(2)\COMMON(2) folder moved successfully.
C:\PROGRA~1\Crawler\Cache(2) folder moved successfully.
C:\PROGRA~1\Crawler folder moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
File/Folder C:\DOCUME~1\uzivatel\LOCALS~1\Temp\gel90xne.sys not found.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gel90xne stopped successfully!
Service gel90xne deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: CS 1.6
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: uzivatel
->Temp folder emptied: 13625391 bytes
->Temporary Internet Files folder emptied: 3694693 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 172033499 bytes
->Google Chrome cache emptied: 10118324 bytes
->Apple Safari cache emptied: 423398 bytes
->Opera cache emptied: 720369 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
Windows Temp folder emptied: 459235 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23948856 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 217,00 mb

OTM by OldTimer - Version 3.1.4.0 log created on 01022010_133359

Adamis · #5 Příspěvek od **Adamis** » 02 led 2010 14:00

LOG MBAN....
stačí takto log ? Nebo ho mám udělat znova ? protože mi nějak smizel ten původní, co jsem dal uložit a vyjelo jen toto

Malwarebytes' Anti-Malware 1.43
Verze databáze: 3477
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

2.1.2010 13:53:58
mbam-log-2010-01-02 (13-53-54).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 113053
Uplynulý čas: 4 minute(s), 27 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 5

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\WINDOWS\system32\winfrun32.bin (Malware.Trace) -> No action taken.
C:\WINDOWS\default.htm (Trojan.Agent) -> No action taken.
C:\WINDOWS\licencia.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\telefonos.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\textos.txt (Malware.Trace) -> No action taken.

Adamis · #6 Příspěvek od **Adamis** » 02 led 2010 14:09

RSIT LOG

jak to vypadá ? možná jsem něco provedl špatně nebo ještě jednou něco, tak napiš

Logfile of random's system information tool 1.06 (written by random/random)
Run by uzivatel at 2010-01-02 14:08:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 90 GB (59%) free of 153 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:08:20, on 2.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GM4IE\GM4IE.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\uzivatel\Plocha\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\GM4IE.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS3\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O17 - HKLM\System\CS4\Services\Tcpip\..\{623849E7-7124-4215-AF31-2B6267143894}: NameServer = 212.71.131.166,212.71.131.6
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7385 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Automatic troubleshooting.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-26 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-23 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-26 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-26 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-11-13 1783808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"GM4IE"=C:\Program Files\GM4IE\GM4IE.exe [2006-07-23 61440]
"Steam"=c:\program files\valve\steam\steam.exe [2009-12-20 1217808]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-09-14 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2007-11-15 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent"
"C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\DsNET Corp\aTube Catcher 1.0\smh.exe"="C:\Program Files\DsNET Corp\aTube Catcher 1.0\smh.exe:*:Enabled:Smart Media Hunter 0.7"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\uzivatel\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\uzivatel\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike beta\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\neplakejte\counter-strike beta\hl.exe:*:Enabled:Half-Life Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-01-02 13:47:27 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Malwarebytes
2010-01-02 13:47:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-02 13:47:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-02 13:33:59 ----D---- C:\_OTM
2010-01-02 12:05:32 ----D---- C:\rsit
2010-01-01 21:22:42 ----D---- C:\Program Files\Trend Micro
2010-01-01 12:17:28 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-01-01 12:17:27 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-01-01 12:17:10 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\TuneUp Software
2010-01-01 12:16:42 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-01-01 12:16:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-01-01 12:16:09 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-31 16:52:10 ----D---- C:\37e22ea9aa11f61bfe3cb827a136a87a
2009-12-30 16:31:12 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-12-30 16:31:00 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-12-30 16:24:27 ----D---- C:\67a9b814df480fc9e4aed2964c725ce9
2009-12-30 15:43:08 ----D---- C:\Program Files\QuickTime
2009-12-30 15:42:49 ----D---- C:\Program Files\iPod
2009-12-30 15:42:04 ----D---- C:\Program Files\Teamspeak2_RC2
2009-12-30 15:41:58 ----D---- C:\Program Files\SweetIM
2009-12-30 15:41:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\SweetIM
2009-12-30 15:41:56 ----D---- C:\Program Files\Xvid
2009-12-30 15:39:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2009-12-30 15:38:33 ----D---- C:\Program Files\Common Files\ATI Technologies
2009-12-30 15:34:32 ----D---- C:\WINDOWS\LastGood(2)
2009-12-29 22:32:14 ----D---- C:\ATI
2009-12-28 18:22:21 ----D---- C:\Program Files\Lavalys
2009-12-28 11:31:05 ----D---- C:\Program Files\AMD
2009-12-27 11:34:56 ----D---- C:\Program Files\VideoMach-3.4.1
2009-12-27 10:52:46 ----D---- C:\Fraps
2009-12-26 21:02:36 ----D---- C:\Program Files\iPod(3)
2009-12-26 20:36:30 ----D---- C:\Program Files\QuickTime(3)
2009-12-24 23:07:30 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Logitech
2009-12-24 23:06:51 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Leadertech
2009-12-24 23:04:33 ----DC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-12-24 23:03:13 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2009-12-24 23:03:06 ----A---- C:\WINDOWS\system32\KemXML.dll
2009-12-24 23:03:06 ----A---- C:\WINDOWS\system32\KemWnd.dll
2009-12-24 23:03:06 ----A---- C:\WINDOWS\system32\kemutb.dll
2009-12-24 23:03:05 ----A---- C:\WINDOWS\system32\KemUtil.dll
2009-12-24 23:02:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Logitech
2009-12-24 23:02:20 ----D---- C:\Program Files\Common Files\Logishrd
2009-12-24 23:02:08 ----D---- C:\Program Files\Logitech
2009-12-24 23:01:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\LogiShrd
2009-12-15 21:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-14 21:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-14 21:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-14 21:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-14 21:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-14 21:47:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-14 21:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-14 21:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-14 21:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-14 21:15:25 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\PingTesterDataBas
2009-12-14 21:15:14 ----A---- C:\WINDOWS\iun6002.exe

======List of files/folders modified in the last 1 months======

2010-01-02 13:58:25 ----D---- C:\WINDOWS\Temp
2010-01-02 13:58:03 ----D---- C:\Program Files\Mozilla Firefox
2010-01-02 13:56:09 ----D---- C:\WINDOWS\system32\drivers
2010-01-02 13:55:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-02 13:55:00 ----D---- C:\WINDOWS\system32
2010-01-02 13:55:00 ----D---- C:\WINDOWS
2010-01-02 13:47:27 ----D---- C:\WINDOWS\Prefetch
2010-01-02 13:47:19 ----RD---- C:\Program Files
2010-01-02 13:34:10 ----SD---- C:\WINDOWS\Tasks
2010-01-02 10:37:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-01 20:17:04 ----D---- C:\Program Files\Light Artist
2010-01-01 20:11:54 ----D---- C:\Program Files\Spyware Terminator
2010-01-01 20:11:54 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Spyware Terminator
2010-01-01 20:11:14 ----A---- C:\WINDOWS\win.ini
2010-01-01 13:48:33 ----D---- C:\WINDOWS\Minidump
2010-01-01 13:47:23 ----D---- C:\WINDOWS\system32\config
2010-01-01 12:17:39 ----SHD---- C:\WINDOWS\Installer
2010-01-01 12:17:39 ----D---- C:\Config.Msi
2009-12-31 22:16:59 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\ICQ
2009-12-31 17:41:17 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-31 17:23:25 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-31 17:23:23 ----RSD---- C:\WINDOWS\Fonts
2009-12-31 17:22:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-31 17:22:10 ----RSD---- C:\WINDOWS\assembly
2009-12-31 17:22:05 ----D---- C:\WINDOWS\WinSxS
2009-12-31 17:17:18 ----D---- C:\WINDOWS\Registration
2009-12-31 17:13:26 ----SD---- C:\Documents and Settings\uzivatel\Data aplikací\Microsoft
2009-12-30 22:07:06 ----D---- C:\Program Files\ICQ6.5
2009-12-30 19:15:11 ----D---- C:\WINDOWS\Debug
2009-12-30 16:31:00 ----HD---- C:\WINDOWS\inf
2009-12-30 16:30:40 ----D---- C:\WINDOWS\system32\cs-cz
2009-12-30 15:57:57 ----D---- C:\Program Files\Common Files
2009-12-30 15:57:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-30 15:57:25 ----D---- C:\Program Files\Nvu
2009-12-30 15:47:20 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-30 15:43:42 ----D---- C:\WINDOWS\system32\wbem
2009-12-30 15:43:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-30 15:42:54 ----D---- C:\Program Files\iTunes
2009-12-30 15:42:49 ----D---- C:\Program Files\Common Files\Apple
2009-12-30 15:39:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-30 15:29:54 ----D---- C:\Program Files\ATI Technologies
2009-12-30 10:38:00 ----D---- C:\Program Files\WinClamAVShield
2009-12-26 23:48:17 ----D---- C:\Program Files\Fx Image Manager
2009-12-26 22:24:42 ----D---- C:\Program Files\Bonjour
2009-12-24 23:05:01 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-24 22:28:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2009-12-16 17:36:00 ----D---- C:\WINDOWS\AppPatch
2009-12-15 21:14:25 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-15 19:11:49 ----D---- C:\Program Files\Next Video Converter
2009-12-14 21:47:35 ----D---- C:\Program Files\Internet Explorer
2009-12-14 21:47:29 ----D---- C:\WINDOWS\ie7updates
2009-12-11 19:47:50 ----A---- C:\WINDOWS\WORDPAD.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2001-11-27 11886]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2009-01-29 15424]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2009-01-29 512096]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-09-14 2455040]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2006-09-15 10205696]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2003-11-10 174464]
S2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2004-05-17 41984]
S3 ATICDSDr;ATICDSDr; \??\D:\Install Pack\bin\atiicdxx.sys []
S3 atinrvxx;ATI WDM Rage Theater Video (Microsoft Corporation); C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-03 104960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-30 25280]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MVDCODEC;ATI WDM Specialized MVD Codec (Microsoft Corporation); C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-09-14 483328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-01-29 552064]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-09 66872]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-11-13 570880]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-09-14 593920]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-28 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-26 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2007-11-15 121360]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-01 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Unlimited_Killer

Nechte MBAMem vše smazat a spusťte ho znovu - tentokrát Kompletní kontrolu.
Pro jistotu...

~~~

Vložte sem log z ComboFix.

Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.

Adamis · #8 Příspěvek od **Adamis** » 02 led 2010 19:28

LOG Z COMBOFIX Jak to vypadá?:)

ComboFix 10-01-01.05 - uzivatel 02.01.2010 19:20:23.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1660 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Plocha\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Bat
c:\program files\Bat\Bat.info
c:\program files\Bat\Bat.original
c:\program files\Bat\un_BatSetup_15041.txt
c:\program files\Bat\X_Bat.log
c:\program files\ICQ6.5\ICQLRun.exe
C:\Thumbs.db
c:\windows\ky.sxc
c:\windows\Mafia
c:\windows\Mafia \uninstall.exe
c:\windows\mscon.sio

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-02 do 2010-01-02 )))))))))))))))))))))))))))))))
.

2010-01-02 12:47 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-02 12:47 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 12:47 . 2010-01-02 12:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-02 12:33 . 2010-01-02 12:33 -------- d-----w- C:\_OTM
2010-01-02 11:05 . 2010-01-02 11:05 -------- d-----w- C:\rsit
2010-01-01 20:22 . 2010-01-01 20:22 -------- d-----w- c:\program files\Trend Micro
2010-01-01 11:17 . 2009-10-30 14:08 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2010-01-01 11:17 . 2009-10-30 14:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-01-01 11:16 . 2010-01-01 11:17 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-12-31 15:52 . 2009-12-31 15:52 -------- d-----w- C:\37e22ea9aa11f61bfe3cb827a136a87a
2009-12-30 15:31 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-12-30 15:24 . 2009-12-30 15:24 -------- d-----w- C:\67a9b814df480fc9e4aed2964c725ce9
2009-12-30 14:43 . 2009-12-30 14:43 -------- d-----w- c:\windows\system32\wbem\Repository
2009-12-30 14:43 . 2009-12-30 14:43 -------- d-----w- c:\program files\QuickTime
2009-12-30 14:42 . 2009-12-30 14:42 -------- d-----w- c:\program files\iPod
2009-12-30 14:42 . 2009-12-30 14:42 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-12-26 20:02 . 2009-12-30 14:42 -------- d-----w- c:\program files\iPod(3)
2009-12-26 19:36 . 2009-12-30 14:43 -------- d-----w- c:\program files\QuickTime(3)
2009-12-24 22:03 . 2007-11-15 09:06 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2009-12-24 22:03 . 2007-11-15 09:07 76304 ----a-w- c:\windows\system32\KemXML.dll
2009-12-24 22:03 . 2007-11-15 09:07 117264 ----a-w- c:\windows\system32\KemWnd.dll
2009-12-24 22:03 . 2007-11-15 09:07 170512 ----a-w- c:\windows\system32\kemutb.dll
2009-12-24 22:03 . 2007-11-15 09:07 141840 ----a-w- c:\windows\system32\KemUtil.dll
2009-12-24 22:02 . 2009-12-24 22:06 -------- d-----w- c:\program files\Common Files\Logishrd
2009-12-24 22:02 . 2009-12-24 22:02 -------- d-----w- c:\program files\Logitech
2009-12-24 09:52 . 2009-12-24 09:52 68208 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-15 19:54 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-14 20:15 . 2009-12-14 20:14 724992 ----a-w- c:\windows\iun6002.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-02 18:23 . 2009-06-20 08:32 -------- d-----w- c:\program files\ICQ6.5
2010-01-01 19:17 . 2008-05-09 19:11 -------- d-----w- c:\program files\Light Artist
2010-01-01 19:11 . 2008-11-13 18:20 -------- d-----w- c:\program files\Spyware Terminator
2009-12-31 16:22 . 2004-08-18 12:00 94552 ----a-w- c:\windows\system32\perfc005.dat
2009-12-31 16:22 . 2004-08-18 12:00 461310 ----a-w- c:\windows\system32\perfh005.dat
2009-12-30 14:57 . 2009-08-27 10:26 -------- d-----w- c:\program files\Nvu
2009-12-30 14:42 . 2008-03-20 11:52 -------- d-----w- c:\program files\iTunes
2009-12-30 14:42 . 2008-03-20 11:51 -------- d-----w- c:\program files\Common Files\Apple
2009-12-30 14:41 . 2009-12-30 14:41 -------- d-----w- c:\program files\SweetIM
2009-12-30 14:41 . 2009-12-30 14:41 -------- d-----w- c:\program files\Xvid
2009-12-30 14:40 . 2009-12-27 10:34 -------- d-----w- c:\program files\VideoMach-3.4.1
2009-12-30 14:39 . 2008-03-18 08:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-30 14:38 . 2009-12-30 14:38 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-12-30 14:29 . 2008-04-11 16:54 -------- d-----w- c:\program files\ATI Technologies
2009-12-30 09:38 . 2008-04-14 13:13 -------- d-----w- c:\program files\WinClamAVShield
2009-12-28 17:22 . 2009-12-28 17:22 -------- d-----w- c:\program files\Lavalys
2009-12-28 10:31 . 2009-12-28 10:31 -------- d-----w- c:\program files\AMD
2009-12-26 22:48 . 2008-12-20 18:32 -------- d-----w- c:\program files\Fx Image Manager
2009-12-26 21:24 . 2008-07-13 17:03 -------- d-----w- c:\program files\Bonjour
2009-12-24 22:04 . 2009-12-24 22:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-12-24 22:04 . 2009-12-24 22:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-12-24 22:04 . 2009-12-24 22:04 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-12-15 18:11 . 2009-06-09 12:23 -------- d-----w- c:\program files\Next Video Converter
2009-12-06 12:35 . 2009-10-20 17:32 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-21 16:03 . 2004-08-18 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:45 . 2004-08-18 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:45 . 2009-07-14 18:12 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:45 . 2004-08-18 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 05:40 . 2004-08-18 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-18 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-18 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-18 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-18 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2004-08-18 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GM4IE"="c:\program files\GM4IE\GM4IE.exe" [2006-07-23 61440]
"Steam"="c:\program files\valve\steam\steam.exe" [2009-12-20 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-11-13 1783808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-24 784912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-15 09:10 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 1.0\\smh.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\neplakejte\\counter-strike\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\neplakejte\\counter-strike beta\\hl.exe"=

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [13.4.2004 18:09 77312]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [29.1.2009 21:43 11886]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [29.1.2009 21:08 15424]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [13.11.2008 19:21 141312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.4.2008 7:43 717296]
S3 ATICDSDr;ATICDSDr;\??\d:\install pack\bin\atiicdxx.sys --> d:\install pack\bin\atiicdxx.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [26.8.2009 19:51 1527900]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-01-02 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 14:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
TCP: {623849E7-7124-4215-AF31-2B6267143894} = 212.71.131.166,212.71.131.6
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\vb2cshdx.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-CToolbar_UNINSTALL - c:\progra~1\Crawler\CToolbar.exe
AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-02 19:24
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(764)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Celkový čas: 2010-01-02 19:26:41
ComboFix-quarantined-files.txt 2010-01-02 18:26

Před spuštěním: Volných bajtů: 93 941 805 056
Po spuštění: Volných bajtů: 93 905 997 824

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 66E46762E78EDE50DA30A548406347CE

Unlimited_Killer

Už to vypadá čisté, teď jen uklidíme.

~~~

Odinstalujte ComboFix
Start >> Spustit >> vkopírujte do okénka:

Kód: Vybrat vše

ComboFix /Uninstall

>> stiskněte Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.

~~~

Spusťte opět OTM, ale tentokrát klikněte na 'CleanUp!' [vizte obrázek].

~~~

Jak je na tom PC?

VIRY.CZ

prosím o kontrolu logu- kolísavá rychlost internetu

prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu

Re: prosím o kontrolu logu- kolísavá rychlost internetu