Prosím o kontrolu logu

[Veronika1234]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-02-15 18:22:07
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 24 GB (65%) free of 36 GB
Total RAM: 1014 MB (58% free)


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-11-28 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-11-28 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-11-28 137752]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2009-11-28 102400]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-08-21 772616]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-11-28 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-02-15 18:22:08 ----D---- C:\Program Files\trend micro
2010-02-15 18:22:07 ----D---- C:\rsit
2010-02-09 17:00:57 ----D---- C:\Program Files\PhotoFiltre
2010-01-27 17:37:34 ----A---- C:\WINDOWS\ModemLog_Axesstel USB Modem.txt
2010-01-27 17:36:04 ----A---- C:\WINDOWS\ODBC.INI
2010-01-27 17:35:19 ----D---- C:\Program Files\Axesstel
2010-01-25 13:41:47 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt

======List of files/folders modified in the last 1 months======

2010-02-15 18:22:50 ----D---- C:\WINDOWS\Prefetch
2010-02-15 18:22:08 ----RD---- C:\Program Files
2010-02-15 18:12:58 ----D---- C:\WINDOWS\Temp
2010-02-15 18:11:54 ----D---- C:\Program Files\Mozilla Firefox
2010-02-15 18:11:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-15 18:01:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-07 00:50:50 ----HD---- C:\WINDOWS\inf
2010-01-27 23:16:09 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2010-01-27 23:16:09 ----D---- C:\WINDOWS
2010-01-27 17:37:29 ----D---- C:\WINDOWS\system32
2010-01-27 17:35:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-27 17:33:56 ----D---- C:\WINDOWS\system32\drivers
2010-01-27 13:43:43 ----D---- C:\Program Files\Ufonuv fofr internet
2010-01-27 13:40:47 ----A---- C:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6502).txt
2010-01-27 13:40:46 ----A---- C:\WINDOWS\red_dialer.ini
2010-01-23 23:11:54 ----D---- C:\Program Files\Zoom Player
2010-01-23 20:10:16 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-11-28 1163616]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-09-30 1585728]
R3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-06-06 161792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-11-28 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-10 4449280]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-11-28 215904]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 ae6i8396;ae6i8396; C:\WINDOWS\system32\drivers\ae6i8396.sys []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2009-11-28 9216]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

[Unlimited_Killer]

Na logu se pracuje.

[Caroprd111]

Zaskočím za kolegu.

Za chvíli vám sem napíšu další postup.

[Caroprd111]

Doinstalujte SP3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100

V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523


Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
- Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
- Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít


Jsou s PC nějaké problémy

[Veronika1234]

Ahoj,

jsem moc ráda za pomoc, ale tohle jsem posílala po pročistění cleanrem. Začal se mi samovolně vypínat. Tak nevím, jestli to je od viru, nebo od technické závady. Při vypnutí není zahřátý a nekdy se stane, že má problém naskočit. Ale tak je to všechno zase třeba den ok.

[Caroprd111]

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary

Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrází stránka s licenčnímy podmínkami, pokračujte stisknutím tlačítka "Ano"

Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna

Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.

Během skenování může být počítač restartován.

[Veronika1234]

ComboFix 09-08-10.01 - Administrator 2010-02-16 19:22.4.1 - NTFSx86
> Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1014.517
> [GMT 1:00]
> Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
> AV: AntiVir Desktop *On-access scanning disabled* (Updated)
> {AD166499-45F9-482A-A743-FDD3350758C7}
> .
> - REŽIM S OMEZENOU FUNKČNOSTÍ -
> .
>
> ((((((((((((((((((((((((( Soubory vytvořené od 2010-01-16 do 2010-02-16
> )))))))))))))))))))))))))))))))
> .
>
> 2010-02-15 17:22 . 2010-02-15 17:22 -------- d-----w-
> c:\program files\trend micro
> 2010-02-15 17:22 . 2010-02-15 17:27 -------- d-----w- C:\rsit
> 2010-02-09 16:00 . 2010-02-09 16:01 -------- d-----w-
> c:\program files\PhotoFiltre
> 2010-01-27 16:35 . 2010-01-27 16:35 -------- d-----w-
> c:\program files\Axesstel
> 2010-01-27 16:33 . 2007-03-26 13:25 38784 ----a-r-
> c:\windows\system32\drivers\Axtmvprt.sys
> 2010-01-27 16:33 . 2007-03-26 13:25 40064 ----a-r-
> c:\windows\system32\drivers\Axtmvmdm.sys
> 2010-01-27 16:33 . 2007-03-22 15:36 3456 ----a-r-
> c:\windows\system32\drivers\Axtmvflt.sys
>
> .
> (((((((((((((((((((((((((((((((((((((((( Find3M výpis
> ))))))))))))))))))))))))))))))))))))))))))))))))))))
> .
> 2010-01-27 12:43 . 2010-01-13 17:32 -------- d-----w-
> c:\program files\Ufonuv fofr internet
> 2010-01-23 22:11 . 2009-11-28 16:27 -------- d-----w-
> c:\program files\Zoom Player
> 2010-01-07 00:27 . 2009-11-28 16:15 -------- d-----w-
> c:\program files\ICQ6.5
> 2009-12-17 21:55 . 2009-12-17 21:55 56 ---ha-w-
> c:\windows\system32\ezsidmv.dat
> 2009-12-11 12:26 . 2001-10-25 14:00 47584 ----a-w-
> c:\windows\system32\perfc005.dat
> 2009-12-11 12:26 . 2001-10-25 14:00 313482 ----a-w-
> c:\windows\system32\perfh005.dat
> 2009-12-07 20:18 . 2009-11-28 16:33 56816 ----a-w-
> c:\windows\system32\drivers\avgntflt.sys
> 2009-11-30 21:56 . 2009-11-28 14:40 2426 ----a-w-
> c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
> 2009-11-30 21:56 . 2009-11-28 14:41 86327 ----a-w-
> c:\windows\pchealth\helpctr\OfflineCache\index.dat
> 2009-11-30 21:55 . 2009-11-28 14:41 8972 ----a-w-
> c:\windows\pchealth\helpctr\Config\Cntstore.bin
> 2009-11-28 16:55 . 2009-11-28 16:55 691696 ----a-w-
> c:\windows\system32\drivers\sptd.sys
> 2009-11-28 16:09 . 2009-11-28 16:09 0 ----a-w-
> c:\windows\nsreg.dat
> 2009-11-28 15:51 . 2009-11-28 15:52 215904 ----a-w-
> c:\windows\system32\drivers\SynTP.sys
> 2009-11-28 15:51 . 2009-11-28 15:52 196608 ----a-w-
> c:\windows\system32\SynCtrl.dll
> 2009-11-28 15:51 . 2009-11-28 15:52 163840 ----a-w-
> c:\windows\system32\SynCOM.dll
> 2009-11-28 15:51 . 2009-11-28 15:52 147456 ----a-w-
> c:\windows\system32\SynTPAPI.dll
> 2009-11-28 15:51 . 2009-11-28 15:52 110592 ----a-w-
> c:\windows\system32\SynTPCo4.dll
> 2009-11-28 15:37 . 2009-11-28 15:37 50752 ------w-
> c:\windows\system32\agrsmdel.exe
> 2009-11-28 15:37 . 2007-03-09 13:56 1163616 ----a-w-
> c:\windows\system32\drivers\AGRSM.sys
> 2009-11-28 15:37 . 2006-10-26 12:08 50752 ----a-w-
> c:\windows\agrsmdel.exe
> 2009-11-28 15:37 . 2006-10-05 11:10 9216 ----a-w-
> c:\windows\system32\agrsmsvc.exe
> 2009-11-28 15:37 . 2006-09-11 13:34 13312 ----a-w-
> c:\windows\system32\agrscoin.dll
> 2009-11-28 15:01 . 2009-11-28 15:01 315392 ----a-w-
> c:\windows\HideWin.exe
> 2009-11-28 14:55 . 2009-11-28 14:55 664 ----a-w-
> c:\windows\system32\d3d9caps.dat
> 2009-11-28 14:37 . 2009-11-28 14:37 21812 ----a-w-
> c:\windows\system32\emptyregdb.dat
> .
>
> (((((((((((((((((((((((((((((((((( Spouštěcí body v registru
> )))))))))))))))))))))))))))))))))))))))))))))
> .
> .
> *Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
> REGEDIT4
>
> [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
> "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30
> 369200]
>
> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
> "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-11-28 141848]
> "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-11-28 166424]
> "Persistence"="c:\windows\system32\igfxpers.exe" [2009-11-28 137752]
> "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2009-11-28
> 102400]
> "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader
> 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
> "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
> [2009-09-04 935288]
> "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
> "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
> "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
> [2006-10-26 31016]
> "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-08-21 772616]
> "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe"
> [2007-03-14 83608]
> "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-07-05 16380416]
>
> [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
> "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
>
> [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
> "%windir%\\system32\\sessmgr.exe"=
> "c:\\Program Files\\ICQ6.5\\ICQ.exe"=
> "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
> "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
> "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
> "c:\\Program Files\\Messenger\\msmsgs.exe"=
> "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
> "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
>
> R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program
> files\Avira\AntiVir Desktop\sched.exe [2009-11-28 108289]
> R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\Axtmvflt.sys
> [2010-01-27 3456]
> R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\Axtmvmdm.sys
> [2010-01-27 40064]
> R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\Axtmvprt.sys
> [2010-01-27 38784]
> S3 adusbser;AnyDATA USB Device for Legacy Serial
> Communication;c:\windows\system32\drivers\adusbser.sys [2009-11-29 93440]
> .
> .
> ------- Doplňkový sken -------
> .
> IE: E&xportovat do aplikace Microsoft Excel -
> c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
> Trusted Zone: mojebanka.cz\*
> Trusted Zone: mojebanka.cz\*
> TCP: {D9A82FDF-2EAC-4C92-AB01-3AEC8D91DFAB} = 78.136.128.4 78.136.128.12
> FF - ProfilePath - c:\documents and settings\Administrator\Data
> aplikací\Mozilla\Firefox\Profiles\gwvlkxpe.default\
> FF - prefs.js: browser.search.selectedEngine - Seznam
> FF - prefs.js: browser.startup.homepage - www.seznam.cz
> FF - component: c:\program files\Mozilla
> Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
> FF - plugin: c:\program files\K-Lite Codec
> Pack\Real\browser\plugins\nppl3260.dll
> FF - plugin: c:\program files\K-Lite Codec
> Pack\Real\browser\plugins\nprpjplug.dll
>
> ---- NASTAVENÍ FIREFOXU ----
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("media.enforce_same_site_origin", false);
> c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size",
> 51200);
> c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled",
> true);
> c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled",
> true);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("media.autoplay.enabled", true);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("browser.urlbar.autocomplete.enabled", true);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("capability.policy.mailnews.*.wholeText", "noAccess");
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("dom.storage.default_quota", 5120);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("content.sink.event_probe_rate", 3);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("network.http.prompt-temp-redirect", true);
> c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("layout.css.devPixelsPerPx", -1);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("gestures.enable_single_finger_input", true);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("dom.max_chrome_script_run_time", 0);
> c:\program files\Mozilla Firefox\greprefs\all.js -
> pref("network.tcp.sendbuffer", 131072);
> c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
> c:\program files\Mozilla Firefox\greprefs\security-prefs.js -
> pref("security.ssl3.rsa_seed_sha", true);
> c:\program files\Mozilla Firefox\greprefs\security-prefs.js -
> pref("security.remember_cert_checkbox_default_setting", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js -
> pref("browser.search.param.yahoo-fr", "moz35");
> c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js -
> pref("browser.search.param.yahoo-fr-cjkt", "moz35");
> c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js -
> pref("browser.fixup.alternate.suffix", ".cz");
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("extensions.blocklist.level", 2);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("browser.urlbar.restrict.typed", "~");
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("browser.urlbar.default.behavior", 0);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.history", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.formdata", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.passwords", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.downloads", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.cookies", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.cache", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.sessions", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.offlineApps", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.clearOnShutdown.siteSettings", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.history", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.formdata", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.passwords", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.downloads", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.cookies", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.cache", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.sessions", true);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.offlineApps", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.cpd.siteSettings", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("privacy.sanitize.migrateFx3Prefs", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("browser.ssl_override_behavior", 2);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("security.alternate_certificate_error_page", "certerror");
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("browser.privatebrowsing.autostart", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
> pref("browser.privatebrowsing.dont_prompt_on_enter", false);
> c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri",
> "https://www.google.com/loc/json");
> .
>
> **************************************************************************
>
> catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
> http://www.gmer.net
> Rootkit scan 2010-02-16 19:23
> Windows 5.1.2600 Service Pack 2 NTFS
>
> skenování skrytých procesů ...
>
> skenování skrytých položek 'Po spuštění' ...
>
> skenování skrytých souborů ...
>
> sken byl úspešně dokončen
> skryté soubory: 0
>
> **************************************************************************
> .
> Celkový čas: 2010-02-16 19:24
> ComboFix-quarantined-files.txt 2010-02-16 18:24
>
> Před spuštěním: Volných bajtů: 25,853,083,648
> Po spuštění: Volných bajtů: 25,834,639,360
>
> 160 --- E O F --- 2009-11-28 18:14
>
>
> Dobrý den,

mockrat děkuji za pomoc posílám Vám ty udaje.

[Unlimited_Killer]

Prosím, abyste vložila log, tak jak na Vás 'vybafl', případně jako přílohu přiložte zazipovaný C:\ComboFix.txt