Preventívna kontrola logu

Zpráva

kmetino · #1 Příspěvek od **kmetino** » 13 dub 2010 15:26

Zdravím poprosil by som o kontrolu logu. AV mi zachytil nejakých wormov z USB (ktoré kolovalo po kamarátoch)

Logfile of random's system information tool 1.06 (written by random/random)
Run by kmetino at 2010-04-13 16:24:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (15%) free of 114 GB
Total RAM: 1535 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:24:14, on 13. 4. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\programy\RocketDock\RocketDock.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\programy\totalcmd\TOTALCMD.EXE
C:\programy\Winamp\winamp.exe
C:\Download\OSTATNE\Rapget.RS_Public_v1.0.4.0_cz\RapgetRS.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
c:\Download\RSIT.exe
C:\Program Files\trend micro\Zvonár.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [RocketDock] "C:\programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Converter... - C:\programy\mp3\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\programy\mp3\MediaManager\grab.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7492 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1336601894-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1336601894-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-07-27 1388544]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"GLDStart"=C:\Program Files\GLDirect\gldirect.exe [2004-07-20 241664]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-02-26 2140880]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\programy\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-12-02 102400]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Games AE2\Age of Empires II\empires2.exe"="C:\Program Files\Microsoft Games AE2\Age of Empires II\empires2.exe:*:Disabled:Age of Empires II"
"C:\Program Files\Valve\Counter-Strike\hl.exe"="C:\Program Files\Valve\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\programy\totalcmd\TOTALCMD.EXE"="C:\programy\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2010-04-13 16:24:10 ----D---- C:\rsit
2010-04-08 14:43:42 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\Thunderbird
2010-04-08 14:43:26 ----D---- C:\Program Files\Mozilla Thunderbird
2010-04-03 10:00:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-03 10:00:22 ----D---- C:\Program Files\Common Files\Java
2010-04-03 09:58:08 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-03 09:58:08 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-03 09:58:08 ----A---- C:\WINDOWS\system32\java.exe
2010-04-01 08:25:28 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-30 22:22:51 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-15 18:47:22 ----D---- C:\Program Files\ESET

======List of files/folders modified in the last 1 months======

2010-04-13 16:24:13 ----D---- C:\Program Files\trend micro
2010-04-13 16:24:06 ----D---- C:\WINDOWS\Prefetch
2010-04-13 16:23:59 ----D---- C:\WINDOWS\temp
2010-04-13 16:23:47 ----RD---- C:\Download
2010-04-13 15:37:17 ----D---- C:\WINDOWS\system32\drivers
2010-04-13 15:35:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-13 15:33:18 ----A---- C:\WINDOWS\wincmd.ini
2010-04-13 09:27:12 ----D---- C:\WINDOWS
2010-04-12 21:03:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-12 19:37:09 ----HD---- C:\WINDOWS\inf
2010-04-10 19:59:14 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\vlc
2010-04-10 19:16:31 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\dvdcss
2010-04-08 14:43:26 ----RD---- C:\Program Files
2010-04-08 09:37:18 ----SHD---- C:\WINDOWS\Installer
2010-04-08 09:37:17 ----D---- C:\Config.Msi
2010-04-08 09:36:57 ----D---- C:\WINDOWS\system32
2010-04-07 21:40:09 ----D---- C:\Program Files\Mozilla Firefox
2010-04-06 11:37:48 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-04-03 10:00:22 ----D---- C:\Program Files\Common Files
2010-04-03 09:57:57 ----D---- C:\Program Files\Java
2010-04-01 08:25:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 10:46:14 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-29 12:15:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-03-29 12:14:48 ----D---- C:\Program Files\Common Files\Adobe
2010-03-29 12:14:37 ----D---- C:\Program Files\Adobe
2010-03-28 13:19:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-24 19:05:24 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\ICQ
2010-03-15 22:21:01 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-02-26 95872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2004-08-28 33995]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-02-26 139192]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-05-17 133200]
R3 FETNDIS;VIA Rhine Family Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\fetnd5a.sys [2002-01-14 36864]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ajwamhwu;ajwamhwu; C:\WINDOWS\system32\drivers\ajwamhwu.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ZVONR~1\LOCALS~1\Temp\catchme.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-10-11 47360]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-02-26 810120]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-02-26 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 13 dub 2010 15:35

Zdravím

Vložte do PC všechny flash disky, které používáte.

Obrázek

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

Spusťte, poté zvolte jazyk E - Enter
Zvolte 1 - Enter
Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

kmetino · #3 Příspěvek od **kmetino** » 13 dub 2010 15:50

############################## | UsbFix V6.103 |

User : Zvonár (Administrators) # PC
Update on 12/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:49:09 | 13. 4. 2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
AV : ESET NOD32 Antivirus 4.2 4.2 [ Enabled | Updated ]

A:\ -> Disketová jednotka 3 1/2"
C:\ -> Místní pevný disk # 111,8 Go (16,5 Go free) # NTFS
D:\ -> Disk CD-ROM
E:\ -> Disk CD-ROM
F:\ -> Vyměnitelný disk # 990,03 Mo (873,29 Mo free) # FAT32

################## | Files # Infected Folders |

F:\l2f.cmd

################## | Registry |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\F
Shell\AutoRun\command =F:\LaunchU3.exe -a

################## | Vaccin |

(!) This computer is not vaccinated!

################## | ! End of report # UsbFix V6.103 ! |

#4 Příspěvek od **Caroprd111** » 13 dub 2010 15:55

Vložte do PC všechny flash disky, které používáte.

Obrázek

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

Spusťte, poté zvolte jazyk E - Enter
Zvolte 2 - Enter (je možný restart PC)
Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

kmetino · #5 Příspěvek od **kmetino** » 13 dub 2010 16:07

############################## | UsbFix V6.103 |

User : Zvonár (Administrators) # PC
Update on 12/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:02:25 | 13. 4. 2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
AV : ESET NOD32 Antivirus 4.2 4.2 [ Enabled | Updated ]

A:\ -> Disketová jednotka 3 1/2"
C:\ -> Místní pevný disk # 111,8 Go (16,3 Go free) # NTFS
D:\ -> Disk CD-ROM
E:\ -> Disk CD-ROM
F:\ -> Vyměnitelný disk # 990,03 Mo (873,29 Mo free) # FAT32

################## | Files # Infected Folders |

Deleted ! C:\Recycler\S-1-5-21-725345543-1336601894-839522115-1003
Deleted ! F:\l2f.cmd
Deleted ! F:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013

################## | Registry |

Deleted ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command

################## | Listing of the present files |

[26. 08. 2008 10:42|---hs----|211] C:\boot.ini
[25. 10. 2001 16:00|-rahs----|4952] C:\Bootfont.bin
[26. 08. 2008 10:47|-rahs----|0] C:\IO.SYS
[24. 02. 2010 15:29|-r-hs----|660] C:\io64.sys
[26. 08. 2008 10:47|-rahs----|0] C:\MSDOS.SYS
[03. 08. 2004 22:38|-rahs----|47564] C:\NTDETECT.COM
[30. 09. 2008 15:38|-rahs----|250576] C:\ntldr
[?|?|?] C:\pagefile.sys
[12. 04. 2010 16:31|---h-----|2619] C:\treeinfo.wc
[13. 04. 2010 17:05|--a------|1756] C:\UsbFix.txt
[18. 05. 2007 16:20|---hs----|16384] F:\csfyshfh.exe
[13. 10. 2009 10:13|--a------|7174176] F:\SUPERAntiSpyware.exe
[08. 10. 2009 22:31|--a------|21022680] F:\TrojanHunterSetup.exe
[13. 04. 2010 12:27|--a------|45942928] F:\setup_av_free.exe
[13. 04. 2010 12:31|--a------|39279104] F:\eav_nt32_sky.msi
[13. 04. 2010 12:33|--a------|3376656] F:\ccsetup230.exe
[18. 05. 2007 16:20|---hs----|16384] F:\nyaisjee.exe
[13. 04. 2010 12:50|--a------|407680] F:\aswclnr.exe
[18. 05. 2007 16:20|---hs----|16384] F:\gyfsbnby.exe
[18. 05. 2007 16:20|---hs----|16384] F:\[AutoRun]nfdyokxp.exe

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# F:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_PC.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.103 ! |

#6 Příspěvek od **Caroprd111** » 13 dub 2010 16:08

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte program, poté klikněte na Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

kmetino · #7 Příspěvek od **kmetino** » 13 dub 2010 16:13

OTL logfile created on: 13. 4. 2010 17:11:07 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = c:\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,80 Gb Total Space | 16,30 Gb Free Space | 14,58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: Zvonár
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.13 17:09:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- c:\Download\OTL.exe
PRC - [2010.03.28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.02.26 07:41:12 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.09.24 08:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\programy\totalcmd\TOTALCMD.EXE
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\programy\RocketDock\RocketDock.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

========== Modules (SafeList) ==========

MOD - [2010.04.13 17:09:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- c:\Download\OTL.exe
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\programy\RocketDock\RocketDock.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.02.26 07:42:34 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.02.26 07:41:12 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - [2010.02.26 07:41:36 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.02.26 07:41:06 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.02.26 07:39:24 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008.10.09 09:18:48 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2004.08.28 13:54:38 | 000,033,995 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2004.08.04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004.07.20 04:13:14 | 000,050,464 | ---- | M] (SciTech Software Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pmhelp.sys -- (pmhelp)
DRV - [2004.07.20 04:13:14 | 000,010,112 | ---- | M] (SciTech Software Inc.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pmfilt.sys -- (pmfilt)
DRV - [2004.04.26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2002.09.20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002.01.14 16:18:46 | 000,036,864 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5a.sys -- (FETNDIS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.5.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: onair_FM@marek.chrenko.net:3.5.1
FF - prefs.js..extensions.enabledItems: {2832ABCD-4444-1012-2D45-132D5447C445}:1.0.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.10 12:12:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.29 12:14:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.04.08 14:43:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.03.15 18:47:25 | 000,000,000 | ---D | M]

[2010.04.08 14:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Extensions
[2010.04.08 14:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.04.06 11:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions
[2009.05.12 17:44:52 | 000,000,000 | ---D | M] (WebTran) -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2008.11.18 19:55:51 | 000,000,000 | ---D | M] (Eurotran XP) -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions\{133ff231-455f-48fb-aeb6-f57292db5b56}
[2009.09.07 16:40:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.02.20 01:17:46 | 000,000,000 | ---D | M] (Rapidlibrary Search ToolBar) -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions\{2832ABCD-4444-1012-2D45-132D5447C445}
[2009.11.29 14:45:02 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009.12.08 17:56:18 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2009.10.29 13:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\extensions\onair_FM@marek.chrenko.net
[2010.04.06 11:34:35 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\searchplugins\icqplugin.xml
[2008.08.27 18:47:57 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Zvonár\Data aplikací\Mozilla\Firefox\Profiles\6z4bvoju.default\searchplugins\winamp-search.xml
[2010.04.06 11:24:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.31 14:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
[2009.08.24 21:37:14 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009.08.24 21:37:14 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.08.24 21:37:14 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009.08.24 21:37:14 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009.08.24 21:37:14 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009.08.24 21:37:14 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2008.10.28 12:10:31 | 000,000,023 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe (SciTech Software, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [RocketDock] C:\programy\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.13 17:05:31 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.13 17:05:31 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010.04.13 16:48:25 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.04.13 16:24:10 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.12 16:31:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Zvonár\Recent
[2010.04.08 14:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Thunderbird
[2010.04.08 14:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zvonár\Data aplikací\Thunderbird
[2010.04.08 14:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2010.04.07 14:47:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zvonár\Plocha\Aplikovaná Kryptografia
[2010.04.03 10:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.04.03 10:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.04.03 09:58:08 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.03 09:58:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.03 09:58:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.03.30 22:22:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.03.15 18:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2009.10.11 14:03:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Zvonár\Data aplikací\pcouffin.sys
[2008.09.30 15:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.09.17 19:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2008.08.26 10:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.08.26 10:47:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2008.08.26 10:47:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.13 17:09:50 | 000,003,690 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.04.13 17:06:25 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Zvonár\NTUSER.DAT
[2010.04.13 17:05:32 | 000,104,841 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip
[2010.04.13 17:02:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.13 17:02:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.13 17:02:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.13 17:00:59 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Zvonár\ntuser.ini
[2010.04.13 16:21:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1336601894-839522115-1003UA.job
[2010.04.13 16:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1336601894-839522115-1003Core.job
[2010.04.12 21:03:29 | 005,336,298 | -H-- | M] () -- C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\IconCache.db
[2010.04.12 19:20:21 | 001,664,512 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\BP_Muška.doc
[2010.04.12 18:23:21 | 000,074,752 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\Andrej Zvonár.doc
[2010.04.12 18:00:42 | 000,130,560 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\bezpečnosť.doc
[2010.04.12 16:37:54 | 000,206,734 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\el_podpis.pdf
[2010.04.12 16:31:29 | 000,002,619 | -H-- | M] () -- C:\treeinfo.wc
[2010.04.12 14:30:08 | 000,521,281 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\SekeraM_Kodovanie.pdf
[2010.04.12 14:24:23 | 000,352,338 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\úvod teorie kodovania.pdf
[2010.04.12 13:55:46 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\Algoritmus RSA.doc
[2010.04.08 15:23:18 | 000,048,640 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\pictures.doc
[2010.04.08 14:57:24 | 000,092,160 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\šifrovanie+ hashovanie.doc
[2010.04.08 14:15:52 | 000,158,896 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\príloha 215 2002.pdf
[2010.04.08 14:06:08 | 000,057,856 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\hystoria.doc
[2010.04.08 11:33:39 | 000,183,296 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\roč. práca.doc
[2010.04.08 10:53:34 | 000,261,632 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\hystoria kryptografie.doc
[2010.04.07 14:36:16 | 000,635,425 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\hashovanie.pdf
[2010.04.07 12:18:13 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\návod TB OpenPGP.doc
[2010.04.06 14:21:38 | 000,012,794 | ---- | M] () -- C:\Documents and Settings\Zvonár\Plocha\GnuPG.pdf
[2010.04.06 11:37:48 | 000,001,169 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010.04.06 11:28:39 | 000,131,072 | ---- | M] () -- C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.28 13:19:14 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 13:19:14 | 000,431,634 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 13:19:14 | 000,078,720 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 13:19:14 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.28 13:19:13 | 001,028,216 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.13 17:05:32 | 000,104,841 | ---- | C] () -- C:\UsbFix_Upload_Me_PC.zip
[2010.04.12 19:20:20 | 001,664,512 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\BP_Muška.doc
[2010.04.12 16:37:54 | 000,206,734 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\el_podpis.pdf
[2010.04.12 14:30:08 | 000,521,281 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\SekeraM_Kodovanie.pdf
[2010.04.12 14:24:23 | 000,352,338 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\úvod teorie kodovania.pdf
[2010.04.12 13:50:34 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\Algoritmus RSA.doc
[2010.04.08 15:18:19 | 000,048,640 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\pictures.doc
[2010.04.08 14:15:52 | 000,158,896 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\príloha 215 2002.pdf
[2010.04.08 11:16:43 | 000,074,752 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\Andrej Zvonár.doc
[2010.04.08 10:52:45 | 000,261,632 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\hystoria kryptografie.doc
[2010.04.07 17:02:00 | 000,092,160 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\šifrovanie+ hashovanie.doc
[2010.04.07 15:05:59 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\hystoria.doc
[2010.04.07 14:36:16 | 000,635,425 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\hashovanie.pdf
[2010.04.07 12:15:52 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\návod TB OpenPGP.doc
[2010.04.06 14:21:38 | 000,012,794 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\GnuPG.pdf
[2010.04.06 14:10:14 | 000,183,296 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\roč. práca.doc
[2010.04.06 14:02:20 | 000,130,560 | ---- | C] () -- C:\Documents and Settings\Zvonár\Plocha\bezpečnosť.doc
[2010.02.22 20:40:21 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2010.01.22 21:29:01 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Zvonár\intlname.ols
[2009.12.22 19:14:19 | 000,000,687 | ---- | C] () -- C:\WINDOWS\d.ini
[2009.10.14 13:50:19 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2009.10.11 14:03:16 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Zvonár\Data aplikací\pcouffin.log
[2009.10.11 14:03:10 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Zvonár\Data aplikací\inst.exe
[2009.10.11 14:03:10 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Zvonár\Data aplikací\pcouffin.cat
[2009.10.11 14:03:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Zvonár\Data aplikací\pcouffin.inf
[2009.06.02 11:07:47 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\Zvonár\Data aplikací\default.pls
[2009.05.12 17:44:12 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2009.05.12 17:42:15 | 000,002,575 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2009.04.08 13:03:09 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2009.04.08 13:03:09 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\1C09CF3C8E.sys
[2008.12.12 15:56:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.08 14:38:41 | 000,001,169 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.10.02 22:31:06 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.10.02 22:31:05 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.08.29 20:13:45 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2008.08.29 18:54:35 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\Chip.dll
[2008.08.29 16:38:14 | 000,131,072 | ---- | C] () -- C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.28 20:47:52 | 000,003,690 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.08.28 18:49:18 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.08.27 17:40:47 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.08.26 10:53:19 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Zvonár\ntuser.dat.LOG
[2008.08.26 10:53:19 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\Zvonár\ntuser.ini
[2008.08.26 10:53:18 | 006,815,744 | -H-- | C] () -- C:\Documents and Settings\Zvonár\NTUSER.DAT
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.03.18 18:40:32 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.03.18 18:40:24 | 000,667,648 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003.04.07 11:38:32 | 000,005,746 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1997.06.14 01:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:08948D52
< End of report >

kmetino · #8 Příspěvek od **kmetino** » 13 dub 2010 16:14

OTL Extras logfile created on: 13. 4. 2010 17:11:07 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = c:\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,80 Gb Total Space | 16,30 Gb Free Space | 14,58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: Zvonár
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\programy\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Games AE2\Age of Empires II\empires2.exe" = C:\Program Files\Microsoft Games AE2\Age of Empires II\empires2.exe:*:Disabled:Age of Empires II -- File not found
"C:\Program Files\Valve\Counter-Strike\hl.exe" = C:\Program Files\Valve\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\programy\totalcmd\TOTALCMD.EXE" = C:\programy\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (Ghisler Software GmbH)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 19
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35865B6F-1FAA-4918-85EE-6C97FD441E1B}" = ESET NOD32 Antivirus
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6D45EF03-E8EE-4355-81C3-F918CBCF1051}" = Nero 8 Ultra Edition HD
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-041B-0000-0000000FF1CE}" = Balík Compatibility Pack pre systém Office 2007
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DC3065BF-95B4-42C5-B47D-0B713CDA75D0}" = Creative Zen Vision M
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}" = Image Grabber II.NET
"10prstami5" = 10prstami5 5.2
"7-Zip" = 7-Zip 4.57
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"ffdshow_is1" = ffdshow [rev 2150] [2008-09-26]
"HijackThis" = HijackThis 2.0.2
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"NVIDIA Drivers" = NVIDIA Drivers
"Return to Castle Wolfenstein" = Return to Castle Wolfenstein
"RocketDock_is1" = RocketDock 1.3.5
"SciTech GLDirect" = SciTech GLDirect
"SysInfo" = Creative System Information
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10. 3. 2010 17:16:14 | Computer Name = PC | Source = Google Update | ID = 20
Description =

Error - 10. 3. 2010 18:16:14 | Computer Name = PC | Source = Google Update | ID = 20
Description =

Error - 12. 3. 2010 12:16:05 | Computer Name = PC | Source = Google Update | ID = 20
Description =

Error - 18. 3. 2010 12:38:18 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.2.1800, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30. 3. 2010 15:23:04 | Computer Name = PC | Source = Google Update | ID = 20
Description =

Error - 6. 4. 2010 7:33:08 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x6543223d.

Error - 8. 4. 2010 7:29:37 | Computer Name = PC | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.5510.0, stamp 3f1380f0,
faulting module trnoutl.dll, version 1.0.0.1, stamp 450d0493, debug? 0, fault address
0x0000d989.

Error - 8. 4. 2010 7:29:40 | Computer Name = PC | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.

Error - 12. 4. 2010 14:12:53 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ICQ.exe, verze 6.5.0.2024, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12. 4. 2010 14:28:36 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace nero.exe, verze 8.3.6.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 10. 3. 2010 14:27:34 | Computer Name = PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.185 pro síťovou kartu se síťovou
adresou 0040F4B150E9 byla ukončena.

Error - 10. 3. 2010 17:07:57 | Computer Name = PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.185 pro síťovou kartu se síťovou
adresou 0040F4B150E9 byla ukončena.

Error - 15. 3. 2010 6:32:31 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby ALG jako uživatel NT AUTHORITY\LocalService se se
současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 15. 3. 2010 6:32:31 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 19. 3. 2010 14:31:33 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby ALG jako uživatel NT AUTHORITY\LocalService se se
současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 19. 3. 2010 14:31:33 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 26. 3. 2010 4:38:09 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby SSDPSRV jako uživatel NT AUTHORITY\LocalService
se se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 26. 3. 2010 4:38:09 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba Služba rozpoznávání pomocí protokolu SSDP neuspěla při spuštění
v důsledku následující chyby: %%1069

Error - 12. 4. 2010 14:28:58 | Computer Name = PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort1 neodpovídá v periodě časového limitu.

Error - 13. 4. 2010 11:02:23 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde

< End of report >

#9 Příspěvek od **Caroprd111** » 13 dub 2010 16:30

Vložte do PC všechny flash disky, které používáte.

Obrázek

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.04.06 11:28:39 | 000,131,072 | ---- | M] () -- C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.11 14:03:10 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Zvonár\Data aplikací\inst.exe
[2009.04.08 13:03:09 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\1C09CF3C8E.sys
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:08948D52

:Files
F:\nyaisjee.exe 
F:\aswclnr.exe 
F:\gyfsbnby.exe 
F:\nfdyokxp.exe
F:\csfyshfh.exe

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[REBOOT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Obrázek

Tohle otestujte na http://www.virustotal.com/cs/
C:\io64.sys

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

kmetino · #10 Příspěvek od **kmetino** » 13 dub 2010 16:36

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\Zvonár\Data aplikací\inst.exe moved successfully.
C:\Documents and Settings\All Users\Data aplikací\1C09CF3C8E.sys moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:08948D52 deleted successfully.
========== FILES ==========
F:\nyaisjee.exe moved successfully.
F:\aswclnr.exe moved successfully.
F:\gyfsbnby.exe moved successfully.
File\Folder F:\nfdyokxp.exe not found.
F:\csfyshfh.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Zvonár
->Temp folder emptied: 62828761 bytes
->Temporary Internet Files folder emptied: 57001360 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 46394204 bytes
->Google Chrome cache emptied: 205987102 bytes
->Flash cache emptied: 2993 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 355,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Zvonár
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.1.1 log created on 04132010_173252

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#11 Příspěvek od **Caroprd111** » 13 dub 2010 16:38

Jak to vypadá s PC

kmetino · #12 Příspěvek od **kmetino** » 13 dub 2010 16:40

http://www.virustotal.com/cs/analisis/e ... 1271173170

kmetino · #13 Příspěvek od **kmetino** » 13 dub 2010 16:43

PC šlape ako hodinky.. Moc ďakujem..

Mám jednu otázočku.. Ten soft USBFix by som mohol použiť aj bez Vášho dohľadu? Na očistenie iných USB kľúčov? Alebo mi nedoporučujete s ním prtacovať bez Vášho dozoru?

#14 Příspěvek od **Caroprd111** » 13 dub 2010 16:49

Můžete s ním pracovat i bez dohledu (infekci maže volba 2). Ovšem bude lepší, když si necháte log zkontrolovat zde na fóru. Poprosím o nový log z RSIT.

kmetino · #15 Příspěvek od **kmetino** » 13 dub 2010 16:53

Logfile of random's system information tool 1.06 (written by random/random)
Run by Zvonár at 2010-04-13 17:52:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 21 GB (18%) free of 114 GB
Total RAM: 1535 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:52:57, on 13. 4. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\programy\RocketDock\RocketDock.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\programy\totalcmd\TOTALCMD.EXE
c:\Download\RSIT.exe
C:\Program Files\trend micro\Zvonár.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Converter... - C:\programy\mp3\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\programy\mp3\MediaManager\grab.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7360 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1336601894-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1336601894-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-07-27 1388544]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"GLDStart"=C:\Program Files\GLDirect\gldirect.exe [2004-07-20 241664]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-02-26 2140880]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\programy\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\Zvonár\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-12-02 102400]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Games AE2\Age of Empires II\empires2.exe"="C:\Program Files\Microsoft Games AE2\Age of Empires II\empires2.exe:*:Disabled:Age of Empires II"
"C:\Program Files\Valve\Counter-Strike\hl.exe"="C:\Program Files\Valve\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\programy\totalcmd\TOTALCMD.EXE"="C:\programy\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-13 17:32:52 ----D---- C:\_OTL
2010-04-13 17:05:31 ----RASHD---- C:\autorun.inf
2010-04-13 17:02:14 ----A---- C:\UsbFix.txt
2010-04-13 16:48:25 ----D---- C:\UsbFix
2010-04-13 16:24:10 ----D---- C:\rsit
2010-04-08 14:43:42 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\Thunderbird
2010-04-08 14:43:26 ----D---- C:\Program Files\Mozilla Thunderbird
2010-04-03 10:00:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-03 10:00:22 ----D---- C:\Program Files\Common Files\Java
2010-04-03 09:58:08 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-03 09:58:08 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-03 09:58:08 ----A---- C:\WINDOWS\system32\java.exe
2010-04-01 08:25:28 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-30 22:22:51 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-15 18:47:22 ----D---- C:\Program Files\ESET

======List of files/folders modified in the last 1 months======

2010-04-13 17:52:56 ----D---- C:\Program Files\trend micro
2010-04-13 17:52:44 ----A---- C:\WINDOWS\wincmd.ini
2010-04-13 17:52:26 ----D---- C:\WINDOWS\temp
2010-04-13 17:33:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-13 17:33:36 ----D---- C:\WINDOWS\system32\Restore
2010-04-13 17:32:53 ----D---- C:\WINDOWS
2010-04-13 17:13:09 ----RD---- C:\Download
2010-04-13 17:05:27 ----SHD---- C:\RECYCLER
2010-04-13 17:01:56 ----D---- C:\WINDOWS\system32\drivers
2010-04-13 17:01:56 ----D---- C:\WINDOWS\system
2010-04-13 16:48:49 ----D---- C:\WINDOWS\Prefetch
2010-04-13 15:35:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-12 19:37:09 ----HD---- C:\WINDOWS\inf
2010-04-10 19:59:14 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\vlc
2010-04-10 19:16:31 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\dvdcss
2010-04-08 14:43:26 ----RD---- C:\Program Files
2010-04-08 09:37:18 ----SHD---- C:\WINDOWS\Installer
2010-04-08 09:37:17 ----D---- C:\Config.Msi
2010-04-08 09:36:57 ----D---- C:\WINDOWS\system32
2010-04-07 21:40:09 ----D---- C:\Program Files\Mozilla Firefox
2010-04-06 11:37:48 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-04-03 10:00:22 ----D---- C:\Program Files\Common Files
2010-04-03 09:57:57 ----D---- C:\Program Files\Java
2010-04-01 08:25:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 10:46:14 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-29 12:15:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-03-29 12:14:48 ----D---- C:\Program Files\Common Files\Adobe
2010-03-29 12:14:37 ----D---- C:\Program Files\Adobe
2010-03-28 13:19:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-24 19:05:24 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\ICQ
2010-03-15 22:21:01 ----D---- C:\Documents and Settings\Zvonár\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-02-26 95872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2004-08-28 33995]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-02-26 139192]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-05-17 133200]
R3 FETNDIS;VIA Rhine Family Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\fetnd5a.sys [2002-01-14 36864]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 av71tlpu;av71tlpu; C:\WINDOWS\system32\drivers\av71tlpu.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ZVONR~1\LOCALS~1\Temp\catchme.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-10-11 47360]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-02-26 810120]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-02-26 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

VIRY.CZ

Preventívna kontrola logu

Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu

Re: Preventívna kontrola logu