Dobry den,
u W2000 pri startu se tesne pred prepnutim do lepsi grafiky (login) provadi automaticky restart. Nabiha to jen v nouzovem rezimu s praci v siti. Zkousel jsem z CD opravit system, nepomohlo to.
Mel jsem podezreni na graficky driver, odinstaloval jsem to, nepomohlo.
Prikladam log z RSIT.
Predem moc dekuji za pomoc.
Dape.
----
Logfile of random's system information tool 1.07 (written by random/random)
Run by david at 2010-05-07 12:05:29
Microsoft Windows 2000 Professional Service Pack 4
System drive C: has 20 GB (27%) free of 76 GB
Total RAM: 504 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:05:36, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
C:\WINNT\Explorer.exe
C:\aaa\RSIT.exe
C:\Program Files\trend micro\david.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [MXOBG] C:\Documents and Settings\david\Local Settings\Temp\{231F68F4-70E4-41A6-BEDA-7E7934169B54}\MXOALDR.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [ParetoLogic Anti-Virus PLUS] "C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.lnk" -NM -hidesplash
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\Icq.exe -trayboot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: Active Disk - {3D057D46-029C-F53E-DCBC-C091EE655EB6} - c:\program files\iomega\autodisk\wbcdfd32.dll (file missing)
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O21 - SSODL: mtklefa - {94D226A3-FA01-4A24-3C8B-A7A2B9F5F4C2} - C:\WINNT\system32\gzbwvq32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll
O22 - SharedTaskScheduler: DDE - {F33812FB-F35C-4674-90F6-FD757C419C51} - (no file)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 12440 bytes
======Scheduled tasks folder======
C:\WINNT\tasks\Ad-Aware Update (Weekly).job
C:\WINNT\tasks\ParetoLogic Anti-Virus PLUS.job
C:\WINNT\tasks\ParetoLogic Anti-Virus PLUS_dbsummary.job
C:\WINNT\tasks\ParetoLogic Registration.job
C:\WINNT\tasks\ParetoLogic Update Version2.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]
PCTools Site Guard - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll [2004-12-20 272384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC}]
PCTools Browser Monitor - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll [2005-01-21 330752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-03-30 1091584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1029,&Rádio - C:\WINNT\System32\msdxm.ocx [2000-03-20 844560]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]
CLSID - []
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\toolbaru.dll [2005-01-19 446464]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=mobsync.exe /logon []
"IgfxTray"=C:\WINNT\system32\igfxtray.exe [2005-06-21 155648]
"HotKeysCmds"=C:\WINNT\system32\hkcmd.exe [2005-06-21 126976]
"SoundMan"=C:\WINNT\SOUNDMAN.EXE [2002-09-11 46592]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2004-09-07 1400944]
"RunIWTray"=C:\Program Files\Norman Security Suite\IWTray.exe [2001-05-09 49152]
"ADUserMon"=C:\Program Files\Iomega\AutoDisk\ADUserMon.exe [2002-01-24 106496]
"Iomega Startup Options"=C:\Program Files\Iomega\Common\ImgStart.exe [2001-01-17 45056]
"Iomega Drive Icons"=C:\Program Files\Iomega\DriveIcons\ImgIcon.exe [2001-11-20 57344]
"Deskup"=C:\Program Files\Iomega\DriveIcons\deskup.exe [2001-10-01 28672]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"NeroFilterCheck"=C:\WINNT\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2004-06-09 66680]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2004-10-06 161096]
""= []
"Norton Ghost 9.0"=C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe [2004-07-29 1122304]
"TCASUTIEXE"=TCAUDIAG.exe -on []
"ScheduleSync.Siemens.SmartSync.5.2.exe"=C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe [2004-08-27 45056]
"MaxtorOneTouch"=C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe [2004-12-22 823296]
"MXOBG"=C:\Documents and Settings\david\Local Settings\Temp\{231F68F4-70E4-41A6-BEDA-7E7934169B54}\MXOALDR.EXE [2006-04-20 94208]
"PinnacleDriverCheck"=C:\WINNT\system32\PSDrvCheck.exe [2003-12-04 406016]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2006-06-01 26112]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"WinVNC"=C:\Program Files\TightVNC\WinVNC.exe [2007-05-07 589824]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-03-30 970240]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-02-08 488984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2007-02-08 774168]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2010-03-01 524632]
"Mirabilis ICQ"=C:\Program Files\ICQ\ICQNet.exe [2003-01-13 49230]
"ParetoLogic Anti-Virus PLUS"=C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.lnk [2010-05-06 2583]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"=C:\WINNT\system32\internat.exe [2000-03-20 20752]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ"=C:\Program Files\ICQ\Icq.exe [2003-01-21 2089541]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-05-07 3139164]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
Portfolio Express.lnk - C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINNT\system32\igfxsrvc.dll [2005-06-21 348160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINNT\system32\NavLogon.dll [2004-10-06 83272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
Active Disk - {3D057D46-029C-F53E-DCBC-C091EE655EB6} - c:\program files\iomega\autodisk\wbcdfd32.dll []
000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll []
mtklefa - {94D226A3-FA01-4A24-3C8B-A7A2B9F5F4C2} - C:\WINNT\system32\gzbwvq32.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
DDE - {F33812FB-F35C-4674-90F6-FD757C419C51}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINNT\system32\split.exe"="C:\WINNT\system32\split.exe:*:Enabled:SMSSERVER"
"C:\Documents and Settings\david\Local Settings\Temp\1E.scr"="C:\Documents and Settings\david\Local Settings\Temp\1E.scr:*:Enabled:SMSSERVER"
"C:\Documents and Settings\david\Local Settings\Temp\20.scr"="C:\Documents and Settings\david\Local Settings\Temp\20.scr:*:Enabled:SMSSERVER"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\WINNT\system32\Notepad.exe %1
.js - open - C:\WINNT\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINNT\system32\Notepad.exe %1
.vbs - open - C:\WINNT\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-07 11:45:11 ----D---- C:\rsit
2010-05-06 16:32:31 ----D---- C:\Qoobox
2010-05-06 16:31:46 ----D---- C:\32788R22FWJFW
2010-05-06 15:34:23 ----A---- C:\rollback.ini
2010-05-06 15:12:47 ----D---- C:\Program Files\ParetoLogic
2010-05-06 15:12:47 ----D---- C:\Program Files\Common Files\ParetoLogic
2010-05-06 15:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic Anti-Virus PLUS
2010-05-06 15:12:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
2010-05-05 15:41:23 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\GARMIN
2010-05-05 15:17:18 ----D---- C:\Program Files\ICQToolbar
2010-05-05 15:15:25 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\ICQLite
2010-05-05 15:15:25 ----AD---- C:\Program Files\ICQLite
2010-05-04 13:51:04 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Mozilla
2010-05-04 13:15:31 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Search Settings
2010-05-04 13:15:31 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\pdfforge
2010-05-04 13:00:33 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\SpamBayes
2010-05-04 12:54:22 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Macromedia
2010-05-04 12:53:42 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Opera
2010-05-04 12:16:18 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Adobe
2010-05-04 11:35:56 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Active Disk
2010-05-04 11:33:00 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Identities
2010-05-04 11:32:33 ----SD---- C:\Documents and Settings\david.STUDIO\Data aplikací\Microsoft
======List of files/folders modified in the last 1 months======
2010-05-07 13:01:38 ----RASH---- C:\boot.ini
2010-05-07 13:01:32 ----AD---- C:\WINNT\Help
2010-05-07 13:01:26 ----AD---- C:\WINNT\System32\drivers
2010-05-07 13:01:24 ----AD---- C:\WINNT\system
2010-05-07 13:01:20 ----AD---- C:\WINNT\msagent
2010-05-07 13:01:19 ----RASD---- C:\WINNT\Fonts
2010-05-07 13:01:11 ----AD---- C:\WINNT\System32\wbem
2010-05-07 13:01:08 ----AD---- C:\WINNT\System32\Setup
2010-05-07 13:00:58 ----AD---- C:\WINNT\System32\ias
2010-05-07 13:00:51 ----AD---- C:\WINNT\System32\export
2010-05-07 12:59:46 ----SD---- C:\WINNT\Web
2010-05-07 12:59:39 ----AD---- C:\WINNT\AppPatch
2010-05-07 12:05:30 ----D---- C:\Program Files\Trend Micro
2010-05-07 12:05:30 ----AD---- C:\WINNT\system32
2010-05-07 12:04:08 ----A---- C:\WINNT\wincmd.ini
2010-05-07 12:02:45 ----SHD---- C:\WINNT\CSC
2010-05-07 12:02:31 ----A---- C:\WINNT\ntbtlog.txt
2010-05-07 11:44:51 ----D---- C:\aaa
2010-05-07 11:30:50 ----AD---- C:\WINNT
2010-05-07 11:27:17 ----HD---- C:\WINNT\inf
2010-05-07 11:13:59 ----AD---- C:\WINNT\security
2010-05-06 18:12:30 ----ASD---- C:\WINNT\Tasks
2010-05-06 17:35:32 ----AD---- C:\WINNT\Temp
2010-05-06 16:32:36 ----AD---- C:\Program Files\ICQ
2010-05-06 15:28:13 ----SHD---- C:\WINNT\Installer
2010-05-06 15:13:18 ----ASHD---- C:\Config.Msi
2010-05-06 15:12:47 ----AD---- C:\Program Files\Common Files
2010-05-06 15:12:47 ----AD---- C:\Program Files
2010-05-06 13:41:17 ----D---- C:\Program Files\Mozilla Firefox
2010-05-05 15:44:59 ----D---- C:\totalcmd
2010-05-05 10:01:17 ----D---- C:\Program Files\Symantec AntiVirus
2010-05-05 10:00:27 ----D---- C:\WINNT\System32\NtmsData
2010-05-05 10:00:09 ----AD---- C:\WINNT\Debug
2010-05-05 09:58:52 ----D---- C:\WINNT\Minidump
2010-05-04 13:00:16 ----D---- C:\Program Files\SpamBayes-D
2010-05-04 12:46:22 ----A---- C:\WINNT\ODBC.INI
2010-05-04 12:07:33 ----A---- C:\WINNT\SchedLgU.Txt
2010-05-04 11:33:05 ----A---- C:\WINNT\OEWABLog.txt
2010-05-04 11:33:03 ----D---- C:\Program Files\Outlook Express
2010-05-04 11:33:03 ----D---- C:\Program Files\Common Files\System
2010-05-04 11:33:03 ----D---- C:\Program Files\Common Files\Services
2010-05-04 11:33:03 ----AD---- C:\Program Files\Common Files\Microsoft Shared
2010-05-04 11:32:33 ----AD---- C:\Documents and Settings
2010-05-04 11:09:58 ----AD---- C:\WINNT\System32\appmgmt
2010-05-03 15:05:37 ----D---- C:\zaloha
2010-04-28 14:58:02 ----D---- C:\TEMP
2010-04-28 14:52:27 ----D---- C:\ddd
2010-04-21 13:37:12 ----D---- C:\palirna
2010-04-13 10:51:42 ----A---- C:\WINNT\NeroDigital.ini
2010-04-12 16:17:49 ----D---- C:\bbb
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 GearAspiWDM;GearAspiWDM; C:\WINNT\System32\drivers\GearAspiWDM.sys [2004-07-29 14384]
R1 InCDPass;InCDPass; C:\WINNT\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 incdrm;InCD EasyWrite Reader; C:\WINNT\System32\drivers\incdrm.sys [2003-07-15 25488]
R1 WRDRV;WRDRV; C:\WINNT\system32\drivers\wrdrv.sys [2002-01-31 64000]
R3 AnyDVD;AnyDVD; C:\WINNT\System32\Drivers\AnyDVD.sys [2007-04-13 73928]
R3 ASAPIW2k;ASAPIW2K; C:\WINNT\system32\drivers\ASAPIW2k.sys [2003-12-04 11264]
R3 ElbyCDFL;ElbyCDFL; C:\WINNT\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 rtl8139;Realtek RTL8139/810x Family Fast Etnernet NIC NT Driver; C:\WINNT\System32\DRIVERS\R8139n5.SYS [2002-06-13 47926]
R3 uhcd;Ovladač univerzálního hostitelského řadiče USB; C:\WINNT\System32\DRIVERS\uhcd.sys [2000-03-20 32144]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINNT\System32\DRIVERS\usbehci.sys [2003-06-19 19728]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINNT\System32\DRIVERS\usbhub.sys [2000-03-20 40016]
R3 usbhub20;USB 2.0 Root Hub Support; C:\WINNT\System32\DRIVERS\usbhub20.sys [2003-06-19 49776]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2003-06-19 21552]
S1 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINNT\system32\drivers\ialmsbw.sys [2002-10-25 91774]
S1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; C:\WINNT\system32\drivers\DCxxMJPG.sys [2002-02-21 132604]
S1 ElbyCDIO;ElbyCDIO Driver; C:\WINNT\System32\Drivers\ElbyCDIO.sys [2007-02-28 15440]
S1 giveio;giveio; \??\C:\WINNT\system32\giveio.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINNT\System32\DRIVERS\kbdhid.sys [2000-03-08 13744]
S1 KLIF;KLIF; C:\WINNT\System32\DRIVERS\klif.sys [2010-01-14 186128]
S1 PQIMount;PQIMount; C:\WINNT\System32\drivers\PQIMount.sys [2004-07-29 46779]
S1 PVR101Disk;PVR101Disk; C:\WINNT\System32\drivers\PVR101Disk.sys [2006-10-04 7936]
S1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
S1 speedfan;speedfan; \??\C:\WINNT\system32\speedfan.sys []
S1 SYMTDI;SYMTDI; C:\WINNT\System32\Drivers\SYMTDI.SYS [2004-06-11 263736]
S2 DCamUSB20;USB 2.0 Capture; C:\WINNT\System32\Drivers\CsMini20.sys [2003-03-19 46216]
S2 HidUsb;Ovladač třídy standardu HID; C:\WINNT\System32\DRIVERS\hidusb.sys [1999-10-05 13904]
S2 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
S2 tcaicchg;tcaicchg; \??\C:\WINNT\system32\tcaicchg.sys []
S2 TCAITDI;TCAITDI Protocol; C:\WINNT\system32\DRIVERS\TCAITDI.sys [2001-09-04 19534]
S2 Usb20Scan;USB 2.0 Still Image; C:\WINNT\System32\Drivers\CresScan.sys [2002-11-05 12692]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINNT\system32\drivers\ialmkchw.sys [2002-10-25 71514]
S3 actser;actser; C:\WINNT\system32\drivers\actser.sys [2004-08-23 29440]
S3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINNT\system32\drivers\ALCXWDM.SYS [2002-09-16 941516]
S3 CCDECODE;Closed Caption Decoder; C:\WINNT\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DSI_SiUSBXp_3_1;DSI_SiUSBXp_3_1; C:\WINNT\system32\drivers\DSI_SiUSBXp_3_1.sys [2007-09-06 14848]
S3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINNT\system32\DRIVERS\EL2K_2K.sys [2003-06-04 147328]
S3 grmnusb;grmnusb; C:\WINNT\system32\drivers\grmnusb.sys [2009-01-22 8320]
S3 ialm;ialm; C:\WINNT\System32\DRIVERS\ialmnt5.sys [2005-06-21 807998]
S3 LVcKap;Logitech AEC Driver; C:\WINNT\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINNT\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINNT\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINNT\system32\DRIVERS\LVUSBSta.sys [2007-10-12 41752]
S3 mouhid;Ovladač myši standardu HID; C:\WINNT\System32\DRIVERS\mouhid.sys [2003-06-19 11632]
S3 MPE;BDA MPE Filter; C:\WINNT\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINNT\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 MXOFX;USB Storage Adapter FX (MXO); C:\WINNT\system32\DRIVERS\MXOFX.SYS [2003-10-10 32640]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINNT\system32\DRIVERS\mxopswd.sys [2004-10-07 15360]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINNT\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100504.004\naveng.sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100504.004\navex15.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINNT\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 pcouffin;VSO Software pcouffin; C:\WINNT\System32\Drivers\pcouffin.sys [2007-04-17 47360]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINNT\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINNT\System32\Drivers\RootMdm.sys [2000-03-20 6032]
S3 Ser2pl;SIEMENS Serial port driver; C:\WINNT\system32\DRIVERS\ser2pl.sys [2003-05-07 41472]
S3 SLIP;BDA Slip De-Framer; C:\WINNT\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINNT\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMREDRV;SYMREDRV; C:\WINNT\System32\Drivers\SYMREDRV.SYS [2004-06-11 16280]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINNT\system32\drivers\usbaudio.sys [1999-10-12 68912]
S3 usbprint;Třída USB Printer; C:\WINNT\System32\DRIVERS\usbprint.sys [2003-06-19 21872]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 InCDfs;InCD File System; C:\WINNT\System32\drivers\InCDfs.sys [2004-09-07 91136]
S4 IntelIde;IntelIde; C:\WINNT\System32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 _IOMEGA_ACTIVE_DISK_SERVICE_;Iomega Active Disk; C:\Program Files\Iomega\AutoDisk\ADService.exe [2002-01-24 126976]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2004-06-09 255096]
S2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2004-06-09 242808]
S2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2004-10-06 30024]
S2 GEARSecurity;GEARSecurity; C:\WINNT\System32\GEARSec.exe [2004-07-29 53248]
S2 HidServ;HID Input Service; C:\WINNT\system32\hidserv.exe [2003-06-19 19728]
S2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
S2 Iomega App Services;Iomega App Services; C:\PROGRA~1\Iomega\System32\AppServices.exe [2002-01-14 73728]
S2 IomegaAccess;IomegaAccess; C:\WINNT\system32\IomegaAccess.exe [2001-02-08 356352]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-01 1029456]
S2 LVPrcSrv;Process Monitor; c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 Norton Ghost;Norton Ghost; C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe [2004-07-29 1269760]
S2 StiSvc;Still Image Service; C:\WINNT\system32\stisvc.exe [2000-03-20 65296]
S2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2004-10-06 1275216]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2003-11-12 49152]
S2 WinRoute;WinRoute Pro 4.2; C:\Program Files\WinRoute Pro\winroute.exe [2002-02-04 507956]
S2 winvnc;VNC Server; C:\Program Files\TightVNC\WinVNC.exe [2007-05-07 589824]
S2 ZeppelinService;plasservice; C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe [2010-01-14 587216]
S2 ZipToA;ZipToA; C:\WINNT\system32\ZipToA.exe [2001-01-05 364544]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-09-05 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2004-06-09 87160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2004-10-06 173392]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2004-06-11 201944]
S4 Iomega Activity Disk2;Iomega Activity Disk2; []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nenabiha W2000 - restart
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: nenabiha W2000 - restart
v nudzovom rezime odinstaluj:
PCTools
pdfforge Toolbar
Ad-Aware
ParetoLogic
potom uvidime
PCTools
pdfforge Toolbar
Ad-Aware
ParetoLogic
potom uvidime
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nenabiha W2000 - restart
Tak jsem zkusil odinstalovat. Vybehlo okno WINDOWS INSTALLER a potom dalsi s tim, ze nejde, ze musim nejdriv nainstalovat dalsi service pack, aby mohl odinstalovat.
Re: nenabiha W2000 - restart
pustil jsme tedy na W2000 SP4, asi doslo k prepsani s opravou systemu z CD. Dam vedet.
Re: nenabiha W2000 - restart
no pokial viem SP4 bol posledny Pack PRE W2000 ,,,
vloz log z HijackThis - nieco pofixujeme
vloz log z HijackThis - nieco pofixujeme
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nenabiha W2000 - restart
tak SP4 selhalo.
NEvim, jak vlozit log z hijack. mam RSIT a COMBOFIX, hijack ne.
NEvim, jak vlozit log z hijack. mam RSIT a COMBOFIX, hijack ne.
Re: nenabiha W2000 - restart
vidim ze si sa dal cestou samostatnosti 
Combofix by sa mal pouzivat IBA na doporucenie radcu 
no vloz jeho log - hned ako sa naobedujem pozriem na to 
Combofix by sa mal pouzivat IBA na doporucenie radcu no vloz jeho log - hned ako sa naobedujem pozriem na to FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nenabiha W2000 - restart
OK? uz ho mam ztazeny, zde je HiJack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:47, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\GEARSec.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\WINNT\Explorer.EXE
C:\WINNT\system32\wuauclt.exe
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\hkcmd.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Norman Security Suite\IWTray.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Opera\opera.exe
C:\wincmd\WINCMD32.EXE
C:\aaa\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.201:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [XoS4cG] C:\WINNT\nejyycx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Spustit soubor Microsoft Office Outlook.lnk = C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} (ICASign Class) - https://ib24.csob.cz/comp/IcaSignerCZ.cab
O16 - DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} (CSOBEnroll Class) - https://ib24.csob.cz/comp/CSOBEnroll.dll
O16 - DPF: {4ADC518E-B607-11D4-B395-0001020F4519} (SigVer Class) - https://ib24.csob.cz/Comp/signer.cab
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - http://download.ica.cz/icapki.cab
O16 - DPF: {8DB83558-B5E6-4449-8E59-B91126580A99} (ICAHsmEngine Class) - https://ib24.csob.cz/comp/ICAHsmEngine.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{7BED67F7-BB23-4D44-B636-FD5074BB87FD}: NameServer = 81.19.0.67,81.19.10.34
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
--
End of file - 9439 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:47, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\GEARSec.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\WINNT\Explorer.EXE
C:\WINNT\system32\wuauclt.exe
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\hkcmd.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Norman Security Suite\IWTray.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Opera\opera.exe
C:\wincmd\WINCMD32.EXE
C:\aaa\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.201:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [XoS4cG] C:\WINNT\nejyycx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Spustit soubor Microsoft Office Outlook.lnk = C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} (ICASign Class) - https://ib24.csob.cz/comp/IcaSignerCZ.cab
O16 - DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} (CSOBEnroll Class) - https://ib24.csob.cz/comp/CSOBEnroll.dll
O16 - DPF: {4ADC518E-B607-11D4-B395-0001020F4519} (SigVer Class) - https://ib24.csob.cz/Comp/signer.cab
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - http://download.ica.cz/icapki.cab
O16 - DPF: {8DB83558-B5E6-4449-8E59-B91126580A99} (ICAHsmEngine Class) - https://ib24.csob.cz/comp/ICAHsmEngine.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{7BED67F7-BB23-4D44-B636-FD5074BB87FD}: NameServer = 81.19.0.67,81.19.10.34
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
--
End of file - 9439 bytes
Re: nenabiha W2000 - restart
OMLUVA!!!! Spustil jsem to na jinem PC, moment,
Re: nenabiha W2000 - restart
ZDE JE. Jsem z toho na mekko, omlouvam se.
Dekuji za pochopeni.
Toto je spravny HiJack.
David.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:18, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\totalcmd\TOTALCMD.EXE
C:\WINNT\Explorer.exe
T:\scanner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [MXOBG] C:\Documents and Settings\david\Local Settings\Temp\{231F68F4-70E4-41A6-BEDA-7E7934169B54}\MXOALDR.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [ParetoLogic Anti-Virus PLUS] "C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.lnk" -NM -hidesplash
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\Icq.exe -trayboot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: Active Disk - {3D057D46-029C-F53E-DCBC-C091EE655EB6} - c:\program files\iomega\autodisk\wbcdfd32.dll (file missing)
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O21 - SSODL: mtklefa - {94D226A3-FA01-4A24-3C8B-A7A2B9F5F4C2} - C:\WINNT\system32\gzbwvq32.dll (file missing)
O22 - SharedTaskScheduler: DDE - {F33812FB-F35C-4674-90F6-FD757C419C51} - (no file)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 12116 bytes
Dekuji za pochopeni.
Toto je spravny HiJack.
David.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:18, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\totalcmd\TOTALCMD.EXE
C:\WINNT\Explorer.exe
T:\scanner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [MXOBG] C:\Documents and Settings\david\Local Settings\Temp\{231F68F4-70E4-41A6-BEDA-7E7934169B54}\MXOALDR.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [ParetoLogic Anti-Virus PLUS] "C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.lnk" -NM -hidesplash
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\Icq.exe -trayboot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: Active Disk - {3D057D46-029C-F53E-DCBC-C091EE655EB6} - c:\program files\iomega\autodisk\wbcdfd32.dll (file missing)
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O21 - SSODL: mtklefa - {94D226A3-FA01-4A24-3C8B-A7A2B9F5F4C2} - C:\WINNT\system32\gzbwvq32.dll (file missing)
O22 - SharedTaskScheduler: DDE - {F33812FB-F35C-4674-90F6-FD757C419C51} - (no file)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 12116 bytes
Re: nenabiha W2000 - restart
neboooj, klidek
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O4 - HKLM\..\Run: [MXOBG] C:\Documents and Settings\david\Local Settings\Temp\{231F68F4-70E4-41A6-BEDA-7E7934169B54}\MXOALDR.EXE
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [ParetoLogic Anti-Virus PLUS] "C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.lnk" -NM -hidesplash
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O21 - SSODL: Active Disk - {3D057D46-029C-F53E-DCBC-C091EE655EB6} - c:\program files\iomega\autodisk\wbcdfd32.dll (file missing)
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O21 - SSODL: mtklefa - {94D226A3-FA01-4A24-3C8B-A7A2B9F5F4C2} - C:\WINNT\system32\gzbwvq32.dll (file missing)
O22 - SharedTaskScheduler: DDE - {F33812FB-F35C-4674-90F6-FD757C419C51} - (no file)
tieto mile polozky zaskrtni v policku vlavo a klikni na FIX CHECKED
+ restart a skus ci pojde nainstalovat MBAM - ak ano jeho log vloz - ak nie vloz log z ComboFix-u - ale cerstvy
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O4 - HKLM\..\Run: [MXOBG] C:\Documents and Settings\david\Local Settings\Temp\{231F68F4-70E4-41A6-BEDA-7E7934169B54}\MXOALDR.EXE
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [ParetoLogic Anti-Virus PLUS] "C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.lnk" -NM -hidesplash
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O21 - SSODL: Active Disk - {3D057D46-029C-F53E-DCBC-C091EE655EB6} - c:\program files\iomega\autodisk\wbcdfd32.dll (file missing)
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O21 - SSODL: mtklefa - {94D226A3-FA01-4A24-3C8B-A7A2B9F5F4C2} - C:\WINNT\system32\gzbwvq32.dll (file missing)
O22 - SharedTaskScheduler: DDE - {F33812FB-F35C-4674-90F6-FD757C419C51} - (no file)
tieto mile polozky zaskrtni v policku vlavo a klikni na FIX CHECKED
+ restart a skus ci pojde nainstalovat MBAM - ak ano jeho log vloz - ak nie vloz log z ComboFix-u - ale cerstvy
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nenabiha W2000 - restart
zaskrtl, udelal FIX CHECK, napsal ze DELETE/REPAIR, vybehlo okno This program will scan your computer ... a nic se nedeje. mam to zrestartovat?
Re: nenabiha W2000 - restart
mozes zrestartovat - skus HijackThis a pozri ci zmizli riadky, ktore sme dali FIX ???
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nenabiha W2000 - restart
tak zde je log HiJack po provedeni zmen a hned pod nim log z MBAM.
Dekuji.
David.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:38:55, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\WINNT\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
T:\scanner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\Icq.exe -trayboot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 10749 bytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databßze: 4052
Windows 5.0.2195 Service Pack 4 (Safe Mode)
Internet Explorer 6.0.2600.0000
7.5.2010 13:38:23
mbam-log-2010-05-07 (13-38-23).txt
Typ skenu: Rychlř sken
SkenovanÚ objekty: 157494
Uplynulř Ŕas: 13 minuta(y), 13 sekunda(y)
InfikovanÚ procesy v pamýti: 0
InfikovanÚ moduly v pamýti: 0
InfikovanÚ klÝŔe registru: 5
InfikovanÚ hodnoty registru: 0
InfikovanÚ datovÚ polo×ky registru: 3
InfikovanÚ slo×ky: 0
InfikovanÚ soubory: 260
InfikovanÚ procesy v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ moduly v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ klÝŔe registru:
HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.Winad) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary.1 (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject.1 (Adware.EGDAccess) -> No action taken.
InfikovanÚ hodnoty registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ datovÚ polo×ky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
InfikovanÚ slo×ky:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ soubory:
C:\WINNT\Temp\DWH108C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12E5.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH13F7.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1448.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH15AC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1645.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1650.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1733.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1765.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1803.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1847.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1AA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1B54.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1E23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1F86.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1F90.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2075.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH21BE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2405.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2491.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH24C8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2871.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A0F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A4A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH2AB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2C61.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2E52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2EB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F82.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH30D2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH31CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH31D0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH33AC.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH347F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH34CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH34F9.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH35AE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH35E1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35EE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3656.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3811.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH398B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3A34.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3C55.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3CEB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH3E62.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3EAD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4037.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH413.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH41ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4290.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4322.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH432F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH43A2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH43A7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4557.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4567.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4572.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH46E6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4842.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH48F9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH493C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4969.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4AFC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4B5F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4C91.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH4D47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4D9F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EDD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4F56.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH50DB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH51D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH524F.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH52C9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5323.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH539C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5402.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5472.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5550.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5580.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH55A0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH55B6.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH56BD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5784.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5892.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5899.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5977.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5A47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C1C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C6F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5D1D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5F5D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5F92.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6139.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH62C4.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH62E.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH62E2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6309.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6377.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH63F1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH656E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6683.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH66AB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6705.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6762.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6880.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6912.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6A6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6A93.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6AA7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6CC0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D7D.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH6EB1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6EB4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6F32.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH70C7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH71D6.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH732A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7486.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH75D3.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7702.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7715.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH779E.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7800.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7AD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7B66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7BBA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7BFD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7C23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7D99.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7E07.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7FE5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7FEF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH807C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH808.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH822D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8261.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH82C9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8347.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH856A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH859E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH88FE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH89C0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8A01.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8AC9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH8BC2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D4A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8DE4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8F7C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8FF8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH913A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9161.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH920B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9489.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH98A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH99E8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH99FA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9A3A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH9D3B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9DF2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9E16.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EAF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EFD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9FE6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0E0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0F5.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA1CC.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA20A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA218.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA37B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA44D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA4F4.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA81.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA8A0.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWHAAF2.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAB9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHABA5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAC8B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHAE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB08.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB117.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB223.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB310.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB4BB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHB56C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB6B7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB7A9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB7B9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB85F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB9BD.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHBAA2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBE9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBF2C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBFA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC088.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC0F0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC2C0.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC4C5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC71A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC734.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC7BB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC889.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCA43.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD45.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD5A.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCF50.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD43B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD543.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD636.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHD807.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD83D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD97B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDAA7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDB0C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDC4C.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHDD4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDFF7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE038.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE03B.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE442.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE4E8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE50C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE513.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE568.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE74A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE839.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE98C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE993.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE99F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE17.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE7D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHEEBE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF0EA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF11.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF330.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF451.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF524.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF582.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHF70E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF747.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF771.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF94B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFA30.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFA9F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFBB2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFFBE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\system32\vx.tll (Malware.Trace) -> No action taken.
Dekuji.
David.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:38:55, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\WINNT\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
T:\scanner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\Icq.exe -trayboot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 10749 bytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databßze: 4052
Windows 5.0.2195 Service Pack 4 (Safe Mode)
Internet Explorer 6.0.2600.0000
7.5.2010 13:38:23
mbam-log-2010-05-07 (13-38-23).txt
Typ skenu: Rychlř sken
SkenovanÚ objekty: 157494
Uplynulř Ŕas: 13 minuta(y), 13 sekunda(y)
InfikovanÚ procesy v pamýti: 0
InfikovanÚ moduly v pamýti: 0
InfikovanÚ klÝŔe registru: 5
InfikovanÚ hodnoty registru: 0
InfikovanÚ datovÚ polo×ky registru: 3
InfikovanÚ slo×ky: 0
InfikovanÚ soubory: 260
InfikovanÚ procesy v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ moduly v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ klÝŔe registru:
HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.Winad) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary.1 (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject.1 (Adware.EGDAccess) -> No action taken.
InfikovanÚ hodnoty registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ datovÚ polo×ky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
InfikovanÚ slo×ky:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ soubory:
C:\WINNT\Temp\DWH108C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12E5.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH13F7.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1448.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH15AC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1645.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1650.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1733.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1765.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1803.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1847.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1AA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1B54.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1E23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1F86.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1F90.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2075.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH21BE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2405.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2491.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH24C8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2871.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A0F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A4A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH2AB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2C61.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2E52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2EB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F82.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH30D2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH31CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH31D0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH33AC.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH347F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH34CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH34F9.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH35AE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH35E1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35EE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3656.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3811.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH398B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3A34.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3C55.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3CEB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH3E62.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3EAD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4037.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH413.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH41ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4290.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4322.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH432F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH43A2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH43A7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4557.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4567.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4572.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH46E6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4842.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH48F9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH493C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4969.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4AFC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4B5F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4C91.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH4D47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4D9F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EDD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4F56.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH50DB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH51D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH524F.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH52C9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5323.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH539C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5402.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5472.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5550.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5580.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH55A0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH55B6.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH56BD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5784.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5892.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5899.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5977.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5A47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C1C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C6F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5D1D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5F5D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5F92.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6139.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH62C4.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH62E.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH62E2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6309.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6377.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH63F1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH656E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6683.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH66AB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6705.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6762.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6880.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6912.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6A6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6A93.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6AA7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6CC0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D7D.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH6EB1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6EB4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6F32.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH70C7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH71D6.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH732A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7486.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH75D3.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7702.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7715.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH779E.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7800.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7AD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7B66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7BBA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7BFD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7C23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7D99.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7E07.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7FE5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7FEF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH807C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH808.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH822D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8261.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH82C9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8347.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH856A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH859E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH88FE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH89C0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8A01.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8AC9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH8BC2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D4A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8DE4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8F7C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8FF8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH913A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9161.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH920B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9489.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH98A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH99E8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH99FA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9A3A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH9D3B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9DF2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9E16.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EAF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EFD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9FE6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0E0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0F5.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA1CC.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA20A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA218.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA37B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA44D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA4F4.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA81.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA8A0.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWHAAF2.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAB9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHABA5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAC8B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHAE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB08.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB117.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB223.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB310.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB4BB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHB56C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB6B7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB7A9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB7B9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB85F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB9BD.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHBAA2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBE9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBF2C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBFA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC088.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC0F0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC2C0.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC4C5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC71A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC734.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC7BB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC889.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCA43.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD45.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD5A.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCF50.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD43B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD543.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD636.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHD807.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD83D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD97B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDAA7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDB0C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDC4C.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHDD4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDFF7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE038.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE03B.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE442.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE4E8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE50C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE513.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE568.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE74A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE839.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE98C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE993.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE99F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE17.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE7D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHEEBE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF0EA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF11.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF330.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF451.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF524.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF582.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHF70E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF747.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF771.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF94B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFA30.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFA9F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFBB2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFFBE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\system32\vx.tll (Malware.Trace) -> No action taken.
Re: nenabiha W2000 - restart
tak zde je log HiJack po provedeni zmen a hned pod nim log z MBAM.
Dekuji.
David.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:38:55, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\WINNT\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
T:\scanner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\Icq.exe -trayboot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 10749 bytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databßze: 4052
Windows 5.0.2195 Service Pack 4 (Safe Mode)
Internet Explorer 6.0.2600.0000
7.5.2010 13:38:23
mbam-log-2010-05-07 (13-38-23).txt
Typ skenu: Rychlř sken
SkenovanÚ objekty: 157494
Uplynulř Ŕas: 13 minuta(y), 13 sekunda(y)
InfikovanÚ procesy v pamýti: 0
InfikovanÚ moduly v pamýti: 0
InfikovanÚ klÝŔe registru: 5
InfikovanÚ hodnoty registru: 0
InfikovanÚ datovÚ polo×ky registru: 3
InfikovanÚ slo×ky: 0
InfikovanÚ soubory: 260
InfikovanÚ procesy v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ moduly v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ klÝŔe registru:
HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.Winad) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary.1 (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject.1 (Adware.EGDAccess) -> No action taken.
InfikovanÚ hodnoty registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ datovÚ polo×ky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
InfikovanÚ slo×ky:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ soubory:
C:\WINNT\Temp\DWH108C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12E5.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH13F7.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1448.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH15AC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1645.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1650.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1733.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1765.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1803.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1847.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1AA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1B54.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1E23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1F86.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1F90.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2075.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH21BE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2405.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2491.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH24C8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2871.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A0F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A4A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH2AB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2C61.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2E52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2EB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F82.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH30D2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH31CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH31D0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH33AC.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH347F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH34CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH34F9.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH35AE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH35E1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35EE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3656.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3811.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH398B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3A34.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3C55.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3CEB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH3E62.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3EAD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4037.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH413.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH41ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4290.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4322.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH432F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH43A2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH43A7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4557.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4567.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4572.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH46E6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4842.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH48F9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH493C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4969.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4AFC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4B5F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4C91.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH4D47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4D9F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EDD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4F56.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH50DB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH51D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH524F.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH52C9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5323.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH539C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5402.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5472.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5550.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5580.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH55A0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH55B6.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH56BD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5784.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5892.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5899.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5977.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5A47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C1C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C6F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5D1D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5F5D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5F92.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6139.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH62C4.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH62E.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH62E2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6309.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6377.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH63F1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH656E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6683.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH66AB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6705.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6762.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6880.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6912.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6A6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6A93.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6AA7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6CC0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D7D.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH6EB1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6EB4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6F32.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH70C7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH71D6.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH732A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7486.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH75D3.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7702.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7715.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH779E.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7800.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7AD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7B66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7BBA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7BFD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7C23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7D99.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7E07.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7FE5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7FEF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH807C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH808.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH822D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8261.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH82C9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8347.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH856A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH859E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH88FE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH89C0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8A01.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8AC9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH8BC2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D4A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8DE4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8F7C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8FF8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH913A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9161.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH920B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9489.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH98A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH99E8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH99FA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9A3A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH9D3B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9DF2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9E16.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EAF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EFD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9FE6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0E0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0F5.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA1CC.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA20A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA218.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA37B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA44D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA4F4.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA81.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA8A0.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWHAAF2.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAB9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHABA5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAC8B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHAE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB08.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB117.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB223.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB310.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB4BB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHB56C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB6B7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB7A9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB7B9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB85F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB9BD.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHBAA2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBE9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBF2C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBFA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC088.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC0F0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC2C0.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC4C5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC71A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC734.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC7BB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC889.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCA43.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD45.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD5A.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCF50.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD43B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD543.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD636.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHD807.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD83D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD97B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDAA7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDB0C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDC4C.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHDD4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDFF7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE038.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE03B.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE442.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE4E8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE50C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE513.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE568.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE74A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE839.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE98C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE993.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE99F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE17.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE7D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHEEBE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF0EA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF11.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF330.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF451.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF524.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF582.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHF70E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF747.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF771.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF94B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFA30.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFA9F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFBB2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFFBE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\system32\vx.tll (Malware.Trace) -> No action taken.
Dekuji.
David.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:38:55, on 7.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
C:\WINNT\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
T:\scanner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\Icq.exe -trayboot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 10749 bytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databßze: 4052
Windows 5.0.2195 Service Pack 4 (Safe Mode)
Internet Explorer 6.0.2600.0000
7.5.2010 13:38:23
mbam-log-2010-05-07 (13-38-23).txt
Typ skenu: Rychlř sken
SkenovanÚ objekty: 157494
Uplynulř Ŕas: 13 minuta(y), 13 sekunda(y)
InfikovanÚ procesy v pamýti: 0
InfikovanÚ moduly v pamýti: 0
InfikovanÚ klÝŔe registru: 5
InfikovanÚ hodnoty registru: 0
InfikovanÚ datovÚ polo×ky registru: 3
InfikovanÚ slo×ky: 0
InfikovanÚ soubory: 260
InfikovanÚ procesy v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ moduly v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ klÝŔe registru:
HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.Winad) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary.1 (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject.1 (Adware.EGDAccess) -> No action taken.
InfikovanÚ hodnoty registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ datovÚ polo×ky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
InfikovanÚ slo×ky:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)
InfikovanÚ soubory:
C:\WINNT\Temp\DWH108C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12E5.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH13F7.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1448.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH15AC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1645.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1650.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1733.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1765.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1803.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1847.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1AA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1B54.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1E23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1F86.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1F90.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2075.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH21BE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2405.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2491.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH24C8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2871.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A0F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A4A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH2AB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2C61.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2E52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2EB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F82.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH30D2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH31CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH31D0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH33AC.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH347F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH34CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH34F9.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH35AE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH35E1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35EE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3656.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3811.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH398B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3A34.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3C55.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3CEB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH3E62.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3EAD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4037.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH413.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH41ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4290.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4322.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH432F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH43A2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH43A7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4557.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4567.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4572.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH46E6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4842.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH48F9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH493C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4969.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4AFC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4B5F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4C91.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH4D47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4D9F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EDD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4F56.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH50DB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH51D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH524F.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH52C9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5323.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH539C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5402.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5472.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5550.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5580.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH55A0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH55B6.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH56BD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5784.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5892.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5899.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5977.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5A47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C1C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C6F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5D1D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5F5D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5F92.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6139.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH62C4.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH62E.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH62E2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6309.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6377.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH63F1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH656E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6683.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH66AB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6705.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6762.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6880.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6912.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6A6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6A93.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6AA7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6CC0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D7D.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH6EB1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6EB4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6F32.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH70C7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH71D6.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH732A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7486.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH75D3.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7702.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7715.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH779E.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7800.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7AD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7B66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7BBA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7BFD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7C23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7D99.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7E07.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7FE5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7FEF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH807C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH808.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH822D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8261.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH82C9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8347.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH856A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH859E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH88FE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH89C0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8A01.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8AC9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH8BC2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D4A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8DE4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8F7C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8FF8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH913A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9161.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH920B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9489.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH98A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH99E8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH99FA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9A3A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH9D3B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9DF2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9E16.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EAF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EFD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9FE6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0E0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0F5.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA1CC.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA20A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA218.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA37B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA44D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA4F4.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA81.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA8A0.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWHAAF2.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAB9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHABA5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAC8B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHAE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB08.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB117.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB223.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB310.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB4BB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHB56C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB6B7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB7A9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB7B9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB85F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB9BD.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHBAA2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBE9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBF2C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBFA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC088.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC0F0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC2C0.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC4C5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC71A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC734.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC7BB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC889.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCA43.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD45.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD5A.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCF50.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD43B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD543.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD636.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHD807.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD83D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD97B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDAA7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDB0C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDC4C.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHDD4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDFF7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE038.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE03B.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE442.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE4E8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE50C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE513.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE568.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE74A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE839.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE98C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE993.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE99F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE17.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE7D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHEEBE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF0EA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF11.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF330.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF451.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF524.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF582.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHF70E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF747.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF771.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF94B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFA30.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFA9F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFBB2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFFBE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\system32\vx.tll (Malware.Trace) -> No action taken.
Přispějete na provoz fóra?