Kontrola logu - problémy s internetem

Zpráva

pospecc · #1 Příspěvek od **pospecc** » 11 kvě 2010 15:15

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucie Drhovská at 2010-05-11 16:13:48
WIN_XP Service Pack 2
System drive C: has 72 GB (63%) free of 114 GB
Total RAM: 894 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:14:04, on 11.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Launch Manager\LaunchAp.exe
C:\Launch Manager\HotkeyApp.exe
C:\Launch Manager\OSD.exe
C:\Launch Manager\OSDCtrl.exe
C:\Launch Manager\Wbutton.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerDVD\PDVDServ.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\ICQ6.5\ICQ.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Antivirus a ostatní\RSIT.exe
C:\Program Files\trend micro\Lucie Drhovská.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrVolOSD] C:\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-4277668352-1453076555-2304208586-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C3F858B-AABC-4475-81C6-0685FDFB8A98}: NameServer = 88.103.219.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 5927 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-02 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-01-20 761946]
"SMSERIAL"=C:\WINDOWS\sm56hlpr.exe [2005-11-10 557056]
"LaunchAp"=C:\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Launch Manager\HotkeyApp.exe [2005-07-28 57344]
"LMgrVolOSD"=C:\Launch Manager\OSD.exe [2005-03-16 204800]
"LMgrOSD"=C:\Launch Manager\OSDCtrl.exe [2005-07-25 241664]
"Wbutton"=C:\Launch Manager\Wbutton.exe [2005-07-25 81920]
"CtrlVol"=C:\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-18 16207872]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"RemoteControl"=C:\Program Files\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"RegistryMechanic"= []
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-09-23 921600]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-11-29 258048]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-02 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
"ICQ"=C:\PROGRA~1\ICQ6.5\ICQ.exe [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
VPN Client.lnk - C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-08 61440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae3a56c6-61f1-11dc-94f8-00c0a8c3839a}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1ab2eb6-775b-11dc-9515-00c0a8c3839a}]
shell\AutoRun\command - E:\setupSNK.exe

======File associations======

.txt - open - C:\WINDOWS\notepad.exe %1

======List of files/folders created in the last 1 months======

2010-05-11 16:13:48 ----D---- C:\rsit
2010-05-11 16:13:48 ----D---- C:\Program Files\trend micro
2010-05-11 15:51:35 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Malwarebytes
2010-05-11 15:50:30 ----D---- C:\Program Files\WinPcap
2010-05-11 15:49:59 ----D---- C:\Program Files\Cain
2010-05-11 15:47:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-05-11 15:47:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of files/folders modified in the last 1 months======

2010-05-11 16:13:48 ----RD---- C:\Program Files
2010-05-11 16:11:30 ----D---- C:\WINDOWS\Temp
2010-05-11 16:09:48 ----D---- C:\WINDOWS\system32\drivers
2010-05-11 16:09:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-11 16:07:21 ----SHD---- C:\WINDOWS\Installer
2010-05-11 16:07:18 ----D---- C:\Program Files\Java
2010-05-11 16:07:18 ----D---- C:\Program Files\Common Files
2010-05-11 16:06:35 ----AD---- C:\WINDOWS\system32
2010-05-11 16:01:31 ----D---- C:\WINDOWS\Prefetch
2010-05-11 16:00:06 ----D---- C:\Program Files\Google
2010-05-11 15:57:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-11 15:50:27 ----D---- C:\WINDOWS
2010-05-11 14:52:42 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\skypePM
2010-05-10 23:24:07 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-18 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 VCAM;Webcam Simulator; C:\WINDOWS\system32\DRIVERS\vcam.sys [2006-08-10 10624]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-09-15 468768]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-08 1506816]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-18 14080]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-16 4275712]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-11-01 51584]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-01-20 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-18 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-18 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-18 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-01-26 12028032]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-18 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-02 153376]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-09-23 507904]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-18 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-08 405504]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 11 kvě 2010 15:18

Zdravím

Vložte do PC všechny flash disky, které používáte.

Obrázek

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

Spusťte, poté zvolte jazyk E - Enter
Zvolte 2 - Enter (je možný restart PC)
Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

pospecc · #3 Příspěvek od **pospecc** » 11 kvě 2010 16:12

notebook je kamaráda. Flashka je tam moje, s tou nechci nic dělat.

Po spuštění OTL mi program zamrzl a neudělal nic.

Zkouším teď ještě Malwarebyte´s jestli ten něco nenajde...

#4 Příspěvek od **Caroprd111** » 11 kvě 2010 16:14

Vir se možná nachází na flash discích, proto je potřeba všechny používané připojit. Zkuste spustit OTL bez skriptu a nespouštějte žádné další programy bez mého pokynu.

pospecc · #5 Příspěvek od **pospecc** » 11 kvě 2010 16:23

Dobrá, tady je tedy log:

OTL logfile created on: 11.5.2010 17:19:10 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Lucie Drhovská\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

894,00 Mb Total Physical Memory | 446,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 70,33 Gb Free Space | 62,91% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 953,58 Mb Total Space | 91,81 Mb Free Space | 9,63% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: N-A4215AF8E1534
Current User Name: Lucie Drhovská
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.11 16:22:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucie Drhovská\Plocha\OTL.exe
PRC - [2007.09.23 18:36:44 | 000,921,600 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2007.09.23 18:36:44 | 000,507,904 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2007.04.03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2006.11.29 16:11:30 | 000,258,048 | ---- | M] (SONIX) -- C:\WINDOWS\tsnp2std.exe
PRC - [2006.09.15 13:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2005.07.28 11:08:34 | 000,057,344 | ---- | M] (Wistron) -- C:\Launch Manager\HotkeyApp.exe
PRC - [2005.07.25 13:36:40 | 000,032,768 | ---- | M] () -- C:\Launch Manager\LaunchAp.exe
PRC - [2005.07.25 13:34:28 | 000,081,920 | ---- | M] () -- C:\Launch Manager\WButton.exe
PRC - [2005.07.25 10:45:00 | 000,241,664 | ---- | M] () -- C:\Launch Manager\OSDCtrl.exe
PRC - [2005.03.16 13:52:02 | 000,204,800 | ---- | M] (Wistron) -- C:\Launch Manager\OSD.exe
PRC - [2004.11.02 21:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\PowerDVD\PDVDServ.exe
PRC - [2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.05.11 16:22:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucie Drhovská\Plocha\OTL.exe
MOD - [2005.04.07 11:50:14 | 001,053,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll
MOD - [2004.08.18 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2007.11.06 22:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007.09.23 18:36:44 | 000,507,904 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2007.04.03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)

========== Driver Services (SafeList) ==========

DRV - [2007.11.06 22:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007.09.23 18:36:45 | 000,502,368 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2007.04.03 16:17:08 | 000,306,295 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007.01.31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007.01.26 16:48:28 | 012,028,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007.01.18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.08.10 19:52:40 | 000,010,624 | ---- | M] (Webcam Simulator) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vcam.sys -- (VCAM)
DRV - [2006.05.16 17:32:58 | 004,275,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.03.08 23:49:20 | 001,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.27 05:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.01.20 18:58:36 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005.11.16 20:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005.11.01 18:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005.11.01 17:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.10.12 13:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2005.09.15 01:49:52 | 000,468,768 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005.08.18 17:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2005.08.18 17:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2005.01.26 08:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2005.01.11 17:58:48 | 000,030,976 | ---- | M] (Silicon Integrated Systems Corp) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\SiSRaid2.sys -- (SiSRaid2)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.09.29 22:36:29 | 000,015,360 | RH-- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2004.08.18 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2003.04.28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HOTKEY.sys -- (Hotkey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
IE - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.08 08:18:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.08 08:18:21 | 000,000,000 | ---D | M]

[2009.03.22 19:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Extensions
[2010.05.05 22:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\extensions
[2009.08.04 20:48:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.02 17:59:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-1.xml
[2009.08.07 21:34:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-10.xml
[2009.09.12 12:49:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-11.xml
[2009.10.30 23:33:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-12.xml
[2009.12.25 16:32:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-13.xml
[2010.01.10 00:10:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-14.xml
[2010.02.28 22:51:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-15.xml
[2010.03.26 01:25:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-16.xml
[2010.04.08 08:18:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-17.xml
[2009.03.22 20:07:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-2.xml
[2009.03.25 20:25:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-3.xml
[2009.04.14 16:09:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-4.xml
[2009.05.04 19:06:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-5.xml
[2009.05.04 19:52:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-6.xml
[2009.06.16 12:05:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-7.xml
[2009.08.03 21:22:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-8.xml
[2009.08.04 20:52:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin-9.xml
[2008.03.31 09:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin.gif
[2008.03.31 09:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin.src
[2009.03.01 14:02:44 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Mozilla\Firefox\Profiles\rqqx78ni.default\searchplugins\icqplugin.xml
[2010.05.05 22:11:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.03.24 18:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.14 23:03:07 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.14 23:03:07 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.14 23:03:07 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.14 23:03:07 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.14 23:03:07 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2004.08.18 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [CtrlVol] C:\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [HotkeyApp] C:\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LaunchAp] C:\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [LMgrVolOSD] C:\Launch Manager\OSD.exe (Wistron)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [RegistryMechanic] File not found
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe (SONIX)
O4 - HKLM..\Run: [Wbutton] C:\Launch Manager\Wbutton.exe ()
O4 - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4277668352-1453076555-2304208586-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_15.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Lucie Drhovská\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lucie Drhovská\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.08 03:03:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ae3a56c6-61f1-11dc-94f8-00c0a8c3839a}\Shell - "" = AutoRun
O33 - MountPoints2\{e1ab2eb6-775b-11dc-9515-00c0a8c3839a}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.05.11 17:21:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.05.11 17:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.05.11 17:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.05.11 16:45:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lucie Drhovská\Recent
[2010.05.11 16:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2010.05.11 16:22:06 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lucie Drhovská\Plocha\OTL.exe
[2010.05.11 16:20:14 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.05.11 16:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.05.11 16:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.11 16:13:48 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.11 15:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Malwarebytes
[2010.05.11 15:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010.05.11 15:49:59 | 000,000,000 | ---D | C] -- C:\Program Files\Cain
[2010.05.11 15:47:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.05.11 15:47:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.05.11 15:47:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.05.11 15:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.02 17:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucie Drhovská\Dokumenty\Přijaté soubory
[2007.09.28 17:19:16 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2007.09.28 17:19:16 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[33 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.11 17:20:33 | 004,718,592 | -H-- | M] () -- C:\Documents and Settings\Lucie Drhovská\NTUSER.DAT
[2010.05.11 17:16:35 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\Spybot - Search & Destroy.lnk
[2010.05.11 16:22:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucie Drhovská\Plocha\OTL.exe
[2010.05.11 16:20:20 | 001,779,243 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\UsbFix.exe
[2010.05.11 16:10:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.11 16:10:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.11 16:10:05 | 937,668,608 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.11 16:09:21 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Lucie Drhovská\ntuser.ini
[2010.05.11 16:09:16 | 009,678,056 | -H-- | M] () -- C:\Documents and Settings\Lucie Drhovská\Local Settings\Data aplikací\IconCache.db
[2010.05.11 15:50:14 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\Cain.lnk
[2010.05.11 15:47:51 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.05.10 21:14:59 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.05 23:13:53 | 000,125,492 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\Video call snapshot 4.png
[2010.05.05 21:52:05 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.23 20:59:38 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Lucie Drhovská\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.23 20:56:07 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[33 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.11 17:16:35 | 000,000,939 | ---- | C] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\Spybot - Search & Destroy.lnk
[2010.05.11 16:20:09 | 001,779,243 | ---- | C] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\UsbFix.exe
[2010.05.11 15:50:14 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\Cain.lnk
[2010.05.11 15:47:51 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.05.05 23:13:50 | 000,125,492 | ---- | C] () -- C:\Documents and Settings\Lucie Drhovská\Plocha\Video call snapshot 4.png
[2007.11.06 22:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007.09.28 17:19:18 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2007.09.28 17:19:17 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2007.09.28 17:19:16 | 012,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2007.07.08 22:20:36 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.14 20:18:29 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.04.03 16:18:26 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007.04.03 16:18:06 | 000,193,576 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006.12.26 20:42:05 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006.12.26 20:40:54 | 000,001,656 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2006.12.26 20:40:46 | 000,002,164 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2006.12.26 20:33:10 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.11.07 16:39:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cam1690m.dll
[2006.11.06 20:01:12 | 000,004,039 | ---- | C] () -- C:\WINDOWS\cam1690.ini
[2006.09.08 08:39:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.08 05:51:01 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2006.09.08 05:51:01 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2006.09.08 05:51:01 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2006.09.08 05:51:01 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2006.09.08 05:51:01 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2006.09.08 05:51:01 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2006.09.08 05:51:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2006.09.08 05:51:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2006.09.08 05:51:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2006.09.08 05:50:57 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006.09.08 05:49:01 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[2006.09.08 03:55:29 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini
[2006.09.08 03:54:55 | 000,009,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2006.09.08 03:06:52 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.09.08 03:00:18 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.07.15 20:35:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004.08.18 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.08.18 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004.03.01 10:43:09 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2004.03.01 08:53:21 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003.09.30 12:47:47 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2003.09.30 12:47:47 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.09.30 12:47:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.09.30 12:47:47 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003.09.30 12:47:46 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2003.09.30 12:47:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.03.21 14:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002.03.21 14:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002.03.21 14:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002.03.21 14:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002.03.21 14:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002.03.21 14:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002.03.21 14:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002.03.20 23:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2001.10.28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2001.03.30 22:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll

========== LOP Check ==========

[2006.12.26 21:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2007.08.21 18:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg7
[2009.03.24 18:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.09.28 16:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PY_Software
[2007.04.14 20:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG7
[2006.12.26 21:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\ACD Systems
[2007.08.21 11:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\AVG7
[2010.05.11 17:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\ICQ
[2006.12.28 17:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\ICQLite
[2006.12.27 17:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Template
[2009.09.17 21:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Zoner

========== Purity Check ==========

< End of report >

pospecc · #6 Příspěvek od **pospecc** » 11 kvě 2010 16:24

a tady extras.txt:

OTL Extras logfile created on: 11.5.2010 17:19:10 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Lucie Drhovská\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

894,00 Mb Total Physical Memory | 446,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 70,33 Gb Free Space | 62,91% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 953,58 Mb Total Space | 91,81 Mb Free Space | 9,63% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: N-A4215AF8E1534
Current User Name: Lucie Drhovská
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{55FA89BD-21D3-42F7-9249-C94C0094A83C}" = Apple Software Update
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{90AF0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{92110405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{940E5F97-1FD4-4B6E-8FD9-804691ACB8D7}" = JPEG USB Video Camera Driver v0.81
"{9D1C26BD-E792-4159-9D16-07EA222D8EF0}" = Windows Messenger 5.1
"{AC76BA86-7AD7-1029-7B44-A70500000002}" = Adobe Reader 7.0.5 - Czech
"{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}" = ACDSee 5.0 Standard
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61CAD5A-6B93-4C52-83D9-F74853010C04}" = ATI Catalyst Control Center
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.3.8
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v2.1
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3CBA4E6-436E-4B51-9651-93830EE38616}" = Windows Messenger 5.1 MUI Pack
"Ad-Aware SE Professional" = Ad-Aware SE Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"Cain & Abel v4.9.25" = Cain & Abel v4.9.25
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.1.7
"HijackThis" = HijackThis 2.0.2
"Krteček 1.9 beta 7_is1" = Krteček 1.9 beta 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NeroVision!UninstallKey" = Nero Digital
"NOD32" = Antivirový systém NOD32
"NVEContent!UninstallKey" = NeroVision Express Content
"Registry Mechanic_is1" = Registry Mechanic 5.0
"Rocket Mania 1.01" = Rocket Mania 1.01
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WGA" = Windows Genuine Advantage Validation Tool
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = Compresor WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.3.2010 14:29:25 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 22.3.2010 15:29:25 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 23.4.2010 15:29:06 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 23.4.2010 16:29:05 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 23.4.2010 17:29:05 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 2.5.2010 11:47:58 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 10.5.2010 15:29:05 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 10.5.2010 16:29:05 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 10.5.2010 17:29:05 | Computer Name = N-A4215AF8E1534 | Source = Google Update | ID = 20
Description =

Error - 11.5.2010 11:10:25 | Computer Name = N-A4215AF8E1534 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.4.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 11.5.2010 9:56:17 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 11.5.2010 9:56:17 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 11.5.2010 10:10:21 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 11.5.2010 10:10:21 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 11.5.2010 10:10:23 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 11.5.2010 10:10:23 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 11.5.2010 10:23:11 | Computer Name = N-A4215AF8E1534 | Source = SRService | ID = 104
Description = Proces inicializace nástroje Obnovení systému se nezdařil.

Error - 11.5.2010 11:20:49 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 11.5.2010 11:20:54 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 11.5.2010 11:21:10 | Computer Name = N-A4215AF8E1534 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1083 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

< End of report >

#7 Příspěvek od **Caroprd111** » 11 kvě 2010 16:28

Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.

Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Obrázek

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

pospecc · #8 Příspěvek od **pospecc** » 11 kvě 2010 16:39

############################## | UsbFix V6.112 |

User : Lucie Drhovská (Administrators) # N-A4215AF8E1534
Update on 09/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:32:12 | 11.5.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Internet Explorer 6.0.2900.2180
Windows Firewall Status : Enabled

################## | Files # Infected Folders |

Deleted ! C:\Recycler\S-1-5-21-2863950874-5903395-419855666-1003
Deleted ! C:\Recycler\S-1-5-21-4277668352-1453076555-2304208586-1006
Deleted ! C:\Recycler\S-1-5-21-454374325-1859104809-780591500-1003

################## | Registry |

################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{ae3a56c6-61f1-11dc-94f8-00c0a8c3839a}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{e1ab2eb6-775b-11dc-9515-00c0a8c3839a}\Shell\AutoRun\Command

################## | Listing of the present files |

[08.09.2006 03:03|--a------|0] C:\AUTOEXEC.BAT
[15.12.2009 17:51|---hs----|211] C:\boot.ini
[18.08.2004 14:00|-rahs----|4952] C:\Bootfont.bin
[08.09.2006 03:03|--a------|0] C:\CONFIG.SYS
[25.12.2006 13:46|--a------|27] C:\expand.txt
[15.11.2007 13:27|--a------|3158] C:\fftrlog.txt
[08.09.2006 05:53|--a------|779] C:\FSP811n01561.dat
[?|?|?] C:\hiberfil.sys
[08.09.2006 03:03|-rahs----|0] C:\IO.SYS
[08.09.2006 03:03|-rahs----|0] C:\MSDOS.SYS
[18.08.2004 14:00|-rahs----|47564] C:\NTDETECT.COM
[08.09.2006 03:24|-rahs----|250576] C:\ntldr
[04.08.2004 14:00|--a------|2] C:\oem.tag
[?|?|?] C:\pagefile.sys
[08.09.2006 05:53|---h-----|1220] C:\Prodlog.txt
[28.09.2007 15:49|--a------|460824] C:\snp2sxp-001.raw
[11.05.2010 17:35|--a------|1719] C:\UsbFix.txt
[14.08.2009 10:13|--a------|27648] E:\ESC_sekvence_pro_EPSON_88_a_220.doc
[05.08.2009 10:55|--a------|32378] E:\FW prosba o zasl nˇ firmware.htm
[17.12.2004 22:29|-ra------|16384] E:\Sablona_DBF_EKONOM.xls

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# E:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_N-A4215AF8E1534.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.112 ! |

#9 Příspěvek od **Caroprd111** » 11 kvě 2010 16:41

Caroprd111 píše:Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.

Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"

Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

pospecc · #10 Příspěvek od **pospecc** » 11 kvě 2010 16:43

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\all users\nabídka start\programy\xp office crack\odblokovat xp office.lnk
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\alchemy deluxe 1.6\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\winap.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus-1.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus-2.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus0.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus1.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus10.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus11.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus12.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus13.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus14.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus15.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus16.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus17.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus18.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus19.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus2.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus20.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus21.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus22.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus23.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus24.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus25.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus26.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus27.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus28.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus29.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus3.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus30.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus4.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus5.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus6.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus7.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus8.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\bonus9.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\descriptor.xcf
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\data\descriptor.xcf.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\properties\partner.xml
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\properties\partner.xml.sig
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\astropop deluxe 1.0.0.1\crack\properties\resources.xml
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\atomica deluxe 2.52\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\bejeweled 2 deluxe 1.0\crack\winbej2.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\bookworm deluxe\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\dynomite deluxe 2.71\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\ancient tripeaks\crack\tripeaks_kg.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\black jack\crack\blackjack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\bounce out blitz\crack\bo2res.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\chainz\crack\chainzres.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\collapse! crunch\crack\col3res.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\collapse! ii\crack\relapse.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\combo chaos\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\fiber twig\crack\fiberres.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\fruit frolic\crack\serial.txt
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\gem drop\crack\supergemdrop1.1.3registrar.reg
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\glinx\crack\glinx.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\hello\crack\hello!_1.15_crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\jewel quest\crack\jewelres.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\magic inlay\crack\magic.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\mahjong\crack\mahjong.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\nisqually\crack\supernisqually1.1registrar.reg
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\pop n drop\crack\popndrop.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\rumble cube\crack\serial.txt
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\shape shifter\crack\shape.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\solitaire 1\crack\supersolitaire1_106registrar.reg
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\solitaire 2\crack\ghsol2.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\solitaire 3\crack\crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part i\part i\zuma\crack\zumares.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\adventure inlay\adventure_inlay_1.00_gh_crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\holiday express\crack\holexpres.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\iggle pop\iggle_pop!_gh_crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\incadia\incadia_1.03_gh_crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\incredibleink\crack\sdl.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\incredibleink\crack\sdl_i.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\insaniquarium\crack_insaniquarium10.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part ii\part ii\mah jong medley\mah_jong_medley_2.0_crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part iii\part iii\crystal path\crack\cpathres.dll
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part iii\part iii\cubis2\crack_cubisgold2.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part iii\part iii\magic vines\magic vines crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part iv\part iv\chuzzle\chuzzle_deluxe_1.0_gh_crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\gamehouse part iv\part iv\spring sprang sprung\spring_sprang_sprung_1.00_gh_crack.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\ningpo mahjong deluxe 1.04.04\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\pixelus deluxe 1.0\crack\pixelus.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\rocket mania deluxe 1.01\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\tip top deluxe 1.1\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\typer shark deluxe 1.02\keygen\keygen.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\zuma.exe
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\blackswirley\blackswirley-1.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\blackswirley\blackswirley-2.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\claw\claw.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\coaster\coaster.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\groovefest\groovefest.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\inversespiral\inversespiral.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\longrange\longrange.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\loopy\loopy.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\overunder\overunder.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\riverbed\riverbed.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\serpents\serpents-1.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\serpents\serpents-2.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\snakepit\snakepit-1.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\snakepit\snakepit-2.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\space\space.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\spaceinvaders\spaceinvaders.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\spiral\spiral.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\squaresville\squaresville.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\targetglyph\targetglyph.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\tiltspiral\tiltspiral.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\triangle\triangle.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\tunnellevel\tunnellevel.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\turnaround\turnaround.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\underover\underover.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\levels\warshak\warshak.dat
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\properties\partner.xml
c:\documents and settings\lucie drhovská\dokumenty\games\popcap deluxe games\zuma deluxe 1.0\crack\properties\partner.xml.sig
c:\program files\common files\microsoft shared\office10\xpcrack.exe
scanner sequence 3.ZZ.11
----- EOF -----

#11 Příspěvek od **Caroprd111** » 11 kvě 2010 16:45

OK, ještě nový log z RSIT.

pospecc · #12 Příspěvek od **pospecc** » 11 kvě 2010 16:46

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucie Drhovská at 2010-05-11 17:45:54
WIN_XP Service Pack 2
System drive C: has 72 GB (63%) free of 114 GB
Total RAM: 894 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:11, on 11.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Documents and Settings\Lucie Drhovská\Plocha\RSIT.exe
C:\Program Files\trend micro\Lucie Drhovská.exe
C:\WINDOWS\SoftwareDistribution\Download\23ebc18315b8749680677b01acc850ac\update\update.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrVolOSD] C:\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-4277668352-1453076555-2304208586-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3591274843
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C3F858B-AABC-4475-81C6-0685FDFB8A98}: NameServer = 88.103.219.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 6235 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-02 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-01-20 761946]
"SMSERIAL"=C:\WINDOWS\sm56hlpr.exe [2005-11-10 557056]
"LaunchAp"=C:\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Launch Manager\HotkeyApp.exe [2005-07-28 57344]
"LMgrVolOSD"=C:\Launch Manager\OSD.exe [2005-03-16 204800]
"LMgrOSD"=C:\Launch Manager\OSDCtrl.exe [2005-07-25 241664]
"Wbutton"=C:\Launch Manager\Wbutton.exe [2005-07-25 81920]
"CtrlVol"=C:\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-18 16207872]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"RegistryMechanic"= []
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-09-23 921600]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-11-29 258048]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-02 149280]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
"ICQ"=C:\PROGRA~1\ICQ6.5\ICQ.exe [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VPN Client.lnk]
C:\WINDOWS\INSTAL~1\{CCBAA~1\ICON3E~1.ICO [2007-10-10 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-08 61440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.txt - open - C:\WINDOWS\notepad.exe %1

======List of files/folders created in the last 1 months======

2010-05-11 17:46:05 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2010-05-11 17:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2010-05-11 17:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2010-05-11 17:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2010-05-11 17:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2010-05-11 17:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2010-05-11 17:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2010-05-11 17:36:48 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2010-05-11 17:36:40 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2010-05-11 17:36:22 ----D---- C:\acec0c9a3338b9b39f266b5a2a
2010-05-11 17:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2010-05-11 17:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2010-05-11 17:36:00 ----RASHD---- C:\autorun.inf
2010-05-11 17:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2010-05-11 17:35:47 ----A---- C:\WINDOWS\system32\SET33.tmp
2010-05-11 17:35:47 ----A---- C:\WINDOWS\system32\SET32.tmp
2010-05-11 17:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2010-05-11 17:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
2010-05-11 17:35:06 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2010-05-11 17:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB923694$
2010-05-11 17:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2010-05-11 17:34:25 ----A---- C:\WINDOWS\imsins.BAK
2010-05-11 17:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2010-05-11 17:33:41 ----D---- C:\WINDOWS\LastGood
2010-05-11 17:32:09 ----A---- C:\UsbFix.txt
2010-05-11 17:23:02 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-05-11 17:23:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-05-11 17:16:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-05-11 17:16:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-11 16:29:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-05-11 16:20:14 ----D---- C:\UsbFix
2010-05-11 16:18:25 ----D---- C:\Program Files\CCleaner
2010-05-11 16:13:48 ----D---- C:\rsit
2010-05-11 16:13:48 ----D---- C:\Program Files\trend micro
2010-05-11 15:51:35 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Malwarebytes
2010-05-11 15:50:30 ----D---- C:\Program Files\WinPcap
2010-05-11 15:49:59 ----D---- C:\Program Files\Cain
2010-05-11 15:47:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-05-11 15:47:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of files/folders modified in the last 1 months======

2010-05-11 17:46:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-11 17:46:11 ----AD---- C:\WINDOWS\system32
2010-05-11 17:46:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-11 17:46:09 ----D---- C:\WINDOWS
2010-05-11 17:46:04 ----HD---- C:\WINDOWS\inf
2010-05-11 17:46:00 ----D---- C:\WINDOWS\Microsoft.NET
2010-05-11 17:45:57 ----SHD---- C:\WINDOWS\Installer
2010-05-11 17:45:57 ----D---- C:\WINDOWS\Temp
2010-05-11 17:45:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-11 17:45:23 ----RSD---- C:\WINDOWS\assembly
2010-05-11 17:44:51 ----D---- C:\WINDOWS\WinSxS
2010-05-11 17:44:48 ----D---- C:\WINDOWS\security
2010-05-11 17:37:15 ----D---- C:\WINDOWS\system32\drivers
2010-05-11 17:35:56 ----SHD---- C:\RECYCLER
2010-05-11 17:35:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-11 17:34:57 ----D---- C:\Program Files\Outlook Express
2010-05-11 17:34:56 ----D---- C:\Program Files\Common Files\System
2010-05-11 17:32:11 ----D---- C:\WINDOWS\SoftwareDistribution
2010-05-11 17:31:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-11 17:23:05 ----D---- C:\WINDOWS\Help
2010-05-11 17:22:36 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Skype
2010-05-11 17:21:45 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-05-11 17:21:19 ----SHD---- C:\System Volume Information
2010-05-11 17:21:19 ----D---- C:\WINDOWS\system32\Restore
2010-05-11 17:16:52 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\ICQ
2010-05-11 17:16:08 ----RD---- C:\Program Files
2010-05-11 17:14:50 ----D---- C:\WINDOWS\pss
2010-05-11 16:46:40 ----D---- C:\WINDOWS\Debug
2010-05-11 16:29:05 ----SD---- C:\WINDOWS\Tasks
2010-05-11 16:29:05 ----D---- C:\Program Files\Google
2010-05-11 16:09:48 ----HD---- C:\WINDOWS\PIF
2010-05-11 16:07:18 ----D---- C:\Program Files\Java
2010-05-11 16:07:18 ----D---- C:\Program Files\Common Files
2010-05-11 16:01:31 ----D---- C:\WINDOWS\Prefetch
2010-05-11 14:52:42 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-18 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 VCAM;Webcam Simulator; C:\WINDOWS\system32\DRIVERS\vcam.sys [2006-08-10 10624]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-09-15 468768]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-08 1506816]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-18 14080]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-16 4275712]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-11-01 51584]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-01-20 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-18 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-18 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-18 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-01-26 12028032]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-02 153376]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-09-23 507904]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-18 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-08 405504]

-----------------EOF-----------------

#13 Příspěvek od **Caroprd111** » 11 kvě 2010 16:48

V logu pořád vidím nelegální NOD32, dokud ho neodinstalujete a nenahradíte free řešením, odmítám pokračovat.

pospecc · #14 Příspěvek od **pospecc** » 11 kvě 2010 17:00

provedeno....

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucie Drhovská at 2010-05-11 17:59:05
WIN_XP Service Pack 2
System drive C: has 71 GB (62%) free of 114 GB
Total RAM: 894 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:59:19, on 11.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Launch Manager\LaunchAp.exe
C:\Launch Manager\HotkeyApp.exe
C:\Launch Manager\OSD.exe
C:\Launch Manager\OSDCtrl.exe
C:\Launch Manager\Wbutton.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Alwil Software\Avast5\setup\avast.setup
C:\Documents and Settings\Lucie Drhovská\Plocha\RSIT.exe
C:\Program Files\trend micro\Lucie Drhovská.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrVolOSD] C:\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-4277668352-1453076555-2304208586-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3591274843
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C3F858B-AABC-4475-81C6-0685FDFB8A98}: NameServer = 88.103.219.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 6918 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-02 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-01-20 761946]
"SMSERIAL"=C:\WINDOWS\sm56hlpr.exe [2005-11-10 557056]
"LaunchAp"=C:\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Launch Manager\HotkeyApp.exe [2005-07-28 57344]
"LMgrVolOSD"=C:\Launch Manager\OSD.exe [2005-03-16 204800]
"LMgrOSD"=C:\Launch Manager\OSDCtrl.exe [2005-07-25 241664]
"Wbutton"=C:\Launch Manager\Wbutton.exe [2005-07-25 81920]
"CtrlVol"=C:\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-18 16207872]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"RegistryMechanic"= []
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-11-29 258048]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-02 149280]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
"ICQ"=C:\PROGRA~1\ICQ6.5\ICQ.exe [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VPN Client.lnk]
C:\WINDOWS\INSTAL~1\{CCBAA~1\ICON3E~1.ICO [2007-10-10 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-08 61440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.txt - open - C:\WINDOWS\notepad.exe %1

======List of files/folders created in the last 1 months======

2010-05-11 17:58:04 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-05-11 17:57:57 ----D---- C:\Program Files\Alwil Software
2010-05-11 17:57:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-05-11 17:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2010-05-11 17:48:15 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2010-05-11 17:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2010-05-11 17:47:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2010-05-11 17:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2010-05-11 17:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2010-05-11 17:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2010-05-11 17:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2010-05-11 17:46:05 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2010-05-11 17:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2010-05-11 17:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2010-05-11 17:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2010-05-11 17:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2010-05-11 17:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2010-05-11 17:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2010-05-11 17:36:48 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2010-05-11 17:36:40 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2010-05-11 17:36:22 ----D---- C:\acec0c9a3338b9b39f266b5a2a
2010-05-11 17:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2010-05-11 17:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2010-05-11 17:36:00 ----RASHD---- C:\autorun.inf
2010-05-11 17:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2010-05-11 17:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2010-05-11 17:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
2010-05-11 17:35:06 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2010-05-11 17:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB923694$
2010-05-11 17:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2010-05-11 17:34:25 ----A---- C:\WINDOWS\imsins.BAK
2010-05-11 17:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2010-05-11 17:32:09 ----A---- C:\UsbFix.txt
2010-05-11 17:23:02 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-05-11 17:23:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-05-11 17:22:51 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-05-11 17:16:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-05-11 17:16:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-11 16:29:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-05-11 16:20:14 ----D---- C:\UsbFix
2010-05-11 16:18:25 ----D---- C:\Program Files\CCleaner
2010-05-11 16:13:48 ----D---- C:\rsit
2010-05-11 16:13:48 ----D---- C:\Program Files\trend micro
2010-05-11 15:51:35 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Malwarebytes
2010-05-11 15:50:30 ----D---- C:\Program Files\WinPcap
2010-05-11 15:49:59 ----D---- C:\Program Files\Cain
2010-05-11 15:47:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-05-11 15:47:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of files/folders modified in the last 1 months======

2010-05-11 17:58:51 ----D---- C:\WINDOWS\Temp
2010-05-11 17:58:28 ----D---- C:\WINDOWS\system32\drivers
2010-05-11 17:58:19 ----SHD---- C:\WINDOWS\Installer
2010-05-11 17:58:17 ----D---- C:\WINDOWS\WinSxS
2010-05-11 17:58:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-05-11 17:58:06 ----AD---- C:\WINDOWS\system32
2010-05-11 17:57:57 ----RD---- C:\Program Files
2010-05-11 17:56:14 ----D---- C:\WINDOWS
2010-05-11 17:56:01 ----D---- C:\Program Files\ESET
2010-05-11 17:55:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-11 17:51:35 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\Skype
2010-05-11 17:51:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-11 17:51:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-11 17:48:55 ----HD---- C:\WINDOWS\inf
2010-05-11 17:46:16 ----D---- C:\WINDOWS\Microsoft.NET
2010-05-11 17:45:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-11 17:45:23 ----RSD---- C:\WINDOWS\assembly
2010-05-11 17:44:48 ----D---- C:\WINDOWS\security
2010-05-11 17:35:56 ----SHD---- C:\RECYCLER
2010-05-11 17:35:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-11 17:34:57 ----D---- C:\Program Files\Outlook Express
2010-05-11 17:34:56 ----D---- C:\Program Files\Common Files\System
2010-05-11 17:32:11 ----D---- C:\WINDOWS\SoftwareDistribution
2010-05-11 17:23:05 ----D---- C:\WINDOWS\Help
2010-05-11 17:21:45 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-05-11 17:21:19 ----SHD---- C:\System Volume Information
2010-05-11 17:21:19 ----D---- C:\WINDOWS\system32\Restore
2010-05-11 17:16:52 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\ICQ
2010-05-11 17:14:50 ----D---- C:\WINDOWS\pss
2010-05-11 16:46:40 ----D---- C:\WINDOWS\Debug
2010-05-11 16:29:05 ----SD---- C:\WINDOWS\Tasks
2010-05-11 16:29:05 ----D---- C:\Program Files\Google
2010-05-11 16:09:48 ----HD---- C:\WINDOWS\PIF
2010-05-11 16:07:18 ----D---- C:\Program Files\Java
2010-05-11 16:07:18 ----D---- C:\Program Files\Common Files
2010-05-11 16:01:31 ----D---- C:\WINDOWS\Prefetch
2010-05-11 14:52:42 ----D---- C:\Documents and Settings\Lucie Drhovská\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-18 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 VCAM;Webcam Simulator; C:\WINDOWS\system32\DRIVERS\vcam.sys [2006-08-10 10624]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-09-15 468768]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-08 1506816]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-18 14080]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-16 4275712]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-11-01 51584]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-01-20 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-18 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-18 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-18 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-01-26 12028032]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-02 153376]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-18 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-08 405504]

-----------------EOF-----------------

#15 Příspěvek od **Caroprd111** » 11 kvě 2010 17:11

OK, napíšu Vám další postup.

VIRY.CZ

Kontrola logu - problémy s internetem

Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem

Re: Kontrola logu - problémy s internetem