Náhlé odpojování od internetu - "zamrznutí wifiny" -prosím

[dmitrijsadlo]

Dobrý den! Počítač v různě dlouhých intervalech přestává přijímat signál z wifi a nejde se dostat do "centrum sítí" pro opravu atp. nevím zda by to mohl být nějaký šmejd v notebooku.

Logfile of random's system information tool 1.07 (written by random/random)
Run by Milan Zeidler at 2010-05-07 17:25:00
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 46 GB (49%) free of 94 GB
Total RAM: 1022 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:04, on 7.5.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Milan Zeidler\Desktop\RSIT.exe
C:\Program Files\trend micro\Milan Zeidler.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

--
End of file - 5292 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4105063451-59232897-2259289806-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4105063451-59232897-2259289806-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-05-04 1615200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-05-04 2064736]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-10 4431872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-13 133104]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
C:\Windows\System32\browserchoice.exe [2010-02-12 293376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-18 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-13 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
C:\Program Files\HP\HP UT\bin\hppusg.exe C:\Program Files\HP\HP UT\ []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX]
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1397957f-b7d2-11de-9346-806e6f6e6963}]
shell\AutoRun\command - E:\Setup.EXE


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-05-07 09:47:45 ----A---- C:\Windows\system32\SRSWOW.dll
2010-05-07 09:47:44 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-05-07 09:47:44 ----A---- C:\Windows\SkyTel.exe
2010-05-07 09:47:43 ----A---- C:\Windows\RtlUpd.exe
2010-05-07 09:47:41 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-05-07 09:47:41 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-05-07 09:47:40 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-05-07 09:47:38 ----A---- C:\Windows\RtHDVCpl.exe
2010-05-07 09:47:12 ----A---- C:\Windows\RtlExUpd.dll
2010-05-07 09:43:20 ----D---- C:\DeskUpdate.tmp
2010-05-07 09:37:38 ----D---- C:\Windows\system32\Lang
2010-05-07 09:37:38 ----A---- C:\Windows\system32\difxapi.dll
2010-05-06 17:35:05 ----A---- C:\Windows\system32\javaws.exe
2010-05-06 17:35:05 ----A---- C:\Windows\system32\javaw.exe
2010-05-06 17:35:05 ----A---- C:\Windows\system32\deployJava1.dll
2010-05-06 17:35:04 ----A---- C:\Windows\system32\java.exe
2010-05-06 17:34:30 ----D---- C:\Program Files\Java
2010-04-14 11:29:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 11:29:58 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 11:29:56 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 11:29:47 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 11:28:38 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 11:28:16 ----A---- C:\Windows\system32\cabview.dll

======List of files/folders modified in the last 1 months======

2010-05-07 17:25:03 ----D---- C:\Program Files\trend micro
2010-05-07 17:24:01 ----D---- C:\Windows\Prefetch
2010-05-07 17:21:57 ----D---- C:\Windows\Debug
2010-05-07 17:18:40 ----D---- C:\Windows\Temp
2010-05-07 12:20:39 ----D---- C:\Windows\System32
2010-05-07 12:20:39 ----D---- C:\Windows\inf
2010-05-07 12:20:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-07 10:01:52 ----D---- C:\Windows
2010-05-07 09:48:54 ----D---- C:\Windows\system32\RTCOM
2010-05-07 09:48:54 ----D---- C:\Windows\system32\drivers
2010-05-07 09:48:48 ----D---- C:\Windows\system32\catroot
2010-05-07 09:48:40 ----SHD---- C:\System Volume Information
2010-05-07 09:47:46 ----A---- C:\Windows\DIFxAPI.dll
2010-05-07 09:47:36 ----D---- C:\Program Files\Realtek
2010-05-07 09:47:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-07 09:46:50 ----D---- C:\Program Files\Common Files\InstallShield
2010-05-07 09:36:23 ----D---- C:\Program Files\Intel
2010-05-06 17:36:48 ----D---- C:\Windows\system32\catroot2
2010-05-06 17:35:45 ----SHD---- C:\Windows\Installer
2010-05-06 17:35:45 ----HD---- C:\Config.Msi
2010-05-06 17:34:30 ----RD---- C:\Program Files
2010-05-06 17:28:55 ----D---- C:\Program Files\CCleaner
2010-05-06 08:46:49 ----D---- C:\Windows\system32\LogFiles
2010-05-06 07:24:24 ----D---- C:\Windows\winsxs
2010-05-06 07:24:19 ----RSD---- C:\Windows\Fonts
2010-04-20 12:00:58 ----D---- C:\Windows\system32\spool
2010-04-19 16:09:47 ----D---- C:\Windows\system32\WDI
2010-04-17 13:11:45 ----HD---- C:\ProgramData
2010-04-17 13:11:45 ----D---- C:\ProgramData\avg9
2010-04-15 08:14:17 ----D---- C:\Program Files\Windows Mail
2010-04-15 08:12:18 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-03-19 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-03-19 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-05-04 242896]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-04-11 2589696]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-10 1764960]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-18 18432]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-25 2216448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-02-16 70144]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
S3 HPFXBULK;HPFXBULK; C:\Windows\system32\drivers\hpfxbulk.sys [2007-07-16 17432]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2007-05-09 48640]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-04-11 593920]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-19 308064]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

[motji]

Hezké odpoledne

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[dmitrijsadlo]

Děkuji za návod, a přikládám log.
Mám podezření, že se v počítači bijou Eset NOD32 a AVG Free (viz log). Dříve jsem tu měl nainstalovaný NOD32, ale ten už jsem dávno plně odinstaloval, přesto ho Combofix hlásil jako spuštěný s tím, že ho mám ukončit (hláška před spuštěním testu). Jak dál? Děkuji za Váš čas.

ComboFix 10-05-08.02 - Milan Zeidler 09.05.2010 10:34:38.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1022.392 [GMT 2:00]
Spuštěný z: c:\users\Milan Zeidler\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\cleanup.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-09 do 2010-05-09 )))))))))))))))))))))))))))))))
.

2010-05-09 08:43 . 2010-05-09 08:43 -------- d-----w- c:\users\Milan Zeidler\AppData\Local\temp
2010-05-09 08:43 . 2010-05-09 08:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-07 07:47 . 2006-11-29 15:47 135168 ----a-w- c:\windows\system32\SRSWOW.dll
2010-05-07 07:47 . 2007-04-04 14:22 1822720 ----a-w- c:\windows\SkyTel.exe
2010-05-07 07:47 . 2006-12-13 07:30 339968 ----a-w- c:\windows\system32\SRSTSXT.dll
2010-05-07 07:47 . 2007-01-16 07:39 1191936 ----a-w- c:\windows\RtlUpd.exe
2010-05-07 07:47 . 2007-04-10 16:05 1764960 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2010-05-07 07:47 . 2007-04-04 10:55 18432 ----a-w- c:\windows\system32\RtkCoInst.dll
2010-05-07 07:47 . 2007-03-14 14:10 495104 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-05-07 07:47 . 2007-03-23 12:34 266240 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-05-07 07:47 . 2007-04-10 13:01 4431872 ----a-w- c:\windows\RtHDVCpl.exe
2010-05-07 07:47 . 2007-01-12 13:54 520192 ----a-w- c:\windows\RtlExUpd.dll
2010-05-07 07:43 . 2010-05-07 07:46 -------- d-----w- C:\DeskUpdate.tmp
2010-05-07 07:37 . 2010-05-07 07:37 -------- d-----w- c:\windows\system32\Lang
2010-05-07 07:37 . 2006-11-10 07:25 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-05-06 15:35 . 2010-05-06 15:34 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-06 15:34 . 2010-05-06 15:34 -------- d-----w- c:\program files\Java
2010-04-20 09:54 . 2006-11-02 09:46 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMPRTPRC.DLL
2010-04-14 09:30 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 09:30 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 09:30 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 09:29 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-14 09:29 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 09:29 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 09:29 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-14 09:29 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-14 09:29 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-14 09:28 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-14 09:28 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-09 08:28 . 2009-10-13 18:23 602092 ----a-w- c:\windows\system32\perfh005.dat
2010-05-09 08:28 . 2009-10-13 18:23 116204 ----a-w- c:\windows\system32\perfc005.dat
2010-05-07 15:25 . 2010-03-13 13:59 -------- d-----w- c:\program files\trend micro
2010-05-07 07:47 . 2009-10-13 14:41 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-05-07 07:47 . 2009-10-13 14:41 -------- d-----w- c:\program files\Realtek
2010-05-07 07:47 . 2009-10-13 14:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-07 07:46 . 2009-10-13 14:40 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-07 07:36 . 2009-10-13 14:36 -------- d-----w- c:\program files\Intel
2010-05-06 15:28 . 2009-10-13 17:10 -------- d-----w- c:\program files\CCleaner
2010-05-04 14:26 . 2009-11-07 13:54 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-17 11:11 . 2009-11-07 13:53 -------- d-----w- c:\programdata\avg9
2010-04-15 06:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-15 06:12 . 2009-10-13 15:20 -------- d-----w- c:\programdata\Microsoft Help
2010-04-11 11:07 . 2009-10-13 08:47 680 ----a-w- c:\users\Milan Zeidler\AppData\Local\d3d9caps.dat
2010-04-03 14:38 . 2010-04-03 14:36 -------- d-----w- c:\users\Milan Zeidler\AppData\Roaming\Media Player Classic
2010-04-03 14:36 . 2010-04-03 14:36 -------- d-----w- c:\program files\MPC HomeCinema
2010-03-26 15:10 . 2010-03-26 15:05 162917 ----a-w- c:\windows\hppins08.dat
2010-03-19 14:23 . 2010-03-19 14:23 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-19 14:23 . 2009-11-07 13:54 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-19 14:23 . 2009-11-07 13:53 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-12 08:13 . 2010-03-12 08:12 -------- d-----w- c:\program files\Primy kanal
2010-02-24 14:13 . 2009-10-13 08:48 114096 ----a-w- c:\users\Milan Zeidler\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-23 06:39 . 2010-03-31 15:13 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-31 15:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-03-31 15:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-03-31 15:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:06 . 2010-03-10 19:00 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-10 19:00 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-10 19:00 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-12 10:32 . 2010-03-12 07:15 293376 ----a-w- c:\windows\system32\browserchoice.exe
2009-12-28 08:09 . 2009-12-28 08:09 608 --sha-w- c:\windows\System32\winzvprt5.sys
2007-05-30 22:37 . 2007-05-30 22:36 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-10-13 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-05-05 1466368]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 4431872]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2007-1-11 50848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:32 293376 ----a-w- c:\windows\System32\browserchoice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-18 21:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-10-13 16:07 133104 ----atw- c:\users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):61,15,21,c1,6c,4e,ca,01

S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-19 216200]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-05-04 242896]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-19 308064]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-05-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4105063451-59232897-2259289806-1000Core.job
- c:\users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-13 16:07]

2010-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4105063451-59232897-2259289806-1000UA.job
- c:\users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-13 16:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... b?3,14,8,0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-HPUsageTracking - c:\program files\HP\HP UT\bin\hppusg.exe
MSConfigStartUp-ToolBoxFX - c:\program files\HP\ToolBoxFX\bin\HPTLBXFX.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-09 10:43
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Celkový čas: 2010-05-09 10:47:54
ComboFix-quarantined-files.txt 2010-05-09 08:47

Před spuštěním: Volných bajtů: 48 399 503 360
Po spuštění: Volných bajtů: 56 234 737 664

- - End Of File - - D40120569B7DF49A472147C08F128BF9

[motji]

Stáhněte SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe
-program spusťte a postupujte podle instrukcí. Log vložte zde

Jak to vypadá s počítačem?

[dmitrijsadlo]

S počítačem to vypadá stejně jako při založení tohoto příspěvku. jediné co pomůže, aby se "internet chytil" je restart :/
Log (zde není po NOD32 ani památky, proč ho Combofix zobrazuje?). Díky moc:

Results of screen317's Security Check version 0.99.4
Windows Vista Service Pack 2 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
AVG Free 9.0
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
CCleaner
Java(TM) 6 Update 20
Adobe Flash Player 10.0.45.2
Adobe Reader 9.3.2
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

[motji]

Nevím proč ho combofix vypisuje, občas to dělá.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[dmitrijsadlo]

Uz to dojelo: a neco to naslo. smazat? diky za Vas cas!

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4080

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

9.5.2010 13:05:00
mbam-log-2010-05-09 (13-05-00).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 194280
Uplynulý čas: 46 minuta(y), 33 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Milan Zeidler\AppData\Local\temp\~DFE4AC.tmp (Malware.Packer.Gen) -> No action taken.

[motji]

Ano, smažte ho. Ještě uděláme test na rootkity, a zksute přeinstalovat drivery k wifině.

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[dmitrijsadlo]

Aktualizoval jsem drivery k wifi a sitovce, byly zastarale (snad take pomuze

1. log:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-09 13:50:06
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\MILANZ~1\AppData\Local\Temp\kxriquoc.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----

[dmitrijsadlo]

2.log prazdny. treba to bylo jen drivery, ted uz to chvili nezamrzlo. nahlasim se dyztak, kdyby to znovu zamrzlo.
dekuji!

[motji]

Dobře, chvilku pc pozorujte a pak nahlaste, zda to pomohlo.
Pak už jen uklidíme po použitých programech.

[dmitrijsadlo]

Děkuji Vám velice, pc se chová opět normálně! snad se to nevrátí
Jak mám tedy postupovat při úklidu?
CCleaner jsem už pustil.

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[dmitrijsadlo]

Vše jsem provedl jak bylo uvedeno. K notebooku jsem se dostal az ted, prikladam novy log z RSIT:

Dekuji velice za pomoc!

Logfile of random's system information tool 1.07 (written by random/random)
Run by Milan Zeidler at 2010-05-15 20:51:10
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 48 GB (51%) free of 94 GB
Total RAM: 1022 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:44, on 15.5.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Milan Zeidler\Desktop\RSIT.exe
C:\Program Files\trend micro\Milan Zeidler.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 1.66.0.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

--
End of file - 4723 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4105063451-59232897-2259289806-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4105063451-59232897-2259289806-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-05-04 1615200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-10 4431872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-13 133104]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
C:\Windows\System32\browserchoice.exe [2010-02-12 293376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-18 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Milan Zeidler\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-13 133104]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-05-15 20:51:10 ----D---- C:\rsit
2010-05-09 13:35:26 ----A---- C:\Windows\system32\RTNUninst32.dll
2010-05-09 13:35:26 ----A---- C:\Windows\system32\RtNicProp32.dll
2010-05-09 13:28:28 ----D---- C:\Program Files\SystemRequirementsLab
2010-05-09 12:13:00 ----D---- C:\Users\Milan Zeidler\AppData\Roaming\Malwarebytes
2010-05-09 12:12:22 ----D---- C:\ProgramData\Malwarebytes
2010-05-09 10:48:02 ----SHD---- C:\$RECYCLE.BIN
2010-05-09 10:47:58 ----D---- C:\Windows\temp
2010-05-07 09:47:45 ----A---- C:\Windows\system32\SRSWOW.dll
2010-05-07 09:47:44 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-05-07 09:47:44 ----A---- C:\Windows\SkyTel.exe
2010-05-07 09:47:43 ----A---- C:\Windows\RtlUpd.exe
2010-05-07 09:47:41 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-05-07 09:47:41 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-05-07 09:47:40 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-05-07 09:47:38 ----A---- C:\Windows\RtHDVCpl.exe
2010-05-07 09:47:12 ----A---- C:\Windows\RtlExUpd.dll
2010-05-07 09:43:20 ----D---- C:\DeskUpdate.tmp
2010-05-07 09:37:38 ----D---- C:\Windows\system32\Lang
2010-05-07 09:37:38 ----A---- C:\Windows\system32\difxapi.dll
2010-05-06 17:35:05 ----A---- C:\Windows\system32\javaws.exe
2010-05-06 17:35:05 ----A---- C:\Windows\system32\javaw.exe
2010-05-06 17:35:05 ----A---- C:\Windows\system32\deployJava1.dll
2010-05-06 17:35:04 ----A---- C:\Windows\system32\java.exe
2010-05-06 17:34:30 ----D---- C:\Program Files\Java

======List of files/folders modified in the last 1 months======

2010-05-15 20:51:44 ----D---- C:\Program Files\trend micro
2010-05-15 20:51:42 ----D---- C:\Windows\Prefetch
2010-05-15 20:17:52 ----SHD---- C:\System Volume Information
2010-05-15 19:41:30 ----D---- C:\Windows\system32\catroot
2010-05-15 19:41:28 ----D---- C:\Windows\system32\catroot2
2010-05-15 19:41:27 ----D---- C:\Windows\winsxs
2010-05-15 19:35:52 ----D---- C:\Windows
2010-05-15 19:35:01 ----D---- C:\Windows\System32
2010-05-15 19:35:01 ----D---- C:\Windows\inf
2010-05-15 19:35:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-10 07:13:40 ----D---- C:\Windows\Debug
2010-05-09 13:36:04 ----D---- C:\Windows\system32\drivers
2010-05-09 13:35:26 ----D---- C:\Program Files\Realtek
2010-05-09 13:28:29 ----SD---- C:\Windows\Downloaded Program Files
2010-05-09 13:28:28 ----SHD---- C:\Windows\Installer
2010-05-09 13:28:28 ----RD---- C:\Program Files
2010-05-09 13:28:28 ----D---- C:\Config.Msi
2010-05-09 13:21:42 ----D---- C:\Windows\ehome
2010-05-09 12:12:22 ----D---- C:\ProgramData
2010-05-09 10:43:42 ----A---- C:\Windows\system.ini
2010-05-09 10:39:26 ----D---- C:\Windows\AppPatch
2010-05-09 10:39:25 ----D---- C:\Program Files\Common Files
2010-05-07 09:48:54 ----D---- C:\Windows\system32\RTCOM
2010-05-07 09:47:46 ----A---- C:\Windows\DIFxAPI.dll
2010-05-07 09:47:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-07 09:46:50 ----D---- C:\Program Files\Common Files\InstallShield
2010-05-07 09:36:23 ----D---- C:\Program Files\Intel
2010-05-06 17:28:55 ----D---- C:\Program Files\CCleaner
2010-05-06 08:46:49 ----D---- C:\Windows\system32\LogFiles
2010-05-06 07:24:19 ----RSD---- C:\Windows\Fonts
2010-04-20 12:00:58 ----D---- C:\Windows\system32\spool
2010-04-19 16:09:47 ----D---- C:\Windows\system32\WDI
2010-04-17 13:11:45 ----D---- C:\ProgramData\avg9

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-03-19 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-03-19 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-05-04 242896]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-04-11 2589696]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-10 1764960]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-18 18432]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-10-26 4247552]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-03-22 262176]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
S3 HPFXBULK;HPFXBULK; C:\Windows\system32\drivers\hpfxbulk.sys [2007-07-16 17432]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-25 2216448]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2007-05-09 48640]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-04-11 593920]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-19 308064]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

[motji]

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-


 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


Pokud nejsou problémy, je to vše .
Není zač