...při otevírání IE žádný sprinter..
díky
Logfile of random's system information tool 1.06 (written by random/random)
Run by Fujitsu-Siemens at 2010-06-08 08:37:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 224 GB (94%) free of 238 GB
Total RAM: 1023 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:24, on 8.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Viry\RSIT.exe
C:\Program Files\trend micro\Fujitsu-Siemens.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7424263203
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3B01AE2-9FCA-4058-80F2-AA565EC7843E}: NameServer = 217.11.224.1,217.11.224.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6309 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{1905329B-75C9-4DC6-B0BD-802D66B23E29}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-29 67584]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2009-03-17 157552]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Fujitsu-Siemens\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-21 135664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio program file"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-06-08 08:37:17 ----D---- C:\rsit
2010-06-08 08:28:18 ----SHD---- C:\RECYCLER
2010-06-08 08:17:19 ----A---- C:\WINDOWS\PEV.exe
2010-06-08 08:17:19 ----A---- C:\WINDOWS\MBR.exe
2010-06-08 08:03:56 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-06-07 13:47:52 ----D---- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\vlc
2010-06-07 13:46:26 ----D---- C:\Program Files\VideoLAN
2010-05-26 08:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-24 13:26:36 ----D---- C:\Config.Msi
2010-05-24 13:24:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-05-23 11:22:20 ----D---- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Talkback
2010-05-12 13:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
======List of files/folders modified in the last 1 months======
2010-06-08 08:37:24 ----D---- C:\Program Files\Trend Micro
2010-06-08 08:28:31 ----D---- C:\WINDOWS
2010-06-08 08:27:37 ----D---- C:\WINDOWS\system32
2010-06-08 08:27:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-08 08:26:52 ----D---- C:\WINDOWS\system32\drivers
2010-06-08 08:26:52 ----D---- C:\Qoobox
2010-06-08 08:26:22 ----D---- C:\WINDOWS\Temp
2010-06-08 08:26:12 ----SD---- C:\WINDOWS\Tasks
2010-06-08 08:25:52 ----D---- C:\WINDOWS\ERDNT
2010-06-08 08:25:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-08 08:23:46 ----A---- C:\WINDOWS\system.ini
2010-06-08 08:22:10 ----D---- C:\WINDOWS\system32\config
2010-06-08 08:20:27 ----D---- C:\WINDOWS\AppPatch
2010-06-08 08:20:26 ----D---- C:\Program Files\Common Files
2010-06-08 08:17:26 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-06-08 08:17:12 ----D---- C:\WINDOWS\Prefetch
2010-06-08 07:54:26 ----D---- C:\WINDOWS\system32\Macromed
2010-06-08 07:48:25 ----RD---- C:\Program Files
2010-06-08 07:48:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-07 13:56:56 ----D---- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Media Player Classic
2010-06-07 13:44:08 ----D---- C:\Program Files\Codec Pack - All In 1
2010-06-07 13:42:16 ----D---- C:\Program Files\Eset
2010-06-07 13:42:00 ----SHD---- C:\WINDOWS\Installer
2010-06-07 13:41:52 ----HD---- C:\WINDOWS\inf
2010-06-07 13:34:50 ----D---- C:\Program Files\CCleaner
2010-06-06 19:44:24 ----D---- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Skype
2010-06-05 22:55:49 ----D---- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\skypePM
2010-06-05 21:05:56 ----D---- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\ICQ
2010-05-26 21:55:20 ----D---- C:\WINDOWS\Microsoft.NET
2010-05-26 20:44:41 ----RSD---- C:\WINDOWS\assembly
2010-05-24 13:31:31 ----RASH---- C:\boot.ini
2010-05-24 13:31:31 ----A---- C:\WINDOWS\win.ini
2010-05-24 13:29:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-24 13:27:40 ----D---- C:\WINDOWS\WinSxS
2010-05-24 12:59:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-12 21:33:15 ----D---- C:\WINDOWS\network diagnostic
2010-05-12 21:30:41 ----D---- C:\WINDOWS\Debug
2010-05-12 13:20:32 ----D---- C:\Program Files\Outlook Express
2010-05-12 10:14:52 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-07-29 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-07-29 626977]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2002-10-28 38528]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mbr;mbr; \??\C:\DOCUME~1\FUJITS~1\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver; C:\WINDOWS\System32\Drivers\nx6000.sys [2009-03-17 30560]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2009-03-17 161632]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
zdravím 
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
Re: Prosím o preventivní kontrolu
zdravím, tady je výpis z ComboFix
ComboFix 10-06-07.03 - Fujitsu-Siemens 10.06.2010 10:47:31.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.661 [GMT 2:00]
Spuštěný z: e:\viry\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100607-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-10 do 2010-06-10 )))))))))))))))))))))))))))))))
.
2010-06-08 06:37 . 2010-06-08 06:37 -------- d-----w- C:\rsit
2010-06-08 06:04 . 2009-11-24 22:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-08 06:04 . 2009-11-24 22:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-08 06:04 . 2009-11-24 22:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-08 06:04 . 2009-11-24 22:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-08 06:04 . 2009-11-24 22:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-08 06:04 . 2009-11-24 22:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-08 06:04 . 2009-11-24 22:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-08 06:04 . 2009-11-24 22:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-06-08 06:03 . 2009-11-24 22:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-07 11:46 . 2010-06-07 11:46 -------- d-----w- c:\program files\VideoLAN
2010-05-23 09:22 . 2010-05-23 09:22 0 ----a-w- c:\windows\nsreg.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-10 08:49 . 2004-08-18 12:00 515398 ----a-w- c:\windows\system32\perfh005.dat
2010-06-10 08:49 . 2004-08-18 12:00 111610 ----a-w- c:\windows\system32\perfc005.dat
2010-06-08 06:37 . 2009-01-29 09:03 -------- d-----w- c:\program files\Trend Micro
2010-06-07 11:44 . 2009-01-14 14:29 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-06-07 11:42 . 2009-10-25 16:30 -------- d-----w- c:\program files\Eset
2010-06-07 11:34 . 2009-01-14 14:41 -------- d-----w- c:\program files\CCleaner
2010-05-24 10:59 . 2009-11-11 13:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 13:39 . 2009-11-11 13:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-11-11 13:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 18:25 . 2010-04-23 18:25 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-04-23 18:25 . 2010-04-23 18:25 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-04-23 18:20 . 2010-04-23 18:20 -------- d-----w- c:\program files\DIFX
2010-04-23 18:20 . 2010-04-23 18:20 -------- d-----w- c:\program files\PC Connectivity Solution
2010-04-23 18:20 . 2010-04-16 16:33 -------- d-----w- c:\program files\Nokia
2010-04-23 18:18 . 2010-04-23 18:18 -------- d-----w- c:\program files\Common Files\Nokia
.
((((((((((((((((((((((((((((( SnapShot@2010-06-08_06.23.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-10 08:45 . 2010-06-10 08:45 16384 c:\windows\Temp\Perflib_Perfdata_448.dat
+ 2004-08-18 12:00 . 2010-06-10 08:49 99196 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2010-06-10 08:49 515518 c:\windows\system32\perfh009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"nwiz"="nwiz.exe" [2008-05-03 1630208]
"SoundMan"="SOUNDMAN.EXE" [2004-07-29 67584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2009-03-17 157552]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-21 06:18 135664 ----atw- c:\documents and settings\Fujitsu-Siemens\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [8.6.2010 8:04 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.6.2010 8:04 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29.7.2008 18:09 222456]
S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [17.6.2009 16:03 30560]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23.4.2010 20:20 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [23.4.2010 20:20 8320]
.
Obsah adresáře 'Naplánované úlohy'
2010-06-10 c:\windows\Tasks\User_Feed_Synchronization-{1905329B-75C9-4DC6-B0BD-802D66B23E29}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {B3B01AE2-9FCA-4058-80F2-AA565EC7843E} = 217.11.224.1,217.11.224.2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-HijackThis - c:\documents and settings\Fujitsu-Siemens\Plocha\hijackthis\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-10 10:51
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(1296)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-06-10 10:53:20
ComboFix-quarantined-files.txt 2010-06-10 08:53
ComboFix2.txt 2009-02-04 10:54
ComboFix3.txt 2009-02-04 10:51
Před spuštěním: Volných bajtů: 235 174 502 400
Po spuštění: Volných bajtů: 235 138 568 192
- - End Of File - - 89A8B3E8488F0BA3E10E11493897C6BE
ComboFix 10-06-07.03 - Fujitsu-Siemens 10.06.2010 10:47:31.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.661 [GMT 2:00]
Spuštěný z: e:\viry\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100607-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-10 do 2010-06-10 )))))))))))))))))))))))))))))))
.
2010-06-08 06:37 . 2010-06-08 06:37 -------- d-----w- C:\rsit
2010-06-08 06:04 . 2009-11-24 22:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-08 06:04 . 2009-11-24 22:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-08 06:04 . 2009-11-24 22:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-08 06:04 . 2009-11-24 22:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-08 06:04 . 2009-11-24 22:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-08 06:04 . 2009-11-24 22:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-08 06:04 . 2009-11-24 22:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-08 06:04 . 2009-11-24 22:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-06-08 06:03 . 2009-11-24 22:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-07 11:46 . 2010-06-07 11:46 -------- d-----w- c:\program files\VideoLAN
2010-05-23 09:22 . 2010-05-23 09:22 0 ----a-w- c:\windows\nsreg.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-10 08:49 . 2004-08-18 12:00 515398 ----a-w- c:\windows\system32\perfh005.dat
2010-06-10 08:49 . 2004-08-18 12:00 111610 ----a-w- c:\windows\system32\perfc005.dat
2010-06-08 06:37 . 2009-01-29 09:03 -------- d-----w- c:\program files\Trend Micro
2010-06-07 11:44 . 2009-01-14 14:29 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-06-07 11:42 . 2009-10-25 16:30 -------- d-----w- c:\program files\Eset
2010-06-07 11:34 . 2009-01-14 14:41 -------- d-----w- c:\program files\CCleaner
2010-05-24 10:59 . 2009-11-11 13:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 13:39 . 2009-11-11 13:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-11-11 13:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 18:25 . 2010-04-23 18:25 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-04-23 18:25 . 2010-04-23 18:25 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-04-23 18:20 . 2010-04-23 18:20 -------- d-----w- c:\program files\DIFX
2010-04-23 18:20 . 2010-04-23 18:20 -------- d-----w- c:\program files\PC Connectivity Solution
2010-04-23 18:20 . 2010-04-16 16:33 -------- d-----w- c:\program files\Nokia
2010-04-23 18:18 . 2010-04-23 18:18 -------- d-----w- c:\program files\Common Files\Nokia
.
((((((((((((((((((((((((((((( SnapShot@2010-06-08_06.23.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-10 08:45 . 2010-06-10 08:45 16384 c:\windows\Temp\Perflib_Perfdata_448.dat
+ 2004-08-18 12:00 . 2010-06-10 08:49 99196 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2010-06-10 08:49 515518 c:\windows\system32\perfh009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"nwiz"="nwiz.exe" [2008-05-03 1630208]
"SoundMan"="SOUNDMAN.EXE" [2004-07-29 67584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2009-03-17 157552]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-21 06:18 135664 ----atw- c:\documents and settings\Fujitsu-Siemens\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [8.6.2010 8:04 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.6.2010 8:04 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29.7.2008 18:09 222456]
S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [17.6.2009 16:03 30560]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23.4.2010 20:20 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [23.4.2010 20:20 8320]
.
Obsah adresáře 'Naplánované úlohy'
2010-06-10 c:\windows\Tasks\User_Feed_Synchronization-{1905329B-75C9-4DC6-B0BD-802D66B23E29}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {B3B01AE2-9FCA-4058-80F2-AA565EC7843E} = 217.11.224.1,217.11.224.2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-HijackThis - c:\documents and settings\Fujitsu-Siemens\Plocha\hijackthis\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-10 10:51
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(1296)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-06-10 10:53:20
ComboFix-quarantined-files.txt 2010-06-10 08:53
ComboFix2.txt 2009-02-04 10:54
ComboFix3.txt 2009-02-04 10:51
Před spuštěním: Volných bajtů: 235 174 502 400
Po spuštění: Volných bajtů: 235 138 568 192
- - End Of File - - 89A8B3E8488F0BA3E10E11493897C6BE
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
stáhněte si OTL z tohoto odkazu http://ottools.noahdfear.net/OTL.exe
stažený soubor spusťte jako správce
v otevřeném okně stiskněte tlačítko Prohledat, čímž spustíte sken; vyčkejte prosím dokončení skenu (cca 5 minut); poté se vám otevře okno Poznámkového bloku s logem, jehož obsah sem zkopírujte
stažený soubor spusťte jako správce
v otevřeném okně stiskněte tlačítko Prohledat, čímž spustíte sken; vyčkejte prosím dokončení skenu (cca 5 minut); poté se vám otevře okno Poznámkového bloku s logem, jehož obsah sem zkopírujte
Re: Prosím o preventivní kontrolu
opět zdravím a tady je log :
OTL logfile created on: 11.6.2010 11:19:53 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Fujitsu-Siemens\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 445,00 Mb Available Physical Memory | 43,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 218,13 Gb Free Space | 93,67% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-F7C72B23B08
Current User Name: Fujitsu-Siemens
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.11 11:19:22 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008.10.19 15:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.11 04:06:00 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2004.07.29 10:59:34 | 000,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.06.11 11:19:22 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
MOD - [2009.11.25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008.10.19 15:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.11.25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.03.17 14:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.03 06:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.04.13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2005.09.23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004.07.29 10:59:16 | 000,626,977 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.07.29 10:59:16 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.12.09 15:43:36 | 000,045,568 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiSRaid.sys -- (SiSRaid)
DRV - [2003.07.18 09:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003.03.25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide)
DRV - [2002.10.28 09:23:38 | 000,038,528 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
[2010.05.30 08:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Mozilla\Firefox\Profiles\ooffzy3z.default\extensions
[2010.05.23 11:40:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Mozilla\Firefox\Profiles\ooffzy3z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
O1 HOSTS File: ([2010.06.08 08:23:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDow ... eqlab3.cab (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 7424263203 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Fujitsu-Siemens\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Fujitsu-Siemens\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.07 13:25:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.11 11:19:19 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
[2010.06.11 11:17:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Recent
[2010.06.10 11:16:21 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.10 10:58:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.06.08 08:37:17 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.08 08:04:12 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.06.08 08:04:12 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010.06.08 08:04:12 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.06.08 08:04:12 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.06.08 08:04:12 | 000,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.06.08 08:04:12 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.06.08 08:04:12 | 000,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.06.08 08:04:12 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.06.08 08:03:56 | 001,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.06.07 13:47:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\vlc
[2010.06.07 13:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.05.23 11:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Talkback
[2010.05.23 11:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Local Settings\Data aplikací\Mozilla
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.11 11:19:41 | 000,546,078 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.11 11:19:41 | 000,544,850 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.11 11:19:41 | 000,126,826 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.11 11:19:41 | 000,111,440 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.11 11:19:41 | 000,005,052 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.11 11:19:22 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
[2010.06.11 11:18:52 | 000,000,486 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1905329B-75C9-4DC6-B0BD-802D66B23E29}.job
[2010.06.11 11:15:30 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.11 11:15:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.11 11:15:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.10 12:04:04 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\NTUSER.DAT
[2010.06.10 12:04:04 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\ntuser.ini
[2010.06.10 11:47:07 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.10 11:44:28 | 000,344,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.10 10:51:42 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.08 08:23:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.08 08:08:52 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.06.08 08:04:12 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Antivirus.lnk
[2010.06.08 08:00:10 | 006,078,355 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\Jungle.swf
[2010.06.07 13:46:50 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.06.07 13:34:53 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\CCleaner.lnk
[2010.06.06 19:17:18 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.06.03 19:35:29 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\Google Chrome.lnk
[2010.05.24 13:48:25 | 006,078,355 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Dokumenty\jungle.swf
[2010.05.24 13:31:31 | 000,000,570 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.24 13:31:31 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.05.23 11:22:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010.05.22 18:27:22 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.08 08:17:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.06.08 08:17:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.06.08 08:04:12 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Antivirus.lnk
[2010.06.08 08:03:56 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010.06.08 08:00:09 | 006,078,355 | ---- | C] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\Jungle.swf
[2010.06.07 13:59:45 | 006,078,355 | ---- | C] () -- C:\Documents and Settings\Fujitsu-Siemens\Dokumenty\jungle.swf
[2010.06.07 13:46:50 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.05.23 11:22:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.08.31 18:14:32 | 000,005,500 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.07.09 17:20:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.01.16 14:25:19 | 000,001,028 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009.01.14 16:24:37 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.07 13:49:11 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[2008.07.07 13:49:10 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.07.07 13:49:10 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.07.07 13:49:10 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.07.07 13:49:10 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.07.07 13:49:10 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.07.07 13:49:09 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
< End of report >
OTL logfile created on: 11.6.2010 11:19:53 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Fujitsu-Siemens\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 445,00 Mb Available Physical Memory | 43,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 218,13 Gb Free Space | 93,67% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-F7C72B23B08
Current User Name: Fujitsu-Siemens
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.11 11:19:22 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008.10.19 15:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.11 04:06:00 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2004.07.29 10:59:34 | 000,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.06.11 11:19:22 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
MOD - [2009.11.25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008.10.19 15:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.11.25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.03.17 14:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.03 06:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.04.13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2005.09.23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004.07.29 10:59:16 | 000,626,977 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.07.29 10:59:16 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.12.09 15:43:36 | 000,045,568 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiSRaid.sys -- (SiSRaid)
DRV - [2003.07.18 09:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003.03.25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide)
DRV - [2002.10.28 09:23:38 | 000,038,528 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
[2010.05.30 08:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Mozilla\Firefox\Profiles\ooffzy3z.default\extensions
[2010.05.23 11:40:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Mozilla\Firefox\Profiles\ooffzy3z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
O1 HOSTS File: ([2010.06.08 08:23:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDow ... eqlab3.cab (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 7424263203 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Fujitsu-Siemens\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Fujitsu-Siemens\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.07 13:25:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.11 11:19:19 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
[2010.06.11 11:17:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Recent
[2010.06.10 11:16:21 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.10 10:58:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.06.08 08:37:17 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.08 08:04:12 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.06.08 08:04:12 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010.06.08 08:04:12 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.06.08 08:04:12 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.06.08 08:04:12 | 000,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.06.08 08:04:12 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.06.08 08:04:12 | 000,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.06.08 08:04:12 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.06.08 08:03:56 | 001,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.06.07 13:47:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\vlc
[2010.06.07 13:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.05.23 11:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Data aplikací\Talkback
[2010.05.23 11:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fujitsu-Siemens\Local Settings\Data aplikací\Mozilla
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.11 11:19:41 | 000,546,078 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.11 11:19:41 | 000,544,850 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.11 11:19:41 | 000,126,826 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.11 11:19:41 | 000,111,440 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.11 11:19:41 | 000,005,052 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.11 11:19:22 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\OTL.exe
[2010.06.11 11:18:52 | 000,000,486 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1905329B-75C9-4DC6-B0BD-802D66B23E29}.job
[2010.06.11 11:15:30 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.11 11:15:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.11 11:15:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.10 12:04:04 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\NTUSER.DAT
[2010.06.10 12:04:04 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\ntuser.ini
[2010.06.10 11:47:07 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.10 11:44:28 | 000,344,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.10 10:51:42 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.08 08:23:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.08 08:08:52 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.06.08 08:04:12 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Antivirus.lnk
[2010.06.08 08:00:10 | 006,078,355 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\Jungle.swf
[2010.06.07 13:46:50 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.06.07 13:34:53 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\CCleaner.lnk
[2010.06.06 19:17:18 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.06.03 19:35:29 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\Google Chrome.lnk
[2010.05.24 13:48:25 | 006,078,355 | ---- | M] () -- C:\Documents and Settings\Fujitsu-Siemens\Dokumenty\jungle.swf
[2010.05.24 13:31:31 | 000,000,570 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.24 13:31:31 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.05.23 11:22:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010.05.22 18:27:22 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.08 08:17:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.06.08 08:17:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.06.08 08:04:12 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Antivirus.lnk
[2010.06.08 08:03:56 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010.06.08 08:00:09 | 006,078,355 | ---- | C] () -- C:\Documents and Settings\Fujitsu-Siemens\Plocha\Jungle.swf
[2010.06.07 13:59:45 | 006,078,355 | ---- | C] () -- C:\Documents and Settings\Fujitsu-Siemens\Dokumenty\jungle.swf
[2010.06.07 13:46:50 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.05.23 11:22:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.08.31 18:14:32 | 000,005,500 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.07.09 17:20:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.01.16 14:25:19 | 000,001,028 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009.01.14 16:24:37 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.07 13:49:11 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[2008.07.07 13:49:10 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.07.07 13:49:10 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.07.07 13:49:10 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.07.07 13:49:10 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.07.07 13:49:10 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.07.07 13:49:09 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
< End of report >
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
spusťte C:\Program Files\trend micro\Fujitsu-Siemens.exe
neprovádějte sken, ale klikněte na tlačítko Open the Misc Tools Section
nahoře jsou čtyři tlačítka, musí být zamáčknuté Misc Tools:
najděte vlevo tlačítko Open ADS Spy , klikněte na něj, v následujícím okně klikněte na Scan, chvíli vyčkejte, poté klikněte na Save log (obsah logu sem) a dále pak klikněte na Remove selected
po restartu sem vložte nový log z OTL
neprovádějte sken, ale klikněte na tlačítko Open the Misc Tools Section
nahoře jsou čtyři tlačítka, musí být zamáčknuté Misc Tools:
najděte vlevo tlačítko Open ADS Spy , klikněte na něj, v následujícím okně klikněte na Scan, chvíli vyčkejte, poté klikněte na Save log (obsah logu sem) a dále pak klikněte na Remove selected
po restartu sem vložte nový log z OTL
Přispějete na provoz fóra?