Win32/Olmarik.AET a VBS/PSW.agent.D

[Jirkasima]

V rezidentní ochraně mi NOD32 našel trojské koně Win32/Olmarik.AET a VBS/PSW.agent.D . Soubory dal do karantény.
Prosím o kontrolu logu, jestli v PC ještě něco nezůstalo.

------log z RSIT------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:18:28, on 3.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
c:program filescommon fileslogitechlvmvfmLVPrcSrv.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
C:WINDOWSsystem32DRIVERSCDANTSRV.EXE
C:Program FilesCommon FilesLogitechLComMgrCommunications_Helper.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:Program FilesLogitechQuickCam10QuickCam10.exe
C:Program FilesCommon FilesLogitechLComMgrLVComSX.exe
C:Program FilesJawsSystemsJaws PDF CreatorPDFClient.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesDAEMON Toolsdaemon.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesJavajre6binjqs.exe
C:Documents and SettingsHummusData aplikacíMicrosoftmy-slide-show-picture.exe
C:Program FilesOpenOffice.org 3programsoffice.exe
C:Program FilesOpenOffice.org 3programsoffice.bin
C:3dsmax9mentalraysatelliteraysat_3dsmax9_32server.exe
C:WINDOWSsystem32PDFCreatorMessages.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesLogitechQuickCam10COCIManager.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesMaxthon3BinMaxthon.exe
C:Program FilesMaxthon3BinMaxthon.exe
C:Program FilesMaxthon3BinMaxthon.exe
C:Program FilesMaxthon3BinMxDownloader.exe
C:totalcmdTOTALCMD.EXE
D:!DownloadRSIT.exe
C:Program Filestrend microHummus.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://qip.ru
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.centrum.cz/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:Documents and SettingsHummusData aplikacíMicrosoftInternet Explorerqipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:Documents and SettingsHummusData aplikacíMicrosoftInternet Explorerqipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O4 - HKLM..Run: [LogitechCommunicationsManager] "C:Program FilesCommon FilesLogitechLComMgrCommunications_Helper.exe"
O4 - HKLM..Run: [LogitechQuickCamRibbon] "C:Program FilesLogitechQuickCam10QuickCam10.exe" /hide
O4 - HKLM..Run: [LVCOMSX] "C:Program FilesCommon FilesLogitechLComMgrLVComSX.exe"
O4 - HKLM..Run: [PDFCreatorClient] C:Program FilesJawsSystemsJaws PDF CreatorPDFClient.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesCommon FilesJavaJava Updatejusched.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [nwiz] C:Program FilesNVIDIA CorporationnViewnwiz.exe /installquiet
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [egui] "C:Program FilesESETESET NOD32 Antivirusegui.exe" /hide /waitservice
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..Run: [Steam] "c:program filessteamsteam.exe" -silent
O4 - HKCU..Run: [EA Core] "C:Program FilesElectronic ArtsEADMCore.exe" -silent
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [QIP2005] C:Program FilesQIPqip.exe
O4 - HKCU..Run: [Window update] C:Documents and SettingsHummusData aplikacíMicrosoftmy-slide-show-picture.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:Program FilesOpenOffice.org 3programquickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5447157718
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553530000} - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSsystem32browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSsystem32browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:WINDOWSsystem32DRIVERSCDANTSRV.EXE
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6binjqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:program filescommon fileslogitechlvmvfmLVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:Program FilesCommon FilesLogitechSrvLnchSrvLnch.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:3dsmax9mentalraysatelliteraysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:WINDOWSsystem32PDFCreatorMessages.exe

--
End of file - 9557 bytes

======Scheduled tasks folder======

C:WINDOWStasksAd-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:PROGRA~1SPYBOT~1SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:Documents and SettingsHummusData aplikacíMicrosoftInternet Explorerqipsearchbar.dll [2009-10-05 150768]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:Program FilesJavajre6binjp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"LogitechCommunicationsManager"=C:Program FilesCommon FilesLogitechLComMgrCommunications_Helper.exe [2006-06-26 497200]
"LogitechQuickCamRibbon"=C:Program FilesLogitechQuickCam10QuickCam10.exe [2006-06-26 614960]
"LVCOMSX"=C:Program FilesCommon FilesLogitechLComMgrLVComSX.exe [2006-06-26 243248]
"PDFCreatorClient"=C:Program FilesJawsSystemsJaws PDF CreatorPDFClient.exe [2003-12-09 315392]
"SoundMan"=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
"Adobe Reader Speed Launcher"=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2010-06-09 976832]
"SunJavaUpdateSched"=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2010-05-14 248552]
"NeroFilterCheck"=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
"nwiz"=C:Program FilesNVIDIA CorporationnViewnwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:WINDOWSsystem32NvCpl.dll [2010-07-09 13923432]
"NvMediaCenter"=C:WINDOWSsystem32NvMcTray.dll [2010-07-09 110696]
"egui"=C:Program FilesESETESET NOD32 Antivirusegui.exe [2010-08-12 2215064]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
"DAEMON Tools"=C:Program FilesDAEMON Toolsdaemon.exe [2006-11-12 157592]
"SpybotSD TeaTimer"=C:Program FilesSpybot - Search & DestroyTeaTimer.exe [2009-03-05 2260480]
"Steam"=c:program filessteamsteam.exe [2010-08-24 1242448]
"EA Core"=C:Program FilesElectronic ArtsEADMCore.exe -silent []
"MSMSGS"=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
"QIP2005"=C:Program FilesQIPqip.exe []
"Window update"=C:Documents and SettingsHummusData aplikacíMicrosoftmy-slide-show-picture.exe [2010-09-25 105984]

C:Documents and SettingsAll UsersNabídka StartProgramyPo spuštění
Adobe Gamma Loader.lnk - C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

C:Documents and SettingsHummusNabídka StartProgramyPo spuštění
OpenOffice.org 3.2.lnk - C:Program FilesOpenOffice.org 3programquickstart.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalLavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkLavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
"%windir%Network Diagnosticxpnetdiag.exe"="%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:Program FilesMSN Messengermsncall.exe"="C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:3dsmax93dsmax.exe"="C:3dsmax93dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:Program FilesAutodeskBackburnermonitor.exe"="C:Program FilesAutodeskBackburnermonitor.exe:*:Enabled:backburner 2.3 monitor"
"C:Program FilesAutodeskBackburnermanager.exe"="C:Program FilesAutodeskBackburnermanager.exe:*:Enabled:backburner 2.3 manager"
"C:Program FilesAutodeskBackburnerserver.exe"="C:Program FilesAutodeskBackburnerserver.exe:*:Enabled:backburner 2.3 server"
"C:Program FilesCrazybumpCB.exe"="C:Program FilesCrazybumpCB.exe:*:Enabled:crazybump"
"D:HryGTA4RGSCRockstar Games Social ClubRGSCLauncher.exe"="D:HryGTA4RGSCRockstar Games Social ClubRGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:Program FilesSkypePlugin ManagerskypePM.exe"="C:Program FilesSkypePlugin ManagerskypePM.exe:*:Enabled:Skype Extras Manager"
"C:Program FilesSteamSteamAppscommonfootball manager 2009fm.exe"="C:Program FilesSteamSteamAppscommonfootball manager 2009fm.exe:*:Enabled:Football Manager 2009"
"C:Program Filessdc222StrongDC.exe"="C:Program Filessdc222StrongDC.exe:*:Enabled:StrongDC++"
"C:Program FilesVuzeAzureus.exe"="C:Program FilesVuzeAzureus.exe:*:Enabled:Azureus / Vuze"
"C:Program FilesMiranda IMmiranda32.exe"="C:Program FilesMiranda IMmiranda32.exe:*:Enabled:Miranda IM"
"C:Program FilesSkypePhoneSkype.exe"="C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
"%windir%Network Diagnosticxpnetdiag.exe"="%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:Program FilesMSN Messengermsncall.exe"="C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

======File associations======

.js - edit - "C:Program FilesMacromediaDreamweaver 8dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2010-10-03 23:18:11 ----D---- C:Program Filestrend micro
2010-10-03 23:18:10 ----D---- C:rsit
2010-10-01 19:28:26 ----D---- C:Documents and SettingsHummusData aplikacívlc
2010-09-25 22:26:14 ----A---- C:WINDOWSfileinfo.ini
2010-09-21 22:14:00 ----D---- C:Program FilesESET
2010-09-21 22:08:33 ----A---- C:WINDOWSsystem32driversepfwtdir.sys
2010-09-21 22:08:32 ----A---- C:WINDOWSsystem32driverseamon.sys
2010-09-21 22:08:31 ----A---- C:WINDOWSsystem32driversehdrv.sys
2010-09-19 09:50:51 ----D---- C:Program FilesMicrosoft Silverlight
2010-09-18 09:31:19 ----HDC---- C:WINDOWS$NtUninstallKB2121546$
2010-09-18 09:30:51 ----HDC---- C:WINDOWS$NtUninstallKB2259922$
2010-09-18 09:30:41 ----HDC---- C:WINDOWS$NtUninstallKB982802$
2010-09-18 09:30:30 ----HDC---- C:WINDOWS$NtUninstallKB2124261$
2010-09-18 09:30:20 ----HDC---- C:WINDOWS$NtUninstallKB981322$
2010-09-18 09:30:08 ----HDC---- C:WINDOWS$NtUninstallKB975558_WM8$
2010-09-18 09:29:52 ----HDC---- C:WINDOWS$NtUninstallKB2347290$
2010-09-17 20:22:19 ----D---- C:Documents and SettingsAll UsersData aplikacíNVIDIA Corporation
2010-09-17 20:21:15 ----A---- C:WINDOWSsystem32OpenCL.dll
2010-09-17 20:21:12 ----A---- C:WINDOWSsystem32nvcompiler.dll
2010-09-17 18:54:56 ----A---- C:WINDOWSsystem32XAudio2_7.dll
2010-09-17 18:54:56 ----A---- C:WINDOWSsystem32XAPOFX1_5.dll
2010-09-17 18:54:55 ----A---- C:WINDOWSsystem32xactengine3_7.dll
2010-09-17 18:54:55 ----A---- C:WINDOWSsystem32D3DCompiler_43.dll
2010-09-17 18:54:54 ----A---- C:WINDOWSsystem32d3dx11_43.dll
2010-09-17 18:54:54 ----A---- C:WINDOWSsystem32d3dcsx_43.dll
2010-09-17 18:54:53 ----A---- C:WINDOWSsystem32D3DX9_43.dll
2010-09-17 18:54:53 ----A---- C:WINDOWSsystem32d3dx10_43.dll
2010-09-17 18:54:52 ----A---- C:WINDOWSsystem32XAudio2_6.dll
2010-09-17 18:54:52 ----A---- C:WINDOWSsystem32XAPOFX1_4.dll
2010-09-17 18:54:52 ----A---- C:WINDOWSsystem32xactengine3_6.dll
2010-09-17 18:54:51 ----A---- C:WINDOWSsystem32X3DAudio1_7.dll
2010-09-12 21:31:55 ----D---- C:!3DSModels
2010-09-12 19:28:06 ----N---- C:WINDOWSsystem32driversimagesrv.sys
2010-09-12 19:28:06 ----N---- C:WINDOWSsystem32driversimagedrv.sys
2010-09-12 19:27:54 ----N---- C:WINDOWSsystem32picn20.dll
2010-09-12 19:27:54 ----A---- C:WINDOWSsystem32TwnLib20.dll
2010-09-12 19:27:40 ----D---- C:Program FilesCommon FilesAhead
2010-09-12 19:27:40 ----A---- C:WINDOWSsystem32NeroCheck.exe
2010-09-12 19:27:36 ----D---- C:Program FilesAhead
2010-09-12 18:18:04 ----D---- C:Program FilesMicrosoft.NET
2010-09-12 18:16:09 ----HDC---- C:WINDOWS$NtUninstallKB942288-v3$
2010-09-05 19:28:06 ----D---- C:Documents and SettingsHummusData aplikacíMiranda
2010-09-05 19:27:47 ----D---- C:Program FilesMiranda IM

======List of files/folders modified in the last 1 months======

2010-10-03 23:18:11 ----RD---- C:Program Files
2010-10-03 23:17:55 ----A---- C:WINDOWSwincmd.ini
2010-10-03 23:12:06 ----HD---- C:Program FilesInstallShield Installation Information
2010-10-03 22:42:31 ----D---- C:WINDOWSTemp
2010-10-03 22:34:11 ----D---- C:WINDOWSPrefetch
2010-10-03 20:38:31 ----D---- C:Documents and SettingsHummusData aplikacíSkype
2010-10-03 17:49:34 ----SD---- C:WINDOWSDownloaded Program Files
2010-10-03 17:41:42 ----D---- C:WINDOWSsystem32CatRoot2
2010-10-03 17:40:05 ----D---- C:Program FilesSteam
2010-10-03 15:27:50 ----A---- C:WINDOWSSchedLgU.Txt
2010-10-02 11:40:00 ----SHD---- C:WINDOWSCSC
2010-10-02 11:39:57 ----D---- C:WINDOWSMinidump
2010-10-02 11:39:57 ----D---- C:WINDOWS
2010-10-01 19:05:56 ----D---- C:Documents and SettingsHummusData aplikacídvdcss
2010-10-01 19:01:33 ----A---- C:WINDOWSNeroDigital.ini
2010-09-30 22:16:13 ----D---- C:3dsmax5
2010-09-26 19:56:45 ----D---- C:Documents and SettingsHummusData aplikacíAzureus
2010-09-25 22:28:52 ----HD---- C:WINDOWSinf
2010-09-25 22:28:52 ----D---- C:WINDOWSsystem32DirectX
2010-09-25 22:27:30 ----SHD---- C:WINDOWSInstaller
2010-09-25 22:27:30 ----D---- C:WINDOWSWinSxS
2010-09-25 22:25:30 ----SD---- C:Documents and SettingsHummusData aplikacíMicrosoft
2010-09-23 20:44:30 ----A---- C:WINDOWSWDICT32.INI
2010-09-23 20:44:15 ----A---- C:WINDOWSWTRAN32.INI
2010-09-21 22:14:25 ----D---- C:WINDOWSsystem32drivers
2010-09-21 22:08:35 ----D---- C:Documents and SettingsAll UsersData aplikacíESET
2010-09-19 09:50:59 ----SD---- C:Documents and SettingsAll UsersData aplikacíMicrosoft
2010-09-18 09:36:52 ----D---- C:WINDOWSsystem32
2010-09-18 09:31:20 ----RSHDC---- C:WINDOWSsystem32dllcache
2010-09-18 09:31:17 ----HD---- C:WINDOWS$hf_mig$
2010-09-18 09:30:55 ----A---- C:WINDOWSimsins.BAK
2010-09-17 20:23:09 ----D---- C:WINDOWSHelp
2010-09-17 20:23:09 ----D---- C:Program FilesNVIDIA Corporation
2010-09-17 18:54:20 ----RSD---- C:WINDOWSassembly
2010-09-17 18:53:50 ----D---- C:WINDOWSLogs
2010-09-17 18:17:56 ----D---- C:Program FilesWinRAR
2010-09-17 18:17:04 ----D---- C:Documents and SettingsHummusData aplikacíWinRAR
2010-09-16 17:58:49 ----D---- C:Program FilesVuze
2010-09-14 21:44:57 ----D---- C:Documents and SettingsHummusData aplikacíAdobe
2010-09-14 21:44:57 ----D---- C:Documents and SettingsAll UsersData aplikacíAdobe
2010-09-12 19:27:40 ----D---- C:Program FilesCommon Files
2010-09-12 19:24:35 ----D---- C:Documents and SettingsAll UsersData aplikacíNero
2010-09-12 19:12:07 ----D---- C:WINDOWSMicrosoft.NET
2010-09-12 18:34:10 ----D---- C:Documents and SettingsHummusData aplikacíNero
2010-09-12 18:16:15 ----D---- C:WINDOWSsystem32mui
2010-09-11 22:43:40 ----D---- C:Program FilesPEVSoft
2010-09-10 14:34:30 ----A---- C:WINDOWSsystem32MRT.exe
2010-09-05 19:40:33 ----D---- C:Program FilesQIP Infium

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:WINDOWSsystem32DRIVERSnv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:WINDOWSsystem32DRIVERSnvatabus.sys [2004-06-03 79360]
R0 PxHelp20;PxHelp20; C:WINDOWSSystem32DriversPxHelp20.sys [2007-03-08 43528]
R0 sptd;sptd; C:WINDOWSSystem32Driverssptd.sys [2009-05-30 646392]
R1 AmdK8;AMD Processor Driver; C:WINDOWSsystem32DRIVERSAmdK8.sys [2005-03-09 36352]
R1 ehdrv;ehdrv; C:WINDOWSsystem32DRIVERSehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2010-08-03 95896]
R2 eamon;eamon; C:WINDOWSsystem32DRIVERSeamon.sys [2010-08-04 140752]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-09-24 4122368]
R3 LVcKap;Logitech AEC Driver; C:WINDOWSsystem32DRIVERSLVcKap.sys [2006-06-26 1587632]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:WINDOWSsystem32driversLVPr2Mon.sys [2006-06-26 23472]
R3 LVUSBSta;Logitech USB Monitor Filter; C:WINDOWSsystem32driverslvusbsta.sys [2006-06-22 38960]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2010-07-10 10604128]
R3 pepifilter;Volume Adapter; C:WINDOWSsystem32DRIVERSlv302af.sys [2006-06-22 12080]
R3 PID_08A0;Logitech QuickCam IM(PID_08A0); C:WINDOWSsystem32DRIVERSLV302AV.SYS [2006-06-22 720176]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtlnicxp.sys [2004-07-16 70400]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
S0 Lbd;Lbd; C:WINDOWSsystem32DRIVERSLbd.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14592]
S3 aexb4jre;aexb4jre; C:WINDOWSsystem32driversaexb4jre.sys []
S3 CCDECODE;Dekodér Closed Caption; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 C-Dilla;C-Dilla; ??C:WINDOWSsystem32driversCDANT.SYS []
S3 GTwinUSB;GTwinUSB; C:WINDOWSSystem32DriversGTwinUSB.sys [2002-10-04 61776]
S3 HidUsb;Ovladač třídy standardu HID; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; ??C:Program FilesLavasoftAd-AwareKernExplorer.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:WINDOWSsystem32DRIVERSLVMVDrv.sys [2006-06-26 1952816]
S3 mouhid;Ovladač myši standardu HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 OlCamudp;OLYMPUS Digital Camera; C:WINDOWSSystem32Driversolcamudp.sys [2000-02-09 10379]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2009-06-08 72704]
R2 C-DillaSrv;C-DillaSrv; C:WINDOWSsystem32DRIVERSCDANTSRV.EXE [2002-07-18 46080]
R2 ekrn;ESET Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2010-08-12 810144]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2010-07-17 153376]
R2 LVPrcSrv;Logitech Process Monitor; c:program filescommon fileslogitechlvmvfmLVPrcSrv.exe [2006-06-26 99888]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:3dsmax9mentalraysatelliteraysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2010-07-09 155752]
R2 PDFCreatorMessages;PDFCreatorMessages; C:WINDOWSsystem32PDFCreatorMessages.exe [2003-12-09 139264]
S2 LVSrvLauncher;LVSrvLauncher; C:Program FilesCommon FilesLogitechSrvLnchSrvLnch.exe [2006-06-26 91696]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2009-06-01 68096]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2010-08-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 Movwquic;Movwquic; C:WINDOWSsystem32odbcad32.exe [2008-04-14 32768]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

------MBAM------

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verze databáze: 4736

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4.10.2010 0:20:35
mbam-log-2010-10-04 (00-20-35).txt

Typ skenu: Rychlý sken
Skenované objekty: 131431
Uplynulý čas: 5 minuta(y), 7 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[motji]

Hezké dopoledne
Řekla bych že tam ještě něco bude

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
-přejmenujte ho na žížala.com

[Jirkasima]

Dobry vecer, tady je vypis logu z ComboFixu:

ComboFix 10-10-03.03 - Hummus 04.10.2010 20:02:39.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1279.883 [GMT 2:00]
Spuštěný z: d:\!downl~1\ZIZALA.COM
AV: ESET NOD32 Antivirus 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Hummus\Data aplikací\Microsoft\my-slide-show-picture.exe
c:\program files\DaemonTools_WhenUSave_Installer
c:\windows\d.ini
c:\windows\Fonts\unins000.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-04 do 2010-10-04 )))))))))))))))))))))))))))))))
.

2010-10-04 17:44 . 2010-10-04 17:44 -------- d--h--w- c:\windows\PIF
2010-10-03 21:33 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-03 21:33 . 2010-10-03 21:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-03 21:33 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-03 21:18 . 2010-10-03 21:18 -------- d-----w- c:\program files\trend micro
2010-10-03 21:18 . 2010-10-03 21:18 -------- d-----w- C:\rsit
2010-09-21 20:14 . 2010-10-04 04:33 -------- d-----w- c:\program files\ESET
2010-09-21 20:08 . 2010-08-03 11:28 95896 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2010-09-21 20:08 . 2010-08-04 09:50 140752 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-09-21 20:08 . 2010-07-29 11:31 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-09-19 07:56 . 2010-10-04 17:46 678720 ----a-w- c:\documents and settings\Hummus\Data aplikací\Maxthon3\Temp\MxUp\7z.dll
2010-09-19 07:50 . 2010-09-19 07:50 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-17 18:22 . 2010-09-17 18:22 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-09-17 18:22 . 2010-09-17 18:22 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-09-17 18:22 . 2010-09-17 18:22 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-09-17 18:21 . 2010-07-09 22:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-09-17 18:21 . 2010-07-09 22:38 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2010-09-17 16:54 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-09-17 16:54 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-09-17 16:54 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-09-17 16:54 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-09-17 16:54 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-09-17 16:54 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-09-17 16:54 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-09-17 16:54 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-09-12 19:31 . 2010-09-29 21:30 -------- d-----w- C:\!3DSModels
2010-09-12 17:28 . 2004-03-03 19:30 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-09-12 17:28 . 2004-03-03 19:30 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-09-12 17:27 . 2001-06-26 06:15 38912 ------w- c:\windows\system32\picn20.dll
2010-09-12 17:27 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-09-12 17:27 . 2010-09-12 17:27 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-12 17:27 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-09-12 17:27 . 2010-09-12 17:27 -------- d-----w- c:\program files\Ahead
2010-09-12 16:18 . 2010-09-12 16:18 -------- d-----w- c:\program files\Microsoft.NET
2010-09-05 17:27 . 2010-09-05 17:27 -------- d-----w- c:\program files\Miranda IM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-04 17:22 . 2009-06-01 16:47 -------- d-----w- c:\program files\Steam
2010-10-03 21:12 . 2009-05-30 18:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-27 17:11 . 2010-03-20 19:20 1 ----a-w- c:\documents and settings\Hummus\Data aplikací\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-17 18:23 . 2009-06-01 16:43 -------- d-----w- c:\program files\NVIDIA Corporation
2010-09-16 15:58 . 2009-06-01 16:00 -------- d-----w- c:\program files\Vuze
2010-09-11 20:43 . 2009-07-26 21:09 -------- d-----w- c:\program files\PEVSoft
2010-09-05 17:40 . 2009-06-01 16:25 -------- d-----w- c:\program files\QIP Infium
2010-08-31 19:05 . 2009-05-30 20:41 -------- d-----w- c:\program files\Any DVD Converter Professional
2010-08-28 20:23 . 2010-08-28 20:23 310208 ----a-w- c:\documents and settings\Hummus\Data aplikací\Azureus\plugins\mlab\ShaperProbeC.exe
2010-08-28 10:10 . 2010-08-28 10:10 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-08-26 21:05 . 2009-05-30 19:08 -------- d-----w- c:\program files\Maxthon2
2010-08-26 20:59 . 2010-08-26 20:59 -------- d-----w- c:\program files\Maxthon3
2010-08-24 16:21 . 2009-05-30 19:12 -------- d-----w- c:\program files\Winamp
2010-08-21 07:21 . 2010-08-21 07:21 -------- d-----w- c:\program files\Common Files\Java
2010-08-21 07:21 . 2010-05-14 19:31 -------- d-----w- c:\program files\Java
2010-08-17 13:17 . 2008-04-14 07:52 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 19:17 . 2001-10-25 16:00 82372 ----a-w- c:\windows\system32\perfc005.dat
2010-08-16 19:17 . 2001-10-25 16:00 437558 ----a-w- c:\windows\system32\perfh005.dat
2010-08-06 16:57 . 2010-08-06 16:57 503808 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-337765cd-n\msvcp71.dll
2010-08-06 16:57 . 2010-08-06 16:57 499712 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-337765cd-n\jmc.dll
2010-08-06 16:57 . 2010-08-06 16:57 348160 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-337765cd-n\msvcr71.dll
2010-08-06 16:57 . 2010-08-06 16:57 61440 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-319d1b64-n\decora-sse.dll
2010-08-06 16:57 . 2010-08-06 16:57 12800 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-319d1b64-n\decora-d3d.dll
2010-07-22 15:46 . 2008-04-14 07:51 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-21 21:19 . 2010-07-21 21:19 5632 ------w- c:\windows\system32\xpsp4res.dll
2010-07-17 03:00 . 2010-05-14 19:32 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-09 22:38 . 2009-06-10 04:03 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2010-07-09 22:38 . 2009-06-10 04:03 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-07-09 22:38 . 2009-06-10 04:03 2195030 ----a-w- c:\windows\system32\nvdata.bin
2010-07-09 22:38 . 2009-05-30 18:38 604776 ----a-w- c:\windows\system32\nvudisp.exe
2010-07-09 22:38 . 2007-12-04 23:41 6343040 ----a-w- c:\windows\system32\nv4_disp.dll
2010-07-09 22:38 . 2007-12-04 23:41 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2010-07-09 22:38 . 2007-12-04 23:41 236136 ----a-w- c:\windows\system32\nvcodins.dll
2010-07-09 22:38 . 2007-12-04 23:41 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-09 22:38 . 2007-12-04 23:41 1388544 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:38 . 2007-12-04 23:41 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2010-07-09 22:38 . 2007-12-04 23:41 10604128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-07-09 14:24 . 2010-07-09 14:24 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-07-09 14:24 . 2010-07-09 14:24 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-07-09 14:24 . 2010-07-09 14:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:24 . 2010-07-09 14:24 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2010-07-09 14:24 . 2010-07-09 14:24 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-07-09 14:24 . 2010-07-09 14:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-07 11:46 . 2009-05-30 18:22 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Steam"="c:\program files\steam\steam.exe" [2010-08-24 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"PDFCreatorClient"="c:\program files\JawsSystems\Jaws PDF Creator\PDFClient.exe" [2003-12-09 315392]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Hummus\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-1 113664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\3dsmax9\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"d:\\Hry\\GTA4\\RGSC\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\football manager 2009\\fm.exe"=
"c:\\Program Files\\sdc222\\StrongDC.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.9.2010 22:08 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.9.2010 22:08 95896]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.8.2010 14:16 810144]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 GTwinUSB;GTwinUSB;c:\windows\system32\drivers\GTwinUSB.sys [4.1.2010 18:06 61776]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 Movwquic;Movwquic;c:\windows\system32\odbcad32.exe [14.4.2008 9:52 32768]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [30.5.2009 21:53 10379]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [30.5.2009 21:18 646392]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-QIP2005 - c:\program files\QIP\qip.exe
HKCU-Run-Window update - c:\documents and settings\Hummus\Data aplikací\Microsoft\my-slide-show-picture.exe
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe
AddRemove-{40BEB436-826B-4B40-BA4A-48BE66087DB1}_is1 - c:\windows\Fonts\unins000.exe


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1229272821-1202660629-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:26,bb,88,57,97,07,18,a8,e5,d0,f3,f8,d5,b5,65,e4,1b,a1,ed,69,a6,
bf,57,03,ef,b6,87,7c,e4,13,87,c9,4e,95,d3,39,d3,15,d1,60,9c,04,68,d5,47,af,\
"rkeysecu"=hex:d6,38,d7,56,b0,4d,ea,66,e6,bd,a4,56,fc,09,55,c8

[HKEY_LOCAL_MACHINE\System\ControlSet002\Enum\ACPI\PNP0F13\3&13c0b0c5&0\LogConf]
@DACL=(02 0000)
"BasicConfigVector"=hex(a):48,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,01,00,00,00,00,02,\
"BootConfig"=hex(8):01,00,00,00,0f,00,00,00,00,00,00,00,01,00,01,00,01,00,00,
00,02,01,01,00,0c,00,00,00,0c,00,00,00,ff,ff,ff,ff
.
Celkový čas: 2010-10-04 20:07:26
ComboFix-quarantined-files.txt 2010-10-04 18:07

Před spuštěním: 2 255 065 088
Po spuštění: 2 212 155 392

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - A6C8113A8DF84210ABDA01766C25BAE8

[motji]

Otestujte na www.virustotal.com

c:\windows\system32\odbcad32.exe
c:\windows\system32\drivers\imagedrv.sys

-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.

[Jirkasima]

Dobry vecer,

odbcad32.exe http://www.virustotal.com/file-scan/rep ... 1286308437

imagedrv.sys http://www.virustotal.com/file-scan/rep ... 1286309010

[motji]

Nelíbí se mi tu jedna služba napalená na legální soubor. Já vám ji smažu, ale může se stát, že nebude něco fungovat, to dopředu nevím.
Můžu ji smazat?

[Jirkasima]

Dobrý den,

klidně.

Mám ale dojem, že se problém se vyřešil použitím ComboFixu, teď už mi NOD32 problém nehlásí.

[motji]

To asi ano, ale tohle se mi prostě nelíbí , není to žádná legální služba .

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Driver::
Movwquic

Reglock::
[HKEY_LOCAL_MACHINE\System\ControlSet002\Enum\ACPI\PNP0F13\3&13c0b0c5&0\LogConf]

DDS::
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[Jirkasima]

Provedeno . Tady je log z ComboFixu:

ComboFix 10-10-05.06 - Hummus 06.10.2010 18:32:43.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1279.905 [GMT 2:00]
Spuštěný z: d:\!download\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Hummus\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Movwquic


((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.

2010-10-04 18:24 . 2010-10-04 18:24 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-10-04 17:49 . 2010-10-04 18:07 -------- d-----w- C:\zizala
2010-10-04 17:44 . 2010-10-04 17:44 -------- d--h--w- c:\windows\PIF
2010-10-03 21:33 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-03 21:33 . 2010-10-03 21:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-03 21:33 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-03 21:18 . 2010-10-03 21:18 -------- d-----w- c:\program files\trend micro
2010-10-03 21:18 . 2010-10-03 21:18 -------- d-----w- C:\rsit
2010-09-21 20:14 . 2010-10-04 04:33 -------- d-----w- c:\program files\ESET
2010-09-21 20:08 . 2010-08-03 11:28 95896 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2010-09-21 20:08 . 2010-08-04 09:50 140752 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-09-21 20:08 . 2010-07-29 11:31 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-09-19 07:56 . 2010-10-06 16:17 678720 ----a-w- c:\documents and settings\Hummus\Data aplikací\Maxthon3\Temp\MxUp\7z.dll
2010-09-19 07:50 . 2010-09-19 07:50 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-17 18:22 . 2010-09-17 18:22 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-09-17 18:22 . 2010-09-17 18:22 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-09-17 18:22 . 2010-09-17 18:22 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-09-17 18:21 . 2010-07-09 22:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-09-17 18:21 . 2010-07-09 22:38 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2010-09-17 16:54 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-09-17 16:54 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-09-17 16:54 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-09-17 16:54 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-09-17 16:54 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-09-17 16:54 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-09-17 16:54 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-09-17 16:54 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-09-17 16:54 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-09-12 19:31 . 2010-09-29 21:30 -------- d-----w- C:\!3DSModels
2010-09-12 17:28 . 2004-03-03 19:30 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-09-12 17:28 . 2004-03-03 19:30 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-09-12 17:27 . 2001-06-26 06:15 38912 ------w- c:\windows\system32\picn20.dll
2010-09-12 17:27 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-09-12 17:27 . 2010-09-12 17:27 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-12 17:27 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-09-12 17:27 . 2010-09-12 17:27 -------- d-----w- c:\program files\Ahead
2010-09-12 16:18 . 2010-09-12 16:18 -------- d-----w- c:\program files\Microsoft.NET

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-06 16:38 . 2009-06-01 16:47 -------- d-----w- c:\program files\Steam
2010-10-06 15:35 . 2009-06-01 15:21 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-05 13:45 . 2010-03-20 19:20 1 ----a-w- c:\documents and settings\Hummus\Data aplikací\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-10-04 18:24 . 2009-05-30 19:18 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-03 21:12 . 2009-05-30 18:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-17 18:23 . 2009-06-01 16:43 -------- d-----w- c:\program files\NVIDIA Corporation
2010-09-16 15:58 . 2009-06-01 16:00 -------- d-----w- c:\program files\Vuze
2010-09-11 20:43 . 2009-07-26 21:09 -------- d-----w- c:\program files\PEVSoft
2010-09-05 17:40 . 2009-06-01 16:25 -------- d-----w- c:\program files\QIP Infium
2010-09-05 17:27 . 2010-09-05 17:27 -------- d-----w- c:\program files\Miranda IM
2010-08-31 19:05 . 2009-05-30 20:41 -------- d-----w- c:\program files\Any DVD Converter Professional
2010-08-28 20:23 . 2010-08-28 20:23 310208 ----a-w- c:\documents and settings\Hummus\Data aplikací\Azureus\plugins\mlab\ShaperProbeC.exe
2010-08-28 10:10 . 2010-08-28 10:10 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-08-26 21:05 . 2009-05-30 19:08 -------- d-----w- c:\program files\Maxthon2
2010-08-26 20:59 . 2010-08-26 20:59 -------- d-----w- c:\program files\Maxthon3
2010-08-24 16:21 . 2009-05-30 19:12 -------- d-----w- c:\program files\Winamp
2010-08-21 07:21 . 2010-08-21 07:21 -------- d-----w- c:\program files\Common Files\Java
2010-08-21 07:21 . 2010-05-14 19:31 -------- d-----w- c:\program files\Java
2010-08-17 13:17 . 2008-04-14 07:52 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 19:17 . 2001-10-25 16:00 82372 ----a-w- c:\windows\system32\perfc005.dat
2010-08-16 19:17 . 2001-10-25 16:00 437558 ----a-w- c:\windows\system32\perfh005.dat
2010-08-06 16:57 . 2010-08-06 16:57 503808 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-337765cd-n\msvcp71.dll
2010-08-06 16:57 . 2010-08-06 16:57 499712 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-337765cd-n\jmc.dll
2010-08-06 16:57 . 2010-08-06 16:57 348160 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-337765cd-n\msvcr71.dll
2010-08-06 16:57 . 2010-08-06 16:57 61440 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-319d1b64-n\decora-sse.dll
2010-08-06 16:57 . 2010-08-06 16:57 12800 ----a-w- c:\documents and settings\Hummus\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-319d1b64-n\decora-d3d.dll
2010-07-22 15:46 . 2008-04-14 07:51 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-21 21:19 . 2010-07-21 21:19 5632 ------w- c:\windows\system32\xpsp4res.dll
2010-07-17 03:00 . 2010-05-14 19:32 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-09 22:38 . 2009-06-10 04:03 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2010-07-09 22:38 . 2009-06-10 04:03 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-07-09 22:38 . 2009-06-10 04:03 2195030 ----a-w- c:\windows\system32\nvdata.bin
2010-07-09 22:38 . 2009-05-30 18:38 604776 ----a-w- c:\windows\system32\nvudisp.exe
2010-07-09 22:38 . 2007-12-04 23:41 6343040 ----a-w- c:\windows\system32\nv4_disp.dll
2010-07-09 22:38 . 2007-12-04 23:41 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2010-07-09 22:38 . 2007-12-04 23:41 236136 ----a-w- c:\windows\system32\nvcodins.dll
2010-07-09 22:38 . 2007-12-04 23:41 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-09 22:38 . 2007-12-04 23:41 1388544 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:38 . 2007-12-04 23:41 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2010-07-09 22:38 . 2007-12-04 23:41 10604128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-07-09 14:24 . 2010-07-09 14:24 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-07-09 14:24 . 2010-07-09 14:24 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-07-09 14:24 . 2010-07-09 14:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:24 . 2010-07-09 14:24 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2010-07-09 14:24 . 2010-07-09 14:24 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-07-09 14:24 . 2010-07-09 14:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Steam"="c:\program files\steam\steam.exe" [2010-08-24 1242448]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"PDFCreatorClient"="c:\program files\JawsSystems\Jaws PDF Creator\PDFClient.exe" [2003-12-09 315392]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Hummus\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-1 113664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\3dsmax9\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"d:\\Hry\\GTA4\\RGSC\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\football manager 2009\\fm.exe"=
"c:\\Program Files\\sdc222\\StrongDC.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.9.2010 22:08 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.9.2010 22:08 95896]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.8.2010 14:16 810144]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 GTwinUSB;GTwinUSB;c:\windows\system32\drivers\GTwinUSB.sys [4.1.2010 18:06 61776]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [30.5.2009 21:53 10379]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [30.5.2009 21:18 691696]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1229272821-1202660629-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:26,bb,88,57,97,07,18,a8,e5,d0,f3,f8,d5,b5,65,e4,1b,a1,ed,69,a6,
bf,57,03,ef,b6,87,7c,e4,13,87,c9,4e,95,d3,39,d3,15,d1,60,9c,04,68,d5,47,af,\
"rkeysecu"=hex:d6,38,d7,56,b0,4d,ea,66,e6,bd,a4,56,fc,09,55,c8
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(6596)
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\windows\system32\DRIVERS\CDANTSRV.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\3dsmax9\mentalray\satellite\raysat_3dsmax9_32server.exe
c:\windows\system32\PDFCreatorMessages.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\system32\wscntfy.exe
c:\program files\Logitech\QuickCam10\COCIManager.exe
.
**************************************************************************
.
Celkový čas: 2010-10-06 18:44:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-06 16:44
ComboFix2.txt 2010-10-04 18:07

Před spuštěním: 2 023 047 168
Po spuštění: 1 873 362 944

- - End Of File - - DBC3275F96AE502EEB1014F807E54AF1

[motji]

Jak to vypadá s počítačem?
Ještě prosím otestujte na http://www.virustotal.com
c:\documents and settings\Hummus\Data aplikací\Maxthon3\Temp\MxUp\7z.dll

[Jirkasima]

Po použití comboFixu to vypadá dobře. NOD32 už žádné nové nakažené soubory nehlásí.

Tady je odkaz na Virus Total:
http://www.virustotal.com/file-scan/rep ... 1286397558

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[Jirkasima]

PC se chová dobře a vypadá, že je vše v pořádku.

tady je log z RSIT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:06:35, on 7.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\3dsmax9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\program files\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Maxthon3\Bin\MxDownloader.exe
D:\!Download\RSIT.exe
C:\Program Files\trend micro\Hummus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hummus\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hummus\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [PDFCreatorClient] C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5447157718
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553530000} - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\3dsmax9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe

--
End of file - 11351 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Hummus\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-10-05 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]
"LVCOMSX"=C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
"PDFCreatorClient"=C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe [2003-12-09 315392]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Steam"=c:\program files\steam\steam.exe [2010-08-24 1242448]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Documents and Settings\Hummus\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\3dsmax9\3dsmax.exe"="C:\3dsmax9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\SteamApps\common\football manager 2009\fm.exe"="C:\Program Files\Steam\SteamApps\common\football manager 2009\fm.exe:*:Enabled:Football Manager 2009"
"C:\Program Files\sdc222\StrongDC.exe"="C:\Program Files\sdc222\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2010-10-07 00:06:24 ----D---- C:\rsit
2010-10-06 23:54:07 ----D---- C:\Program Files\CCleaner
2010-10-06 18:55:48 ----SHD---- C:\RECYCLER
2010-10-06 17:34:30 ----D---- C:\Config.Msi
2010-10-04 20:23:45 ----D---- C:\Documents and Settings\Hummus\Data aplikací\DAEMON Tools Lite
2010-10-04 20:23:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-10-04 19:53:27 ----A---- C:\Boot.bak
2010-10-04 19:53:23 ----RASHD---- C:\cmdcons
2010-10-04 19:49:00 ----D---- C:\zizala
2010-10-04 19:44:57 ----HD---- C:\WINDOWS\PIF
2010-10-03 23:33:29 ----D---- C:\Documents and Settings\Hummus\Data aplikací\Malwarebytes
2010-10-03 23:33:22 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-10-03 23:33:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-10-03 23:33:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-10-03 23:33:20 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-10-03 23:18:11 ----D---- C:\Program Files\trend micro
2010-10-01 19:28:26 ----D---- C:\Documents and Settings\Hummus\Data aplikací\vlc
2010-09-25 22:26:14 ----A---- C:\WINDOWS\fileinfo.ini
2010-09-21 22:14:00 ----D---- C:\Program Files\ESET
2010-09-21 22:08:33 ----A---- C:\WINDOWS\system32\drivers\epfwtdir.sys
2010-09-21 22:08:32 ----A---- C:\WINDOWS\system32\drivers\eamon.sys
2010-09-21 22:08:31 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2010-09-19 09:50:51 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-18 09:31:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-18 09:30:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-18 09:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-18 09:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2124261$
2010-09-18 09:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-18 09:30:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-18 09:29:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-17 20:22:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2010-09-17 20:21:15 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-09-17 20:21:12 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-09-17 18:54:56 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-09-17 18:54:56 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-09-17 18:54:55 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-09-17 18:54:55 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-09-17 18:54:54 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-09-17 18:54:54 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-09-17 18:54:53 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-09-17 18:54:53 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-09-17 18:54:52 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-09-17 18:54:52 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-09-17 18:54:52 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-09-17 18:54:51 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-09-12 21:31:55 ----D---- C:\!3DSModels
2010-09-12 19:28:06 ----N---- C:\WINDOWS\system32\drivers\imagesrv.sys
2010-09-12 19:28:06 ----N---- C:\WINDOWS\system32\drivers\imagedrv.sys
2010-09-12 19:27:54 ----N---- C:\WINDOWS\system32\picn20.dll
2010-09-12 19:27:54 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2010-09-12 19:27:40 ----D---- C:\Program Files\Common Files\Ahead
2010-09-12 19:27:40 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-09-12 19:27:36 ----D---- C:\Program Files\Ahead
2010-09-12 18:18:04 ----D---- C:\Program Files\Microsoft.NET
2010-09-12 18:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$

======List of files/folders modified in the last 1 months======

2010-10-07 00:06:28 ----D---- C:\WINDOWS\Prefetch
2010-10-07 00:06:26 ----D---- C:\WINDOWS\Temp
2010-10-07 00:06:21 ----A---- C:\WINDOWS\wincmd.ini
2010-10-07 00:04:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-07 00:03:02 ----D---- C:\WINDOWS
2010-10-07 00:02:38 ----D---- C:\Program Files\Steam
2010-10-07 00:02:08 ----SHD---- C:\System Volume Information
2010-10-07 00:02:08 ----D---- C:\WINDOWS\system32\Restore
2010-10-07 00:00:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-06 23:55:25 ----D---- C:\WINDOWS\Debug
2010-10-06 23:55:25 ----D---- C:\Documents and Settings\Hummus\Data aplikací\Winamp
2010-10-06 23:55:25 ----D---- C:\Documents and Settings\Hummus\Data aplikací\Media Player Classic
2010-10-06 23:55:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-10-06 23:54:07 ----RD---- C:\Program Files
2010-10-06 23:51:51 ----D---- C:\WINDOWS\Minidump
2010-10-06 18:44:50 ----D---- C:\WINDOWS\system32\drivers
2010-10-06 18:39:03 ----A---- C:\WINDOWS\system.ini
2010-10-06 18:38:30 ----D---- C:\WINDOWS\system32\drivers\etc
2010-10-06 18:37:03 ----D---- C:\WINDOWS\system32\config
2010-10-06 18:35:55 ----D---- C:\WINDOWS\system32
2010-10-06 18:35:55 ----D---- C:\WINDOWS\AppPatch
2010-10-06 18:35:54 ----D---- C:\Program Files\Common Files
2010-10-06 17:35:16 ----SHD---- C:\WINDOWS\Installer
2010-10-06 17:35:05 ----D---- C:\Program Files\Common Files\Adobe
2010-10-06 17:35:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-10-06 17:34:56 ----D---- C:\Program Files\Adobe
2010-10-05 20:24:45 ----D---- C:\Documents and Settings\Hummus\Data aplikací\Skype
2010-10-05 18:54:04 ----SHD---- C:\WINDOWS\CSC
2010-10-04 20:29:14 ----HD---- C:\WINDOWS\inf
2010-10-04 20:06:36 ----SD---- C:\WINDOWS\Tasks
2010-10-04 20:05:30 ----RSD---- C:\WINDOWS\Fonts
2010-10-04 20:05:29 ----SD---- C:\Documents and Settings\Hummus\Data aplikací\Microsoft
2010-10-04 19:53:27 ----RASH---- C:\boot.ini
2010-10-03 23:12:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-03 17:49:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-10-01 19:05:56 ----D---- C:\Documents and Settings\Hummus\Data aplikací\dvdcss
2010-10-01 19:01:33 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-30 22:16:13 ----D---- C:\3dsmax5
2010-09-26 19:56:45 ----D---- C:\Documents and Settings\Hummus\Data aplikací\Azureus
2010-09-25 22:28:52 ----D---- C:\WINDOWS\system32\DirectX
2010-09-25 22:27:30 ----D---- C:\WINDOWS\WinSxS
2010-09-23 20:44:30 ----A---- C:\WINDOWS\WDICT32.INI
2010-09-23 20:44:15 ----A---- C:\WINDOWS\WTRAN32.INI
2010-09-21 22:08:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-09-19 09:50:59 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-09-18 09:31:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-18 09:31:17 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-17 20:23:09 ----D---- C:\WINDOWS\Help
2010-09-17 20:23:09 ----D---- C:\Program Files\NVIDIA Corporation
2010-09-17 18:54:20 ----RSD---- C:\WINDOWS\assembly
2010-09-17 18:53:50 ----D---- C:\WINDOWS\Logs
2010-09-17 18:17:56 ----D---- C:\Program Files\WinRAR
2010-09-17 18:17:04 ----D---- C:\Documents and Settings\Hummus\Data aplikací\WinRAR
2010-09-16 17:58:49 ----D---- C:\Program Files\Vuze
2010-09-14 21:44:57 ----D---- C:\Documents and Settings\Hummus\Data aplikací\Adobe
2010-09-12 19:24:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-09-12 19:12:07 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-12 18:34:10 ----D---- C:\Documents and Settings\Hummus\Data aplikací\Nero
2010-09-12 18:16:15 ----D---- C:\WINDOWS\system32\mui
2010-09-11 22:43:40 ----D---- C:\Program Files\PEVSoft
2010-09-10 14:34:30 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-06 691696]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\drivers\LVPr2Mon.sys [2006-06-26 23472]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-06-22 38960]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2006-06-22 12080]
R3 PID_08A0;Logitech QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2006-06-22 720176]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 au22qmov;au22qmov; C:\WINDOWS\system32\drivers\au22qmov.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 GTwinUSB;GTwinUSB; C:\WINDOWS\System32\Drivers\GTwinUSB.sys [2002-10-04 61776]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 OlCamudp;OLYMPUS Digital Camera; C:\WINDOWS\System32\Drivers\olcamudp.sys [2000-02-09 10379]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-06-08 72704]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2002-07-18 46080]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\3dsmax9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 PDFCreatorMessages;PDFCreatorMessages; C:\WINDOWS\system32\PDFCreatorMessages.exe [2003-12-09 139264]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [2006-06-26 91696]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-06-01 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

proč máte tolikrát spuštěný tento soubor?
C:\WINDOWS\system32\SNDVOL32.EXE
Měl by to být program na ovládání zvuku.

[Jirkasima]

Ano je to ovladání hlasitosti zvuku ve windows. Jen se mi stalo, že se to při kontrole nějak zaseklo a proto je spuštěn několikrát.