Outlook odesílá maily, které nikde nejsou vidět...

[blues.jo]

čas od času se při odesílání emailu objeví dole "odesílání 1 zprávy z X", přičemž X je větší než počet odesílaných zpráv... většinou o jednu, někdy i o více... ve složce zprávy k odeslání žádný mail navíc není a nikde se nedá dohledat... (XP SP3, Outlook 2003) ...

[Marek-26]

Vložte prosím log z RSIT

[blues.jo]

Logfile of random's system information tool 1.08 (written by random/random)
Run by jindřich at 2010-11-25 15:56:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (7%) free of 31 GB
Total RAM: 1279 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:56:36, on 25.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ConMet\ConMet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\internet explorer\iexplore.exe
C:\totalcmd\TOTALCMD.EXE
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\jindřich.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [Connection Meter®] C:\Program Files\ConMet\ConMet.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} (CSOBEnroll Class) - https://maxibps.postovnisporitelna.cz/C ... Enroll.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

--
End of file - 8579 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{B1DB0789-4E9C-4A6E-AA9F-6305ABF2AFBB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-08-17 1062184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2009-01-01 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2009-01-01 491520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OSSelectorReinstall"=C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2007-03-15 2225208]
"mouseElf"=C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE [2002-08-20 172032]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2008-07-04 333120]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Connection Meter®"=C:\Program Files\ConMet\ConMet.exe [2010-11-21 4173312]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"mRouterConfig"=C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x63010000
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2010-11-25 15:56:26 ----D---- C:\rsit
2010-11-15 20:33:19 ----A---- C:\WINDOWS\system32\sipr3260.dll
2010-11-15 20:33:19 ----A---- C:\WINDOWS\system32\Pncrt.dll
2010-11-15 20:33:19 ----A---- C:\WINDOWS\system32\drv43260.dll
2010-11-15 20:33:19 ----A---- C:\WINDOWS\system32\drv33260.dll
2010-11-15 20:33:19 ----A---- C:\WINDOWS\system32\drv23260.dll
2010-11-15 20:33:18 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-11-15 20:33:18 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2010-11-15 20:33:18 ----A---- C:\WINDOWS\system32\cook3260.dll
2010-11-15 20:33:09 ----D---- C:\Program Files\VSO
2010-10-29 19:04:46 ----D---- C:\Program Files\Imagenomic

======List of files/folders modified in the last 1 months======

2010-11-25 15:56:34 ----D---- C:\WINDOWS\temp
2010-11-25 15:56:33 ----D---- C:\WINDOWS\Prefetch
2010-11-25 15:56:33 ----D---- C:\Program Files\trend micro
2010-11-25 15:56:13 ----A---- C:\WINDOWS\wincmd.ini
2010-11-25 15:55:37 ----D---- C:\Downloads
2010-11-25 15:27:27 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-25 14:46:48 ----D---- C:\Documents and Settings\jindřich\Data aplikací\vlc
2010-11-25 14:38:07 ----D---- C:\Documents and Settings\jindřich\Data aplikací\ConMet
2010-11-25 14:37:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2010-11-25 08:04:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-22 23:50:14 ----A---- C:\WINDOWS\WDICT32.INI
2010-11-22 23:20:06 ----AD---- C:\WINDOWS
2010-11-22 17:03:44 ----D---- C:\Documents and Settings\jindřich\Data aplikací\uTorrent
2010-11-21 22:30:13 ----D---- C:\Program Files\Mozilla Firefox
2010-11-21 21:59:02 ----D---- C:\Program Files\ConMet
2010-11-17 22:28:30 ----D---- C:\Program Files\Avidemux 2.5
2010-11-17 17:38:11 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-11-16 18:28:41 ----D---- C:\WINDOWS\Minidump
2010-11-15 20:36:34 ----D---- C:\Documents and Settings\jindřich\Data aplikací\Vso
2010-11-15 20:33:19 ----D---- C:\WINDOWS\system32
2010-11-15 20:33:09 ----RD---- C:\Program Files
2010-11-15 10:47:23 ----SD---- C:\WINDOWS\Tasks
2010-11-13 15:30:19 ----D---- C:\WINDOWS\system32\drivers
2010-11-11 20:16:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-10 15:34:01 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-08 15:30:35 ----D---- C:\Documents and Settings\jindřich\Data aplikací\dvdcss
2010-10-29 19:05:27 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2010-10-29 19:04:50 ----SHD---- C:\WINDOWS\Installer
2010-10-27 06:27:34 ----HD---- C:\WINDOWS\inf

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-07-12 64288]
R0 PenClass;Pen Class; C:\WINDOWS\system32\Drivers\Penclass.sys [2001-04-09 8138]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 snapman380;Acronis Snapshots Manager (Build 380); C:\WINDOWS\system32\DRIVERS\snman380.sys [2008-12-31 134272]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-01 691696]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2009-01-29 33408]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-12-08 31488]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-12-08 33792]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 Cap7134;VideoWonder ProTV WDM Video Capture; C:\WINDOWS\system32\DRIVERS\TVCap.sys [2004-06-29 307712]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2002-05-29 7812]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-03-07 47360]
R3 PhTVTune;VideoWonder ProTV WDM TVTuner; C:\WINDOWS\system32\DRIVERS\Silicon.sys [2004-06-30 21888]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-06-13 27632]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-12-08 103936]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]
S3 azi3xkri;azi3xkri; C:\WINDOWS\system32\drivers\azi3xkri.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
S3 FTDIBUS;SEMC DSS SyncStation Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTLUND;Lundinova Filter Driver; C:\WINDOWS\system32\drivers\ftlund.sys [2004-01-19 6828]
S3 FTSER2K;SEMC DSS SyncStation Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-12-08 1072640]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
S2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-13 1375992]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-10 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2009-01-29 145504]
S4 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2006-08-11 200704]
S4 CMService;Connection Meter Service; C:\Program Files\ConMet\CMService.exe [2008-12-31 71680]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
S4 MSR Service;Virtual Disk Service Manager; C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe [2009-12-30 114688]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-11 1488128]
S4 TabletService;TabletService; C:\WINDOWS\system32\Tablet.exe [2002-06-14 561152]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-01-18 67056]

-----------------EOF-----------------

[Marek-26]

Postupujte dále dle tohoto:
http://www.bleepingcomputer.com/combofi ... t-combofix

[blues.jo]

ComboFix 10-11-25.01 - jindřich 26.11.2010 6:38.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1279.832 [GMT 1:00]
Spuštěný z: c:\documents and settings\jindřich\Plocha\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\cleansweep.exe
c:\cleansweep.exe\config.bin

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-26 do 2010-11-26 )))))))))))))))))))))))))))))))
.

2010-11-25 14:56 . 2010-11-25 14:56 -------- d-----w- C:\rsit
2010-11-15 19:33 . 2010-02-09 15:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2010-11-15 19:33 . 2010-02-09 15:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2010-11-15 19:33 . 2010-02-09 15:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2010-11-15 19:33 . 2010-02-09 15:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2010-11-15 19:33 . 2010-02-09 15:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2010-11-15 19:33 . 2010-02-09 15:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2010-11-15 19:33 . 2010-02-09 15:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-11-15 19:33 . 2010-11-15 19:33 -------- d-----w- c:\program files\VSO
2010-10-29 18:04 . 2010-10-29 18:04 -------- d-----w- c:\program files\Imagenomic

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-13 14:30 . 2009-11-06 09:39 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-09-18 10:23 . 2004-08-18 10:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-18 10:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-18 10:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-18 10:00 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2006-03-04 03:35 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2004-08-18 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2004-08-18 10:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:52 . 2004-08-18 10:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2004-08-18 10:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2009-06-25 05:36 . 2009-06-25 13:28 225792 ----a-w- c:\program files\websurf.browser.exe
2003-11-04 13:47 . 2009-01-01 12:32 159744 ----a-w- c:\program files\MenuEdit.exe
2003-04-29 18:46 . 2010-09-25 10:39 274944 ----a-w- c:\program files\ClonyXXL.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Connection Meter®"="c:\program files\ConMet\ConMet.exe" [2010-11-21 4173312]
"mRouterConfig"="c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" [2006-03-02 290816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2007-03-15 2225208]
"mouseElf"="c:\progra~1\GENIUS~1\GNETMOUS.EXE" [2002-08-20 172032]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-07-04 333120]
"SoundMan"="SOUNDMAN.EXE" [2005-02-23 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\r:\0autocheck autochk *\0lsdelete\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\documents and settings\jindřich\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11291:TCP"= 11291:TCP:BitComet 11291 TCP
"11291:UDP"= 11291:UDP:BitComet 11291 UDP
"23291:TCP"= 23291:TCP:BitComet 23291 TCP
"23291:UDP"= 23291:UDP:BitComet 23291 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [11.4.2009 10:03 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1.1.2009 12:01 691696]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 8:21 468224]
R3 PhTVTune;VideoWonder ProTV WDM TVTuner;c:\windows\system32\drivers\Silicon.sys [4.1.2009 13:43 21888]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [13.6.2010 11:30 27632]
S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [4.1.2009 10:38 6828]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12.7.2010 9:55 1375992]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [14.8.2010 7:49 15264]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 12:37 517096]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S4 CMService;Connection Meter Service;c:\program files\ConMet\CMService.exe [31.12.2008 13:28 71680]
S4 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [26.4.2010 15:43 114688]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [29.10.2009 20:41 1021256]
.
Obsah adresáře 'Naplánované úlohy'

2010-11-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-07-12 14:29]

2010-11-26 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-29 19:46]

2010-11-26 c:\windows\Tasks\User_Feed_Synchronization-{B1DB0789-4E9C-4A6E-AA9F-6305ABF2AFBB}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: postovnisporitelna.cz
DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} - hxxps://maxibps.postovnisporitelna.cz/Comp/CSOBEnroll.dll
FF - ProfilePath - c:\documents and settings\jindřich\Data aplikací\Mozilla\Firefox\Profiles\36t8uiby.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-26 06:52
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="98238F5ED0470221225377A53DF8CEC38316243F27E90C24DCF7B3F81EF8E940F26048EDD95D9DDDC6D3BA5E38364067FA46A592841C7EDC06FB40D7985518CEB57F82004709B5EE8823A0FA188E802ECE0FD17E57431CEA9C6A6A3A6FFAE132948A449F15736E077733F539C6650C4A0AEC598E159A5721CA68EA1C449CC97BF46BE9DC35688398D45859D82140EE2F6EBDC0D42881B0156E7BC883B092E8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A6A0AC4980AC7933BA7FD869164D679429216BD4DEE160463CCADFE7243B7A306FAA79753C1A1919848D9EF9C5FA344A193E87FC800C884D54F9E4310483012E2633145A02CF338C93AB5D822592E67A985349896E7036B094FD817631A63089C9E9C326190198D5E993E63CBE8EB57C3558E77650AF206A2C6C13B84675B551CA203180A94D153BD6F34B156E78A06B3F797F955462200A8C0E5FCE61B368A95B5C69E4664213966FAF804A9550CFF4CC978B0B2C93B7B36B620D61A518BD4C735A5B2180E6A4540BDEE07019060CDA36C7714F8EC2881DC318A66D39D05304CD06DC583034FD75C6CD28706080C27419D1742FB362599353179C46C77C68B16985A582B197F89003F97983591A85ABD532C1CCD95894F41CF7C2117E2F60C90A2C52684570114DE29A59BC73A08CFE139AE61B42014BB46487CE489171C3D43686E2292D1568E9CD13317DA455AF80B96D54E433AB2D5AB649DC39373E3E6E39523DB9B0CD44B6F2024DFD64EE6D55754663C4F69A138161F06C05290820C62281A7DD1ED88B1BBE3561CAB018E7BAB8EE4D2C598477587569E12327AF5C2244BB4F3343E5CC0EE83181C3886D64FBB7E830612D167A23494E035BF2108BD9375B4626F21A391FE52D279A71034E7CECE88EFAC7ECDCB8F7F27C4BD3F2695955EDFDF98610A36D7514AF5A75DB31B193D7CE68029B07055FDC5CE614995721BDB751C658D2082E9585DCDB9EF440282FD0BBE73C2B030721C31873033856C454ADFBF6C86400AC8BD554D07F3B52FB82A6030F559480D124178509F1F5106D407A1DC73C3A4FC5DD8C1EBAAB8F5F60985BB846B3C7520C92776017396FD0D6EC7DBA4D983C59E8D9E4A8743CC9079B3E2951CBC1A8EE71D93BC6DEB2B4075207483D6E4B48271D904D46A7CDB38908047B27AEEB8C70522BEABEF5BCC948438523EFE5422EE5FAD3EA2AD40189CE93BF73FAD4A53F9790FE44ADC6BA26CB219C0604C0F235E42F3E95EECF7BFE5EBF89E56CF6627F46A48EB8608D92B6EB7A48210DE4D3941CFCAA561340E3BA6824BFDA04A11D018398576E05DD2FDA2B6DC8D68486E07AA337B8EE76226754BDEA020F2B36D36A7A0C9CBEB09C00662C2F9F"
.
Celkový čas: 2010-11-26 06:55:12
ComboFix-quarantined-files.txt 2010-11-26 05:54

Před spuštěním: 2 182 873 088
Po spuštění: 4 019 732 480

- - End Of File - - B8EBA963D987881806D87C9AE859B84D

[Marek-26]

Toto mi otestujte na virustotal.com
c:\program files\websurf.browser.exe
a vložte sem odkaz na výsledek

Odinstalujte Ad-Aware. Klikněte na MBAM v mém podpisu a postupujte dle návodu. Zvolte "úplný scan"

[blues.jo]

File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:

MD5: de94c7cd08970119a9667532b43b7ff3
Date first seen: 2008-09-22 19:44:02 (UTC)
Date last seen: 2010-04-11 17:10:50 (UTC)
Detection ratio: 2/39

What do you wish to do?

a minulý report:

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: websurf.exe
Submission date: 2010-04-11 17:10:50 (UTC)
Current status: finished
Result: 2 /39 (5.1%)
VT Community

not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.04.11 -
AhnLab-V3 5.0.0.2 2010.04.10 -
AntiVir 7.10.6.55 2010.04.09 -
Antiy-AVL 2.0.3.7 2010.04.09 -
Authentium 5.2.0.5 2010.04.11 -
Avast 4.8.1351.0 2010.04.11 -
Avast5 5.0.332.0 2010.04.11 -
AVG 9.0.0.787 2010.04.11 -
BitDefender 7.2 2010.04.11 -
CAT-QuickHeal 10.00 2010.04.10 -
ClamAV 0.96.0.3-git 2010.04.11 -
Comodo 4569 2010.04.11 -
DrWeb 5.0.2.03300 2010.04.11 -
eSafe 7.0.17.0 2010.04.11 -
eTrust-Vet 35.2.7418 2010.04.09 -
F-Prot 4.5.1.85 2010.04.11 -
F-Secure 9.0.15370.0 2010.04.11 -
Fortinet 4.0.14.0 2010.04.10 -
GData 19 2010.04.11 -
Ikarus T3.1.1.80.0 2010.04.11 -
Jiangmin 13.0.900 2010.04.11 -
Kaspersky 7.0.0.125 2010.04.11 -
McAfee-GW-Edition 6.8.5 2010.04.11 Heuristic.LooksLike.Win32.Suspicious.C
Microsoft 1.5605 2010.04.11 -
NOD32 5017 2010.04.11 -
Norman 6.04.11 2010.04.10 -
nProtect 2009.1.8.0 2010.04.06 -
Panda 10.0.2.2 2010.04.11 -
PCTools 7.0.3.5 2010.04.11 -
Prevx 3.0 2010.04.11 Medium Risk Malware
Rising 22.42.06.04 2010.04.11 -
Sophos 4.52.0 2010.04.11 -
Sunbelt 6163 2010.04.11 -
Symantec 20091.2.0.41 2010.04.11 -
TheHacker 6.5.2.0.259 2010.04.11 -
TrendMicro 9.120.0.1004 2010.04.11 -
VBA32 3.12.12.4 2010.04.09 -
ViRobot 2010.4.10.2270 2010.04.10 -
VirusBuster 5.0.27.0 2010.04.11 -
Additional informationShow all
MD5 : de94c7cd08970119a9667532b43b7ff3
SHA1 : 46fac95157760e0db78854ff7529bdba3ead79ac
SHA256: df5b8b5bc92fe1fe2faadf6e0c3c436752254f07461bc37386cf8fecffabeecb
ssdeep: 3072:0WNfGKKUSaLvyBX2f9IRB+Iibc6SthEiZ0FRVh+N9rf0mJvXf5wy8uGMVbC/scAe:GCS4y
F2f2fLio6uCiZm5+bnX5VbeSz
File size : 225792 bytes
First seen: 2008-09-22 19:44:02
Last seen : 2010-04-11 17:10:50
Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID:
38.5% (.EXE) UPX compressed Win32 Executable (30569/9/7)
33.4% (.EXE) Win32 EXE Yoda's Crypter (26569/9/4)
10.7% (.EXE) Win32 Executable Generic (8527/13/3)
9.5% (.DLL) Win32 Dynamic Link Library (generic) (7583/30/2)
2.6% (.EXE) Win16/32 Executable Delphi generic (2072/23)
sigcheck:
publisher....:
copyright....:
product......:
description..:
original name:
internal name:
file version.: 1.0.0.0
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

PEiD: -
packers (F-Prot): UPX
packers (Kaspersky): PE_Patch.UPX, UPX
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x95AD0
timedatestamp....: 0x2A425E19 (Fri Jun 19 22:22:17 1992)
machinetype......: 0x14C (Intel I386)

[[ 3 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
UPX0, 0x1000, 0x60000, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
UPX1, 0x61000, 0x35000, 0x34E00, 7.93, e3b8daf7cb33b615d8e16d60e7556d9d
.rsrc, 0x96000, 0x2000, 0x2000, 4.48, 086c8d7de39c6a2b140f117986426e66

[[ 9 import(s) ]]
advapi32.dll: RegCloseKey
comctl32.dll: ImageList_Add
gdi32.dll: SaveDC
kernel32.dll: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess
msimg32.dll: GradientFill
ole32.dll: OleDraw
oleaut32.dll: VariantCopy
user32.dll: GetDC
version.dll: VerQueryValueA

Prevx Info:
http://info.prevx.com/aboutprogramtext. ... 00573FFBF6


VT Community

0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team

[Marek-26]

c:\program files\websurf.browser.exe - poprosím ještě jednou otestovat a dejte reanalyse

[blues.jo]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5194

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26.11.2010 20:45:19
mbam-log-2010-11-26 (20-45-19).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|F:\|G:\|H:\|)
Skenované objekty: 285571
Uplynulý čas: 51 minuta(y), 19 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 7

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
E:\Andrejka\.Movies\AV PROGS\BURNING\CloneCD\CloneCD_3.3.4\SetupCloneCD.exe (Trojan.Agent.CK) -> No action taken.
F:\zal\.PROGRAMY\CloneDVD3\3.6.1.0\crack\patch.exe (Trojan.Agent) -> No action taken.
F:\zal\.PROGRAMY\EASY CD-DA\EASY CD-DA 8\patch_8.0.1.2.exe (Trojan.Bancos) -> No action taken.
F:\zal\.PROGRAMY POUŽÍVANÉ\WinAmp 5.541 Build 2165 Pro All Languages\Plugins\DFX Audio Enhancer v8.360\keygen.exe (Trojan.Dropper.PGen) -> No action taken.
F:\zal\dvd\AV PROGS\EDITING\CloneDVD3\3.6.1.0\crack\patch.exe (Trojan.Agent) -> No action taken.
F:\zal\dvd\AV PROGS\EDITING\EASY CD-DA\EASY CD-DA 8\patch_8.0.1.2.exe (Trojan.Bancos) -> No action taken.
C:\Documents and Settings\jindřich\Data aplikací\avdrn.dat (Malware.Trace) -> No action taken.

[blues.jo]

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: websurf.browser.exe
Submission date: 2010-11-26 19:50:08 (UTC)
Current status: queued (#9) queued analysing finished


Result: 0/ 42 (0.0%)
VT Community

not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2010.11.26.02 2010.11.26 -
AntiVir 7.10.14.125 2010.11.26 -
Antiy-AVL 2.0.3.7 2010.11.26 -
Avast 4.8.1351.0 2010.11.26 -
Avast5 5.0.594.0 2010.11.26 -
AVG 9.0.0.851 2010.11.26 -
BitDefender 7.2 2010.11.26 -
CAT-QuickHeal 11.00 2010.11.26 -
ClamAV 0.96.4.0 2010.11.26 -
Command 5.2.11.5 2010.11.26 -
DrWeb 5.0.2.03300 2010.11.26 -
Emsisoft 5.0.0.50 2010.11.26 -
eSafe 7.0.17.0 2010.11.24 -
eTrust-Vet 36.1.8001 2010.11.26 -
F-Prot 4.6.2.117 2010.11.26 -
F-Secure 9.0.16160.0 2010.11.26 -
Fortinet 4.2.254.0 2010.11.26 -
GData 21 2010.11.26 -
Ikarus T3.1.1.90.0 2010.11.26 -
Jiangmin 13.0.900 2010.11.26 -
K7AntiVirus 9.69.3095 2010.11.26 -
Kaspersky 7.0.0.125 2010.11.26 -
McAfee 5.400.0.1158 2010.11.26 -
McAfee-GW-Edition 2010.1C 2010.11.26 -
Microsoft 1.6402 2010.11.26 -
NOD32 5652 2010.11.26 -
Norman 6.06.10 2010.11.26 -
nProtect 2010-11-26.01 2010.11.26 -
Panda 10.0.2.7 2010.11.26 -
PCTools 7.0.3.5 2010.11.26 -
Prevx 3.0 2010.11.26 -
Rising 22.75.03.04 2010.11.26 -
Sophos 4.60.0 2010.11.26 -
SUPERAntiSpyware 4.40.0.1006 2010.11.26 -
Symantec 20101.2.0.161 2010.11.26 -
TheHacker 6.7.0.1.091 2010.11.26 -
TrendMicro 9.120.0.1004 2010.11.26 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.26 -
VBA32 3.12.14.2 2010.11.26 -
VIPRE 7419 2010.11.26 -
ViRobot 2010.11.19.4158 2010.11.26 -
VirusBuster 13.6.62.0 2010.11.26 -
Additional informationShow all
MD5 : de94c7cd08970119a9667532b43b7ff3
SHA1 : 46fac95157760e0db78854ff7529bdba3ead79ac
SHA256: df5b8b5bc92fe1fe2faadf6e0c3c436752254f07461bc37386cf8fecffabeecb

[Marek-26]

Vše co našel MBAM smažte
Stále se v outlooku objevují ty hlášky?

[blues.jo]

tak to nevím... to se zjistí až časem, protože se to stává nepravidelně.....

[blues.jo]

od použití ComboFix nebo tak nějak se mi stále objevuje hláška (viz příloha) a pokud se dobře pamatuju, tak už se mi to objevovalo před časem a nepřestalo to, dokud jsem to neodsouhlasil.... jelikož netuším kdo a proč mi to chce změnit, tak se raději ptám, když mám tu příležitost... dík...

[blues.jo]

jo a výpis po smazání

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5194

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27.11.2010 4:10:47
mbam-log-2010-11-27 (04-10-47).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|F:\|G:\|H:\|)
Skenované objekty: 285571
Uplynulý čas: 51 minuta(y), 19 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 7

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
E:\Andrejka\.Movies\AV PROGS\BURNING\CloneCD\CloneCD_3.3.4\SetupCloneCD.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
F:\zal\.PROGRAMY\CloneDVD3\3.6.1.0\crack\patch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
F:\zal\.PROGRAMY\EASY CD-DA\EASY CD-DA 8\patch_8.0.1.2.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
F:\zal\.PROGRAMY POUŽÍVANÉ\WinAmp 5.541 Build 2165 Pro All Languages\Plugins\DFX Audio Enhancer v8.360\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
F:\zal\dvd\AV PROGS\EDITING\CloneDVD3\3.6.1.0\crack\patch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
F:\zal\dvd\AV PROGS\EDITING\EASY CD-DA\EASY CD-DA 8\patch_8.0.1.2.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
C:\Documents and Settings\jindřich\Data aplikací\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.

[Marek-26]

Klikněte ještě na T-Cleaner v mém podpisu a stáhněte tento soubor. Možná vám ho antivir označí jako škodlivý program ale nemusíte mít strach a udělte mu výjimku
Pokud na Vás opět vyskočí ta hláška klidně dejte Yes. Je to ten samý záznam jenom zkráceně zapsaný

V PC je podle všeho již čisto.