Pomalej pc padání mozilly (mozsqlite3.dll)

Zpráva

STAR · #1 Příspěvek od **STAR** » 25 dub 2011 09:44

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-04-25 10:43:24
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 31 GB (20%) free of 153 GB
Total RAM: 1023 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:43:30, on 25.4.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mythos-europe.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://googleads.g.doubleclick.net/aclk ... 7&jca=9894
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Windows] C:\Documents and Settings\Administrator\Data aplikací\System32\svchost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Documents and Settings\Administrator\Data aplikací\System32\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Documents and Settings\Administrator\Data aplikací\System32\svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.53.2.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5902 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2010-12-08 237681]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-26 1753192]
"Windows"=C:\Documents and Settings\Administrator\Data aplikací\System32\svchost.exe [2005-07-31 572928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Documents and Settings\Administrator\Data aplikací\System32\svchost.exe [2005-07-31 572928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Documents and Settings\Administrator\Data aplikací\System32\svchost.exe [2005-07-31 572928]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMHelp"=1
"NoStartMenuMFUprogramsList"=1
"NoStartMenuPinnedList"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\HRY\Steam\Steam.exe"="C:\HRY\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\HRY\torentor\uTorrent.exe"="C:\HRY\torentor\uTorrent.exe:*:Enabled:µTorrent"
"C:\HRY\Riot Games\League of Legends\air\LolClient.exe"="C:\HRY\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\HRY\Riot Games\League of Legends\game\League of Legends.exe"="C:\HRY\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\HRY\Steam\steamapps\jarous1337\day of defeat source\hl2.exe"="C:\HRY\Steam\steamapps\jarous1337\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source"
"C:\Program Files\KabodOnline\Kabod.exe"="C:\Program Files\KabodOnline\Kabod.exe:*:Enabled:Game"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Riot Games\League of Legends\air\LolClient.exe"="C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Riot Games\League of Legends\game\League of Legends.exe"="C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Program Files\eFusion\BlackShot\system\blackshot.exe"="C:\Program Files\eFusion\BlackShot\system\blackshot.exe:*:Enabled:BlackShot"
"C:\Documents and Settings\Administrator\Local Settings\Temp\7ZipSfx.000\CF_Downloader.exe"="C:\Documents and Settings\Administrator\Local Settings\Temp\7ZipSfx.000\CF_Downloader.exe:*:Enabled:PT2Downloader"
"C:\HRY\Steam\steamapps\jarous1337\counter-strike\hl.exe"="C:\HRY\Steam\steamapps\jarous1337\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-04-25 10:43:24 ----D---- C:\Program Files\trend micro
2011-04-24 23:22:05 ----SHD---- C:\Config.Msi
2011-04-24 23:20:45 ----D---- C:\WINDOWS\pss
2011-04-24 22:51:21 ----D---- C:\CFLog
2011-04-24 22:44:41 ----D---- C:\Program Files\Z8Games
2011-04-24 21:13:58 ----D---- C:\Program Files\Chat Republic Games
2011-04-24 21:13:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Chat Republic Games
2011-04-24 18:42:08 ----D---- C:\Program Files\Endless Ages
2011-04-23 12:26:59 ----A---- C:\WINDOWS\system32\npptNT2.sys
2011-04-23 12:26:58 ----D---- C:\Program Files\Common Files\INCA Shared
2011-04-23 12:15:38 ----D---- C:\Program Files\eFusion
2011-04-18 16:18:59 ----RHD---- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
2011-04-18 16:18:58 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2011-04-16 16:33:27 ----AD---- C:\Program Files\MicroVolts
2011-04-16 14:35:24 ----D---- C:\alaplaya
2011-04-09 23:05:57 ----D---- C:\Program Files\SplitMediaLabs
2011-04-09 23:02:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\SplitMediaLabs
2011-04-07 21:01:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-04-07 20:59:54 ----D---- C:\Riot Games
2011-04-03 03:05:47 ----D---- C:\Program Files\LS
2011-04-02 00:50:01 ----D---- C:\AeriaGames
2011-04-02 00:44:36 ----D---- C:\Program Files\Common Files\Akamai
2011-03-29 14:38:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
2011-03-29 14:38:24 ----D---- C:\Program Files\TeamViewer
2011-03-29 14:32:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Cybele Software
2011-03-28 18:05:20 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
2011-03-27 14:01:02 ----A---- C:\WINDOWS\CoD.INI
2011-03-27 13:59:35 ----D---- C:\Program Files\Call of Duty
2011-03-26 10:37:19 ----D---- C:\Program Files\HoN Lan UB 2.5 Edition

======List of files/folders modified in the last 1 months======

2011-04-25 10:43:25 ----D---- C:\WINDOWS\Prefetch
2011-04-25 10:43:24 ----RD---- C:\Program Files
2011-04-25 10:37:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Orbit
2011-04-25 10:36:56 ----D---- C:\WINDOWS\temp
2011-04-25 00:03:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-24 23:43:21 ----D---- C:\Program Files\Mozilla Firefox
2011-04-24 23:43:04 ----D---- C:\Downloads
2011-04-24 23:41:35 ----D---- C:\WINDOWS\system32\Macromed
2011-04-24 23:39:48 ----D---- C:\WINDOWS
2011-04-24 23:29:30 ----D---- C:\Program Files\EA SPORTS
2011-04-24 23:28:45 ----D---- C:\Program Files\PokerStars.NET
2011-04-24 23:27:10 ----D---- C:\Program Files\Full Tilt Poker
2011-04-24 23:25:57 ----D---- C:\Program Files\Hamachi
2011-04-24 23:25:03 ----SHD---- C:\WINDOWS\Installer
2011-04-24 23:24:56 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-24 23:22:06 ----HD---- C:\WINDOWS\system32
2011-04-24 23:22:03 ----HD---- C:\WINDOWS\inf
2011-04-24 11:12:07 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-23 12:45:09 ----HD---- C:\WINDOWS\system32\drivers
2011-04-23 12:26:58 ----D---- C:\Program Files\Common Files
2011-04-23 09:23:04 ----D---- C:\Documents and Settings\Administrator\Data aplikací\XnView
2011-04-18 16:18:38 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-04-17 21:01:53 ----D---- C:\Program Files\KabodOnline
2011-04-13 22:20:04 ----D---- C:\WINDOWS\system32\DirectX
2011-04-12 22:17:08 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-04-07 21:01:35 ----D---- C:\Program Files\Pando Networks
2011-04-03 17:58:30 ----D---- C:\WINDOWS\Minidump
2011-04-02 00:45:44 ----D---- C:\WINDOWS\WinSxS
2011-03-28 17:44:22 ----RSD---- C:\WINDOWS\assembly
2011-03-27 11:24:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-26 20:26:57 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2011-03-26 11:47:15 ----D---- C:\Program Files\GamersFirst
2011-03-26 11:46:40 ----D---- C:\Program Files\Carnivores 2
2011-03-26 11:35:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-03-26 11:31:25 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Hamachi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R2 Htsysm;Htsysm; \??\C:\WINDOWS\system32\HtsysmNT.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-16 9623680]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2007-02-06 90880]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\WINDOWS\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\WINDOWS\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-17 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2010-04-06 25864]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\HRY\garena\safedrv.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-03-10 25280]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2010-04-06 23048]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SkyShield;SkyShield; \??\C:\Documents and Settings\Administrator\Plocha\myko\SkyShield.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 XDva385;XDva385; \??\C:\WINDOWS\system32\XDva385.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-03-26 75136]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-04-12 214520]
S2 PowerManager;Power Manager; C:\WINDOWS\svchost.exe [2001-08-24 36352]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-14 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2011-04-05 4060984]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **cernohous13** » 25 dub 2011 09:56

Zdravím,

pro začátek

Stáhni a nainstaluj MBAM zde http://www.download.com/Malwarebytes-An ... tag=button
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

STAR · #3 Příspěvek od **STAR** » 25 dub 2011 10:04

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6439

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

25.4.2011 11:04:43
mbam-log-2011-04-25 (11-04-41).txt

Typ kontroly: Rychlý test
Testované objekty: 144503
Uplynulý čas: 3 minut, 15 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{2JD6666S-0P63-XE73-353B-LN0UU43O4O27} (Trojan.PWS) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2JD6666S-0P63-XE73-353B-LN0UU43O4O27} (Trojan.PWS) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PowerManager (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows (Trojan.PWS) -> Value: Windows -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.PWS) -> Value: Policies -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.PWS) -> Value: Policies -> No action taken.

Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\administrator\data aplikací\System32\svchost.exe (Trojan.PWS) -> No action taken.
c:\WINDOWS\svchost.exe (Trojan.Agent) -> No action taken.

#4 Příspěvek od **cernohous13** » 25 dub 2011 10:11

MBAM spustit znovu - dát Úplná kontrola
po ukončení -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Infikované adresáře:
C:\Program Files\xxxxxx -> Quarantined and deleted successfully.
ten bych taky rád viděl

STAR · #5 Příspěvek od **STAR** » 25 dub 2011 11:04

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6439

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

25.4.2011 12:04:17
mbam-log-2011-04-25 (12-04-17).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 185885
Uplynulý čas: 50 minut, 58 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 2
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{2JD6666S-0P63-XE73-353B-LN0UU43O4O27} (Trojan.PWS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2JD6666S-0P63-XE73-353B-LN0UU43O4O27} (Trojan.PWS) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows (Trojan.PWS) -> Value: Windows -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.PWS) -> Value: Policies -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.PWS) -> Value: Policies -> Quarantined and deleted successfully.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\administrator\data aplikací\System32\svchost.exe (Trojan.PWS) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\local settings\data aplikací\Xenocode\Sandbox\1.0.0.0\2011.03.18t16.15\Virtual\MODIFIED\@startupcommon@\assassins creed brotherhood keygen .exe (Trojan.PWS) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\Plocha\counter-strike source\bin\steamclient.dll (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.

#6 Příspěvek od **cernohous13** » 25 dub 2011 15:16

Ještě nějaký problém?
Co bylo vidět v logu, tak MBAM odstranil.

VIRY.CZ

Pomalej pc padání mozilly (mozsqlite3.dll)

Pomalej pc padání mozilly (mozsqlite3.dll)

Re: Pomalej pc padání mozilly (mozsqlite3.dll)

Re: Pomalej pc padání mozilly (mozsqlite3.dll)

Re: Pomalej pc padání mozilly (mozsqlite3.dll)

Re: Pomalej pc padání mozilly (mozsqlite3.dll)

Re: Pomalej pc padání mozilly (mozsqlite3.dll)