VIRY.CZ

Je skrytý, do toho spodního okénka nakopírujte celou cestu k souboru
C:\WINDOWS.0\Windows3.exe

do jakeho okenka mate na mysli?do toho virus total to nejde.
ted mi vyskocil trojan k C:\WINDOWS.0\Windows3.exe

jeste jeden dotaz. pri stahnuti pc tools firewall se stahuje i spyware doctor. snese se to s avastem? neni to jako dva antiviráky, který by se navzájem nesnesly, že ne?

Pokud Vám ho ještě antivir nesežral , tak ho otestujte. Do toho okénka, co je červeně zakroužkováno



Spyware doktora ale instalovat nemusíte . Ne, je to antispyware, ne antivir.

pokud tím okénkem myslíte to pro název souboru, tak mi to píše, že to nebylo nalezeno.

Nesebral Vám ho antivir? Poprosím o nový log ze Rsitu

Logfile of random's system information tool 1.06 (written by random/random)
Run by Hruškovi at 2010-04-11 23:32:37
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (15%) free of 111 GB
Total RAM: 1023 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:32:42, on 11.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS.0\SOUNDMAN.EXE
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS.0\VM305_STI.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\USB TV\EM28XX\BDARemote.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS.0\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Dokumenty\Pc-Tools-Firewall-Plus_6.0.0.88.exe
C:\DOCUME~1\HRUKOV~1.HRU\LOCALS~1\Temp\is-R1K6Q.tmp\Pc-Tools-Firewall-Plus_6.0.0.88.tmp
C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Plocha\RSIT.exe
C:\Program Files\trend micro\Hruškovi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS.0\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS.0\system32\HPZipm12.exe

--
End of file - 6487 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-05-30 808472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-05-30 808472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS.0\SOUNDMAN.EXE [2007-04-16 577536]
"Ptipbmf"=ptipbmf.dll,SetWriteCacheMode []
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2009-10-04 589824]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BigDog305"=C:\WINDOWS.0\VM305_STI.EXE [2007-04-09 57344]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users.WINDOWS.0\Nabídka Start\Programy\Po spuštění
BDARemote.lnk - C:\Program Files\USB TV\EM28XX\BDARemote.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Philips GoGear VIBE Device Manager.lnk - C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS.0\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS.0\system32\wmicvrts.exe"="C:\WINDOWS.0\system32\wmicvrts.exe:*:Enabled:DHCP Router"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-11 21:52:46 ----D---- C:\rsit
2010-04-11 21:52:46 ----D---- C:\Program Files\trend micro
2010-04-11 20:55:00 ----D---- C:\WINDOWS.0\Prefetch
2010-04-11 20:36:07 ----HDC---- C:\WINDOWS.0\$NtUninstallKB978706$
2010-04-11 20:35:59 ----HDC---- C:\WINDOWS.0\$NtUninstallKB978251$
2010-04-11 20:35:51 ----HDC---- C:\WINDOWS.0\$NtUninstallKB978037$
2010-04-11 20:35:45 ----HDC---- C:\WINDOWS.0\$NtUninstallKB977914$
2010-04-11 20:35:37 ----HDC---- C:\WINDOWS.0\$NtUninstallKB977165$
2010-04-11 20:35:25 ----HDC---- C:\WINDOWS.0\$NtUninstallKB975561$
2010-04-11 20:35:19 ----HDC---- C:\WINDOWS.0\$NtUninstallKB975560$
2010-04-11 20:35:13 ----HDC---- C:\WINDOWS.0\$NtUninstallKB975467$
2010-04-11 20:35:08 ----HDC---- C:\WINDOWS.0\$NtUninstallKB975025$
2010-04-11 20:35:03 ----HDC---- C:\WINDOWS.0\$NtUninstallKB974571$
2010-04-11 20:34:56 ----HDC---- C:\WINDOWS.0\$NtUninstallKB974392$
2010-04-11 20:34:50 ----HDC---- C:\WINDOWS.0\$NtUninstallKB974318$
2010-04-11 20:34:45 ----HDC---- C:\WINDOWS.0\$NtUninstallKB974112$
2010-04-11 20:34:39 ----HDC---- C:\WINDOWS.0\$NtUninstallKB973869$
2010-04-11 20:34:33 ----HDC---- C:\WINDOWS.0\$NtUninstallKB973815$
2010-04-11 20:34:28 ----HDC---- C:\WINDOWS.0\$NtUninstallKB973687$
2010-04-11 20:34:21 ----HDC---- C:\WINDOWS.0\$NtUninstallKB973507$
2010-04-11 20:34:14 ----HDC---- C:\WINDOWS.0\$NtUninstallKB973354$
2010-04-11 20:34:06 ----HDC---- C:\WINDOWS.0\$NtUninstallKB972270$
2010-04-11 20:33:57 ----HDC---- C:\WINDOWS.0\$NtUninstallKB971737$
2010-04-11 20:33:52 ----HDC---- C:\WINDOWS.0\$NtUninstallKB971657$
2010-04-11 20:33:45 ----HDC---- C:\WINDOWS.0\$NtUninstallKB971633$
2010-04-11 20:33:39 ----HDC---- C:\WINDOWS.0\$NtUninstallKB971557$
2010-04-11 20:33:30 ----HDC---- C:\WINDOWS.0\$NtUninstallKB971486$
2010-04-11 20:33:22 ----HDC---- C:\WINDOWS.0\$NtUninstallKB971468$
2010-04-11 20:33:16 ----HDC---- C:\WINDOWS.0\$NtUninstallKB970430$
2010-04-11 20:33:10 ----HDC---- C:\WINDOWS.0\$NtUninstallKB970238$
2010-04-11 20:33:05 ----HDC---- C:\WINDOWS.0\$NtUninstallKB969947$
2010-04-11 20:32:59 ----HDC---- C:\WINDOWS.0\$NtUninstallKB969059$
2010-04-11 20:32:52 ----HDC---- C:\WINDOWS.0\$NtUninstallKB968537$
2010-04-11 20:32:46 ----HDC---- C:\WINDOWS.0\$NtUninstallKB968389$
2010-04-11 20:32:39 ----HDC---- C:\WINDOWS.0\$NtUninstallKB967715$
2010-04-11 20:32:31 ----HDC---- C:\WINDOWS.0\$NtUninstallKB961501$
2010-04-11 20:32:25 ----HDC---- C:\WINDOWS.0\$NtUninstallKB961371-v2$
2010-04-11 20:32:10 ----HDC---- C:\WINDOWS.0\$NtUninstallKB961118$
2010-04-11 20:32:04 ----HDC---- C:\WINDOWS.0\$NtUninstallKB960859$
2010-04-11 20:31:59 ----HDC---- C:\WINDOWS.0\$NtUninstallKB960803$
2010-04-11 20:31:53 ----HDC---- C:\WINDOWS.0\$NtUninstallKB960225$
2010-04-11 20:31:48 ----HDC---- C:\WINDOWS.0\$NtUninstallKB959426$
2010-04-11 20:31:42 ----HDC---- C:\WINDOWS.0\$NtUninstallKB958687$
2010-04-11 20:31:36 ----HDC---- C:\WINDOWS.0\$NtUninstallKB958644$
2010-04-11 20:31:30 ----HDC---- C:\WINDOWS.0\$NtUninstallKB957097$
2010-04-11 20:31:24 ----HDC---- C:\WINDOWS.0\$NtUninstallKB956844$
2010-04-11 20:31:19 ----HDC---- C:\WINDOWS.0\$NtUninstallKB956803$
2010-04-11 20:31:13 ----HDC---- C:\WINDOWS.0\$NtUninstallKB956802$
2010-04-11 20:31:03 ----HDC---- C:\WINDOWS.0\$NtUninstallKB956572$
2010-04-11 20:30:56 ----HDC---- C:\WINDOWS.0\$NtUninstallKB955759$
2010-04-11 20:30:50 ----HDC---- C:\WINDOWS.0\$NtUninstallKB973687_1$
2010-04-11 20:30:45 ----HDC---- C:\WINDOWS.0\$NtUninstallKB955069$
2010-04-11 20:30:38 ----HDC---- C:\WINDOWS.0\$NtUninstallKB974112_1$
2010-04-11 20:30:33 ----HDC---- C:\WINDOWS.0\$NtUninstallKB954600$
2010-04-11 20:30:28 ----HDC---- C:\WINDOWS.0\$NtUninstallKB952954$
2010-04-11 20:30:22 ----HDC---- C:\WINDOWS.0\$NtUninstallKB952287$
2010-04-11 20:30:15 ----HDC---- C:\WINDOWS.0\$NtUninstallKB952004$
2010-04-11 20:30:08 ----HDC---- C:\WINDOWS.0\$NtUninstallKB951748$
2010-04-11 20:30:03 ----HDC---- C:\WINDOWS.0\$NtUninstallKB951376-v2$
2010-04-11 20:29:57 ----HDC---- C:\WINDOWS.0\$NtUninstallKB951066$
2010-04-11 20:29:52 ----HDC---- C:\WINDOWS.0\$NtUninstallKB950974$
2010-04-11 20:29:47 ----HDC---- C:\WINDOWS.0\$NtUninstallKB950762$
2010-04-11 20:29:42 ----HDC---- C:\WINDOWS.0\$NtUninstallKB938464-v2$
2010-04-11 20:29:36 ----HDC---- C:\WINDOWS.0\$NtUninstallKB923561$
2010-04-11 20:26:25 ----D---- C:\WINDOWS.0\system32\cs
2010-04-11 20:26:25 ----D---- C:\WINDOWS.0\system32\bits
2010-04-11 20:26:25 ----D---- C:\WINDOWS.0\l2schemas
2010-04-11 20:22:18 ----D---- C:\WINDOWS.0\network diagnostic
2010-04-11 20:17:19 ----HDC---- C:\WINDOWS.0\$NtServicePackUninstall$
2010-04-11 16:14:44 ----SHD---- C:\RECYCLER
2010-04-11 09:43:44 ----RASHD---- C:\cmdcons
2010-04-10 22:39:58 ----D---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\Malwarebytes
2010-04-10 22:39:43 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\Malwarebytes
2010-04-10 22:39:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-10 22:04:26 ----RAD---- C:\autorun.inf
2010-04-07 22:57:57 ----D---- C:\Program Files\Traction Software
2010-04-05 15:33:01 ----RSH---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\uyofn.exe
2010-03-21 20:22:23 ----N---- C:\WINDOWS.0\system32\browserchoice.exe
2010-03-15 09:06:16 ----HDC---- C:\WINDOWS.0\$NtUninstallKB929399$
2010-03-15 09:05:58 ----HDC---- C:\WINDOWS.0\$NtUninstallKB939683$
2010-03-15 09:05:19 ----HDC---- C:\WINDOWS.0\$NtUninstallKB954154_WM11$
2010-03-14 22:50:29 ----HDC---- C:\WINDOWS.0\$NtUninstallKB926239$
2010-03-14 22:49:55 ----N---- C:\WINDOWS.0\system32\spmsg.dll
2010-03-14 22:49:49 ----HDC---- C:\WINDOWS.0\$NtUninstallMSCompPackV1$
2010-03-14 22:49:36 ----D---- C:\Program Files\Windows Media Connect 2
2010-03-14 22:49:26 ----HDC---- C:\WINDOWS.0\$NtUninstallwmp11$
2010-03-14 22:48:38 ----HDC---- C:\WINDOWS.0\$NtUninstallWMFDist11$
2010-03-14 22:48:03 ----D---- C:\WINDOWS.0\system32\LogFiles
2010-03-14 22:47:54 ----HDC---- C:\WINDOWS.0\$NtUninstallWudf01000$
2010-03-14 22:35:03 ----D---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\ArcSoft
2010-03-14 22:33:58 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\ArcSoft
2010-03-14 22:33:33 ----D---- C:\Program Files\Common Files\ArcSoft
2010-03-14 22:31:57 ----D---- C:\Program Files\Philips
2010-03-14 22:31:03 ----D---- C:\temp

======List of files/folders modified in the last 1 months======

2010-04-11 23:31:32 ----SHD---- C:\System Volume Information
2010-04-11 23:31:32 ----D---- C:\WINDOWS.0\system32\Restore
2010-04-11 23:21:21 ----D---- C:\WINDOWS.0
2010-04-11 23:21:07 ----D---- C:\WINDOWS.0\system32\CatRoot2
2010-04-11 23:10:17 ----AD---- C:\WINDOWS.0\Temp
2010-04-11 23:07:57 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2010-04-11 23:02:49 ----D---- C:\WINDOWS.0\Debug
2010-04-11 21:52:46 ----RD---- C:\Program Files
2010-04-11 20:57:03 ----D---- C:\WINDOWS.0\system32
2010-04-11 20:57:03 ----A---- C:\WINDOWS.0\system32\PerfStringBackup.INI
2010-04-11 20:54:20 ----D---- C:\WINDOWS.0\system32\Setup
2010-04-11 20:54:20 ----D---- C:\WINDOWS.0\AppPatch
2010-04-11 20:54:19 ----RSD---- C:\WINDOWS.0\Fonts
2010-04-11 20:54:19 ----D---- C:\WINDOWS.0\system32\wbem
2010-04-11 20:54:18 ----D---- C:\WINDOWS.0\system32\drivers
2010-04-11 20:52:57 ----D---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\ICQ
2010-04-11 20:36:44 ----D---- C:\WINDOWS.0\system32\CatRoot
2010-04-11 20:36:11 ----HD---- C:\WINDOWS.0\inf
2010-04-11 20:36:08 ----RSHDC---- C:\WINDOWS.0\system32\dllcache
2010-04-11 20:35:27 ----D---- C:\Program Files\Movie Maker
2010-04-11 20:35:22 ----D---- C:\WINDOWS.0\security
2010-04-11 20:34:16 ----D---- C:\Program Files\Outlook Express
2010-04-11 20:29:43 ----D---- C:\WINDOWS.0\WinSxS
2010-04-11 20:26:41 ----D---- C:\Program Files\Messenger
2010-04-11 20:26:39 ----D---- C:\WINDOWS.0\ehome
2010-04-11 20:26:38 ----D---- C:\WINDOWS.0\system32\inetsrv
2010-04-11 20:26:38 ----D---- C:\WINDOWS.0\ime
2010-04-11 20:26:38 ----D---- C:\WINDOWS.0\Help
2010-04-11 20:26:26 ----D---- C:\WINDOWS.0\system32\usmt
2010-04-11 20:26:26 ----D---- C:\WINDOWS.0\system32\cs-CZ
2010-04-11 20:26:25 ----SHD---- C:\WINDOWS.0\Installer
2010-04-11 20:26:25 ----D---- C:\Program Files\Internet Explorer
2010-04-11 20:26:24 ----D---- C:\WINDOWS.0\PeerNet
2010-04-11 20:24:08 ----D---- C:\WINDOWS.0\ServicePackFiles
2010-04-11 20:24:02 ----D---- C:\WINDOWS.0\system32\npp
2010-04-11 20:24:02 ----D---- C:\WINDOWS.0\msagent
2010-04-11 20:24:01 ----D---- C:\WINDOWS.0\srchasst
2010-04-11 20:24:00 ----D---- C:\Program Files\NetMeeting
2010-04-11 20:23:59 ----D---- C:\WINDOWS.0\system32\Com
2010-04-11 20:23:57 ----D---- C:\Program Files\Windows NT
2010-04-11 20:23:57 ----D---- C:\Program Files\Windows Media Player
2010-04-11 20:23:54 ----D---- C:\Program Files\Common Files\System
2010-04-11 20:23:40 ----D---- C:\WINDOWS.0\system32\oobe
2010-04-11 20:23:39 ----D---- C:\WINDOWS.0\system
2010-04-11 20:20:57 ----D---- C:\WINDOWS.0\system32\ReinstallBackups
2010-04-11 20:07:26 ----AD---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\TEMP
2010-04-11 20:06:07 ----D---- C:\Program Files\Mozilla Firefox
2010-04-11 20:00:21 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-11 19:58:48 ----D---- C:\Program Files\Your Uninstaller
2010-04-11 15:48:01 ----A---- C:\WINDOWS.0\system.ini
2010-04-11 15:35:02 ----D---- C:\WINDOWS.0\system32\config
2010-04-11 15:32:50 ----D---- C:\Program Files\Common Files
2010-04-11 09:57:50 ----D---- C:\WINDOWS.0\repair
2010-04-11 09:43:48 ----RASH---- C:\boot.ini
2010-04-10 21:46:57 ----D---- C:\Config.Msi
2010-03-31 23:08:51 ----D---- C:\WINDOWS.0\ie8updates
2010-03-31 23:08:25 ----HD---- C:\WINDOWS.0\$hf_mig$
2010-03-14 23:28:26 ----SD---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\Microsoft
2010-03-14 22:49:43 ----A---- C:\WINDOWS.0\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS.0\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS.0\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS.0\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS.0\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS.0\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS.0\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 aswRdr;aswRdr; C:\WINDOWS.0\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS.0\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2007-11-15 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS.0\system32\drivers\pfc.sys [2009-11-25 10368]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS.0\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS.0\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;kbdhid; C:\WINDOWS.0\system32\drivers\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS.0\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS.0\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS.0\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS.0\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS.0\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS.0\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS.0\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS.0\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS.0\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS.0\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS.0\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS.0\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS.0\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC0305;A4 TECH PC Camera V; C:\WINDOWS.0\System32\Drivers\usbVM305.sys [2006-05-08 391688]
S4 IntelIde;IntelIde; C:\WINDOWS.0\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS.0\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS.0\system32\HPZipm12.exe [2004-03-18 65536]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Ještě prosím otestujte na virustotalu
C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\uyofn.exe

Dělali jste se Stellem AVPtool?

myslím, že ne.

Počkám na ten soubor.
Jak to vypadá s počítačem?

zase mi to napsalo, ze soubor nebyl nalezen a opet vyskocil k tomuto souboru trojan

A antivir ho sežral, předpokládám
Jak to vypadá s počítačem?

zadny trojan jinak nevyskakuje, krome tech dvou u tech souborů, které uz nejdou najit..

Dobře, domluvíme se spolu, že tak za 3 dny sem dáte log na kontrolu .

Pokud se vám bude chtít, můžete udělat sken AVPtoolem
--------------------------
Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

k tomu skenování se dostanu na tomto počítači až ve čtvrtek. provedu to tedy tím AVPtoolem..

když bych zítra nebo pozítří potřebovala zkontrolovat ještě notebook, který mám na koleji, bylo by možné vás kontaktovat? zase sem do této sekce nebo bych měla vytvořit nový topic?