VIRY.CZ

Logfile of random's system information tool 1.07 (written by random/random)
Run by Admin at 2010-07-06 11:49:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive F: has 6 GB (8%) free of 76 GB
Total RAM: 1279 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:50:01, on 6.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Ahead\InCD\InCDsrv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
F:\PROGRA~1\GAMING~1\MouseElf.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Ahead\InCD\InCD.exe
F:\Documents and Settings\Admin\Plocha\RSIT.exe
F:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - F:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - F:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - F:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - F:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - F:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - F:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - F:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - F:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - F:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SiSUSBRG] F:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mouseElf] F:\PROGRA~1\GAMING~1\MouseElf.EXE
O4 - HKLM\..\Run: [WinFast Schedule] F:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Config] F:\Program Files\Microsoft Games\Age Of Empires ii\Config.exe
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - F:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7367767484
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - F:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - F:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - F:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - F:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - F:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - F:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7098 bytes

======Scheduled tasks folder======

F:\WINDOWS\tasks\User_Feed_Synchronization-{F0616746-75E6-4342-9B03-9BB6703669C1}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - F:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - F:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - F:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll [2009-08-22 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - F:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll [2009-04-28 529704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - F:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.DLL [2009-08-22 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - F:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-03-03 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - F:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - F:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll [2009-08-22 378736]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - F:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"=F:\WINDOWS\SiSUSBrg.exe [2002-07-12 106496]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"RemoteControl"=F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"NeroFilterCheck"=F:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"mouseElf"=F:\PROGRA~1\GAMING~1\MouseElf.EXE [2005-12-16 475228]
"WinFast Schedule"=F:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2004-06-23 163840]
"NvCplDaemon"=F:\WINDOWS\system32\NvCpl.dll [2006-06-01 7618560]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=F:\WINDOWS\system32\NvMcTray.dll [2006-06-01 86016]
"Config"=F:\Program Files\Microsoft Games\Age Of Empires ii\Config.exe [2006-07-06 151552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=F:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PowerBar"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="F:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"F:\Program Files\TmNationsForever\TmForever.exe"="F:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"F:\Program Files\BitTorrent\bittorrent.exe"="F:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"F:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="F:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6841b0f1-e8af-11de-8080-000d87968826}]
shell\AutoRun\command - winlogonss\winlogons\MS.exe
shell\open\command - winlogonss\winlogons\MS.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b13d90-f46d-11de-80ab-000d87968826}]
shell\AutoRun\command - G:\winlogonss\winlogons\MS.exe
shell\open\command - G:\winlogonss\winlogons\MS.exe

======List of files/folders created in the last 1 months======

2010-07-06 11:49:18 ----D---- F:\Program Files\trend micro
2010-07-06 11:49:12 ----D---- F:\rsit
2010-07-01 22:13:08 ----A---- F:\WINDOWS\atmoUn.exe
2010-07-01 22:13:04 ----D---- F:\Program Files\Viewpoint
2010-07-01 22:13:04 ----D---- F:\Documents and Settings\All Users\Data aplikací\Viewpoint
2010-07-01 17:50:53 ----A---- F:\WINDOWS\DIIUnin.exe
2010-07-01 17:19:25 ----D---- F:\Program Files\Diablo II
2010-06-23 23:18:21 ----D---- F:\Program Files\Common Files\Freedom Scientific
2010-06-23 23:18:17 ----D---- F:\Program Files\Common Files\soft602

======List of files/folders modified in the last 1 months======

2010-07-06 11:49:18 ----RD---- F:\Program Files
2010-07-06 11:49:17 ----D---- F:\WINDOWS\Temp
2010-07-06 11:34:55 ----A---- F:\WINDOWS\wincmd.ini
2010-07-05 23:20:00 ----A---- F:\WINDOWS\SchedLgU.Txt
2010-07-05 22:26:52 ----D---- F:\Documents and Settings\Admin\Data aplikací\vlc
2010-07-05 21:04:14 ----A---- F:\WINDOWS\NeroDigital.ini
2010-07-05 15:15:23 ----D---- F:\WINDOWS\Minidump
2010-07-05 15:14:43 ----D---- F:\WINDOWS
2010-07-04 21:53:40 ----D---- F:\WINDOWS\system32\CatRoot2
2010-07-03 23:23:22 ----D---- F:\Documents and Settings\Admin\Data aplikací\BitTorrent
2010-07-03 00:09:25 ----D---- F:\Documents and Settings\Admin\Data aplikací\BSplayer
2010-07-01 21:26:30 ----D---- F:\WINDOWS\Prefetch
2010-06-28 19:26:35 ----D---- F:\Program Files\Microsoft Games
2010-06-28 16:19:33 ----D---- F:\Program Files\World of Warcraft
2010-06-28 16:04:52 ----HD---- F:\Program Files\InstallShield Installation Information
2010-06-28 16:04:52 ----D---- F:\Program Files\Commandos II
2010-06-28 16:02:29 ----D---- F:\WINDOWS\system32
2010-06-28 09:48:49 ----A---- F:\WINDOWS\Wininit.ini
2010-06-28 08:49:07 ----D---- F:\Program Files\Mozilla Firefox
2010-06-23 23:18:53 ----SHD---- F:\WINDOWS\Installer
2010-06-23 23:18:53 ----SHD---- F:\Config.Msi
2010-06-23 23:18:21 ----D---- F:\Program Files\Common Files
2010-06-12 18:55:54 ----D---- F:\Documents and Settings\Admin\Data aplikací\My Battle for Middle-earth Files
2010-06-09 08:28:37 ----A---- F:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; F:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 BHDrvx86;Symantec Heuristics Driver; F:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2009-08-22 259632]
R1 ccHP;Symantec Hash Provider; F:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys [2009-08-22 482432]
R1 cdrbsdrv;cdrbsdrv; F:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 eeCtrl;Symantec Eraser Control driver; \??\F:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\F:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100706.002\IDSxpx86.sys []
R1 InCDPass;InCDPass; F:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 SRTSP;Symantec Real Time Storage Protection; F:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS [2009-08-22 308272]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); F:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS [2009-08-22 43696]
R1 SYMTDI;Symantec Network Dispatch Driver; F:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS [2009-08-22 217136]
R2 BT848;WinFast TV2000 XP WDM Video Capture; F:\WINDOWS\system32\drivers\wf2kvcap.sys [2004-03-12 75829]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; F:\WINDOWS\system32\drivers\wf2ktunr.sys [2004-03-12 33959]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; F:\WINDOWS\system32\drivers\wf2kxbar.sys [2004-03-12 10005]
R3 cmuda;C-Media WDM Audio Interface; F:\WINDOWS\system32\drivers\cmuda.sys [2003-07-01 733248]
R3 genmcmnUSB;USB Scroll Mouse Driver; F:\WINDOWS\System32\DRIVERS\gflmouhid.sys [2005-07-12 7808]
R3 gHidUsbF;USB Device Enhanced Function Driver; F:\WINDOWS\System32\Drivers\gHidUsbF.Sys [2005-07-11 12800]
R3 HidUsb;Ovladač třídy standardu HID; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; F:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NAVENG;NAVENG; \??\F:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100705.040\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\F:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100705.040\NAVEX15.SYS []
R3 nv;nv; F:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
R3 pfc;Padus ASPI Shell; F:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; F:\WINDOWS\System32\DRIVERS\sisnic.sys [2002-07-10 32256]
R3 SymEvent;SymEvent; \??\F:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; F:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS [2009-08-22 89904]
R3 SYMIDS;Symantec Network Filter Driver; F:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS [2009-08-22 33072]
R3 SymIMMP;SymIMMP; F:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
R3 SYMNDIS;Symantec Network Filter Driver; F:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS [2009-08-22 36400]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; F:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbhub;Rozbočovač umožnující USB2; F:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; F:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 WFIOCTL;WFIOCTL; \??\F:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
R4 InCDfs;InCD File System; F:\WINDOWS\system32\drivers\InCDfs.sys [2004-09-07 91136]
S1 kbdhid;Ovladač klávesnice standardu HID; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 a9jhgews;a9jhgews; F:\WINDOWS\system32\drivers\a9jhgews.sys []
S3 aqljvnpo;aqljvnpo; F:\WINDOWS\system32\drivers\aqljvnpo.sys []
S3 CCDECODE;Dekodér Closed Caption; F:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 genmcmn;Scroll Mouse Driver; F:\WINDOWS\System32\DRIVERS\gmfiltr.sys [2005-07-02 16896]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; F:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; F:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; F:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; F:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; F:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; F:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; F:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; F:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
S3 usbprint;Třída USB Printer; F:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; F:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; F:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; F:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; F:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 InCDsrv;InCD Helper; F:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
R2 N360;Norton 360; F:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2009-08-22 117640]
S2 602XML Updater;602Updater; F:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 NVSvc;NVIDIA Display Driver Service; F:\WINDOWS\system32\nvsvc32.exe [2006-06-01 155715]
S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 odserv;Microsoft Office Diagnostics Service; F:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; F:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Hezké poledne

Copak je jednotka G?

Zapojte do pc všechny usb klíče, flashky...co používáte

Použijte USB fix
http://www.viry.cz/forum/viewtopic.php?f=24&t=102308

Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci
-spusťte
-klikněte na volbu deletion , potvrdte enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt

dobre poledne,
jednotka G: je virtualni mechanika

a log:
############################## | UsbFix 7.016 | [Deletion]

User: Admin (Administrator) # STARY [ ]
Updated 05/07/10 by El Desaparecido / C_XX
Started at 12:36:40 | 06/07/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Athlon(tm) XP 2600+
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512

Windows Firewall: Disabled /!\
RAM -> 1279 Mb
C:\ -> Fixed drive # 2 Gb (2 Mb free - 91%) [MS-DOS_6] # FAT
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ (%systemdrive%) -> Fixed drive # 75 Gb (6 Mb free - 8%) [] # NTFS
G:\ -> CD-ROM
H:\ -> Removable drive # 4 Gb (3 Mb free - 88%) [] # FAT32
I:\ -> Removable drive # 491 Mb (336 Mb free - 68%) [] # FAT32
J:\ -> Removable drive # 2 Gb (1 Mb free - 69%) [KINGSTON] # FAT
K:\ -> Removable drive # 492 Mb (484 Mb free - 98%) [KINGSTON] # FAT

################## | Files # Infected Folders |

Deleted ! F:\WINDOWS\system32\TempDel.EXE
Deleted ! I:\winlogonss\winlogons\MS.exe
Not deleted ! E:\Autorun.inf
Deleted ! I:\Autorun.inf
Deleted ! K:\Autorun.inf
Deleted ! H:\start.exe
Deleted ! K:\winamp_cache_0001.xml

################## | Registry |

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{f4b13d90-f46d-11de-80ab-000d87968826}

################## | Listing |

[31/05/1994 - 06:22:00 | RSH | 40774] C:\IO.SYS
[31/05/1994 - 06:22:00 | RSH | 38138] C:\MSDOS.SYS
[31/10/2009 - 13:14:12 | D ] C:\DOS
[31/05/1994 - 06:22:00 | SH | 54645] C:\COMMAND.COM
[31/05/1994 - 06:22:00 | A | 9349] C:\WINA20.386
[31/10/2009 - 13:19:28 | A | 144] C:\CONFIG.SYS
[31/10/2009 - 13:19:28 | A | 188] C:\AUTOEXEC.BAT
[26/02/2010 - 14:04:38 | SHD ] C:\FOUND.000
[26/03/2010 - 13:14:46 | SHD ] C:\FOUND.001
[30/03/2010 - 09:50:00 | SHD ] C:\FOUND.002
[30/05/2010 - 16:58:12 | SHD ] C:\FOUND.003
[03/06/2010 - 16:11:16 | SHD ] C:\FOUND.004
[31/10/2009 - 14:14:48 | SH | 512] C:\bootsect.dos
[31/10/2009 - 14:48:34 | SHD ] C:\System Volume Information
[31/10/2009 - 15:06:20 | SHD ] C:\Recycled
[01/11/2009 - 09:57:38 | A | 9138] C:\pltemp.ini
[04/11/2009 - 22:28:46 | D ] C:\Logs
[25/10/2001 - 12:00:00 | RASH | 4952] C:\Bootfont.bin
[10/12/2009 - 22:04:34 | RASH | 250576] C:\ntldr
[10/12/2009 - 22:04:34 | RASH | 47564] C:\NTDETECT.COM
[10/12/2009 - 22:10:56 | RASH | 226] C:\boot.ini
[26/12/2009 - 20:12:08 | D ] C:\TEMP
[09/01/2010 - 22:40:54 | D ] C:\VideoOutput
[11/04/2010 - 07:32:14 | D ] C:\Sklad PPS
[01/07/2010 - 21:26:02 | H | 476] C:\treeinfo.wc
[06/03/2005 - 22:08:32 | RD ] E:\DIRECTX7
[06/03/2005 - 22:08:32 | RD ] E:\EXTRAS
[06/03/2005 - 22:08:32 | RD ] E:\Razor1911
[06/03/2005 - 22:08:32 | RD ] E:\SUPPORT
[18/04/2001 - 16:23:00 | R | 41] E:\AUTORUN.INF
[06/04/2000 - 13:00:00 | R | 263168] E:\BINKW32.DLL
[15/05/2001 - 18:51:16 | R | 250156780] E:\D2EXP.MPQ
[30/04/2001 - 18:29:00 | R | 2550] E:\D2X.ICO
[06/05/2001 - 14:22:00 | R | 54691647] E:\D2XMUSIC.MPQ
[06/05/2001 - 14:21:00 | R | 60278192] E:\D2XTALK.MPQ
[03/05/2001 - 23:12:26 | R | 110685575] E:\D2XVIDEO.MPQ
[10/05/2001 - 01:19:26 | R | 352256] E:\INSTALL.EXE
[30/04/2001 - 18:33:00 | R | 32768] E:\SETUP.EXE
[15/05/2001 - 22:24:06 | R | 4592516] E:\SETUP.MPQ
[10/05/2001 - 04:49:38 | R | 95714] E:\XREADME.HTM
[23/06/2010 - 23:18:53 | SHD ] F:\Config.Msi
[27/11/2009 - 16:19:04 | D ] F:\Documents and Settings
[01/11/2009 - 20:47:25 | RHD ] F:\MSOCache
[04/11/2009 - 22:43:32 | D ] F:\N360_BACKUP
[06/07/2010 - 12:28:44 | ASH | 2013265920] F:\pagefile.sys
[06/07/2010 - 11:49:18 | RD ] F:\Program Files
[06/07/2010 - 12:40:45 | SHD ] F:\RECYCLER
[06/07/2010 - 11:50:03 | D ] F:\rsit
[10/12/2009 - 20:11:06 | SHD ] F:\System Volume Information
[01/07/2010 - 18:33:52 | H | 93402] F:\treeinfo.wc
[30/12/2009 - 09:48:54 | D ] F:\USB2SerialDirectory
[06/07/2010 - 12:40:45 | D ] F:\UsbFix
[06/07/2010 - 12:40:45 | A | 1225] F:\UsbFix.txt
[05/07/2010 - 15:14:43 | D ] F:\WINDOWS
[06/11/2007 - 11:03:42 | A | 4096] H:\Výsledek IQ.xls
[10/02/2010 - 21:59:22 | A | 26624] H:\Zápis do zpravodaje 2010.doc
[28/04/2010 - 12:30:50 | D ] H:\abeceda
[28/04/2010 - 12:30:58 | D ] H:\D-1 vyhodnocení
[28/04/2010 - 12:31:00 | D ] H:\dopln_u
[28/04/2010 - 12:31:08 | D ] H:\fota maraton 2010
[28/04/2010 - 12:31:18 | D ] H:\foto všestary
[28/04/2010 - 12:31:28 | SHD ] H:\FOUND.000
[28/04/2010 - 12:32:50 | D ] H:\images
[28/04/2010 - 12:32:58 | D ] H:\install
[28/04/2010 - 12:33:18 | D ] H:\manual
[28/04/2010 - 12:33:20 | D ] H:\PARDUBICE Eliášová
[28/04/2010 - 12:33:46 | D ] H:\podst_jm
[28/04/2010 - 12:33:56 | D ] H:\predpony
[28/04/2010 - 12:34:02 | D ] H:\prid_jm
[28/04/2010 - 12:34:14 | D ] H:\Programy staré
[28/04/2010 - 12:34:16 | D ] H:\puzzle
[28/04/2010 - 12:34:16 | D ] H:\shoda
[28/04/2010 - 12:34:24 | D ] H:\shrnuti
[28/04/2010 - 12:34:34 | D ] H:\slv_druh
[28/04/2010 - 12:34:42 | D ] H:\sounds
[28/04/2010 - 12:35:10 | D ] H:\spodoba
[28/04/2010 - 12:35:24 | D ] H:\tamsouhl
[28/04/2010 - 12:35:32 | D ] H:\temat. plány
[28/04/2010 - 12:35:32 | D ] H:\trampoty
[28/04/2010 - 12:35:40 | D ] H:\vlast_jm
[28/04/2010 - 12:35:48 | D ] H:\vyjm_slv
[28/04/2010 - 12:36:06 | RSHD ] H:\winlogonss
[28/04/2010 - 12:36:06 | D ] H:\zajmena
[28/04/2010 - 12:36:20 | D ] H:\-ZVUKY -PA
[05/12/2008 - 11:05:54 | AH | 165] H:\~$asdfasdfaečřtawetasdfawtaasdffa.xlsx
[02/04/2009 - 19:23:02 | A | 2479188] H:\4. TŘÍDA ČEŠTINA.notebook
[15/02/2010 - 14:40:02 | A | 2752019] H:\15.2.2010 Pardubice tabule.notebook
[02/03/2010 - 21:04:14 | A | 2180608] H:\Anglie, Francie 10. st..ppt
[30/10/2008 - 15:57:00 | A | 19868] H:\CD SŠ, vojenská.docx
[24/01/2003 - 20:07:16 | A | 0] H:\cd.rom
[11/05/2008 - 20:29:24 | A | 4680704] H:\Cetnost prijmeni.xls
[15/01/2009 - 18:02:36 | A | 9749635] H:\ČESKÁ PŘÍSLOVÍ VĚDECKY- PA.notebook
[16/03/2010 - 22:55:00 | A | 28672] H:\činnostní učení - větné členy ve větách.doc
[06/04/2010 - 18:01:52 | A | 26624] H:\Čtenářský maraton 2010.doc
[13/01/2010 - 01:51:12 | A | 27648] H:\D6 - Egypt.doc
[03/11/2009 - 11:20:06 | A | 37888] H:\D 6 2009-10.doc
[29/10/2009 - 10:12:26 | A | 367616] H:\D -Velkomoravská říše -pokus.ppt
[11/12/2009 - 15:20:12 | A | 67072] H:\Dalimilova kronika.doc
[15/03/2010 - 11:10:46 | A | 136192] H:\Dě - 7.doc
[18/01/2008 - 07:06:54 | A | 15276] H:\Dě - Fénicie.odt
[30/10/2008 - 12:08:12 | A | 84480] H:\DOD.xls
[11/12/2009 - 15:20:38 | A | 11120] H:\Egypt - test.odt
[29/12/2007 - 22:06:42 | A | 198656] H:\ekariera.doc
[07/10/2008 - 14:39:28 | A | 102912] H:\hlavičkový_papír_guth.doc
[06/04/2010 - 19:05:16 | A | 4799] H:\hoplita.jpg
[10/02/2010 - 17:35:12 | A | 3840000] H:\HuyenKhongTu-Xuan_Kong_Si(2).pps
[02/11/2007 - 12:13:34 | A | 71168] H:\Charakteristika ZŠ 1.doc
[23/11/2007 - 08:31:02 | A | 33792] H:\Informace ke SŠ (různé).doc
[23/01/2010 - 09:57:46 | A | 69632] H:\informační leták pro přijímačky.doc
[16/03/2010 - 15:38:40 | A | 14848] H:\Inter. tab. -instrukce.doc
[16/03/2010 - 15:43:22 | A | 13824] H:\inter.tab. -instr..doc
[16/03/2010 - 15:43:02 | A | 16547] H:\inter.tab. -instr..odt
[25/01/2010 - 21:57:42 | A | 24064] H:\Klasifikační arch 6.B.xls
[25/01/2010 - 21:42:26 | A | 22528] H:\Klasifikační arch.xls
[14/10/2007 - 23:37:30 | A | 62464] H:\KU- výpůjčky.xls
[04/12/2009 - 10:26:58 | A | 1083904] H:\Kyjevská Rus - prezentace.ppt
[01/04/2008 - 01:12:00 | A | 109056] H:\LV-6.doc
[23/09/2008 - 09:17:12 | A | 29184] H:\Lv 7 Nepil.doc
[01/03/2003 - 11:19:16 | A | 18379] H:\manual.txt
[14/11/2007 - 00:05:52 | A | 89600] H:\ML 6.doc
[29/08/2007 - 12:05:10 | A | 20480] H:\Moje úřední hodiny VP.doc
[18/01/2010 - 21:05:20 | A | 194560] H:\MŠMT seznam_platnych_predpisu_2009.doc
[10/09/2006 - 10:34:20 | A | 23552] H:\Plán VP - volba povolání 9.r..doc
[06/05/2006 - 12:36:58 | A | 318464] H:\pohádka a ilustrátoři -PA.ppt
[17/12/2008 - 07:49:50 | A | 26624] H:\POSVÍCENÍ - LV 6.doc
[01/01/2010 - 18:54:26 | A | 35328] H:\Prac. listy k DVD Byl jednou člověk 7.r..doc
[07/02/2008 - 17:24:04 | A | 26624] H:\první slova -PA.doc
[11/12/2009 - 15:19:38 | A | 66048] H:\Přemyslovci.doc
[04/11/2008 - 14:36:36 | A | 4096] H:\Rabštejn a SŠ.doc
[11/09/2009 - 20:33:00 | A | 65024] H:\Rodiče - výsledky IQ.xls
[03/02/2009 - 11:01:42 | A | 32070144] H:\RUMCAJSOVA VÁNOČNÍ POHÁDKA.ppt
[06/04/2010 - 19:11:16 | A | 112286] H:\řecko agora.jpg
[06/04/2010 - 19:11:34 | A | 132588] H:\řecko akropolis.jpg
[06/04/2010 - 19:12:08 | A | 118984] H:\řecko chrám.jpg
[06/04/2010 - 19:09:12 | A | 116072] H:\řecko perské8.jpg
[06/04/2010 - 19:19:28 | A | 3332] H:\řecko perské10.jpg
[06/04/2010 - 18:59:18 | A | 10718] H:\řecko perské 0.jpg
[06/04/2010 - 18:56:56 | A | 36205] H:\řecko perské 2.png
[06/04/2010 - 18:57:34 | A | 7242] H:\řecko perské 3.jpg
[06/04/2010 - 18:57:58 | A | 10779] H:\řecko perské 4.gif
[06/04/2010 - 18:58:28 | A | 7865] H:\řecko perské 5.jpg
[06/04/2010 - 19:00:34 | A | 2801] H:\řecko perské 6.jpg
[06/04/2010 - 19:19:00 | A | 2059] H:\řecko perské 9.jpg
[06/04/2010 - 18:56:06 | A | 12598] H:\řecko perské války.jpg
[06/04/2010 - 19:13:24 | A | 97459] H:\řecko perské.jpg
[05/11/2008 - 13:06:00 | A | 4096] H:\Seznam CD středních škol.doc
[10/03/2010 - 21:17:36 | A | 28160] H:\Seznam čtenář. maratonu 2010.xls
[21/10/2009 - 08:42:54 | A | 24064] H:\Seznam žáků SVPU 2009-2010.xls
[18/02/2009 - 22:14:46 | A | 21504] H:\Skkal+pes - PA.doc
[06/04/2009 - 21:19:34 | A | 18683239] H:\Slovo a jeho význam -PA.notebook
[13/03/2008 - 19:26:04 | A | 4096] H:\Soutěž Tahle kniha, to je ono.odt
[14/10/2007 - 23:40:12 | A | 4096] H:\SPU 2007-2008.xls
[02/11/2007 - 12:21:58 | A | 4096] H:\SŠ - Rabštejn.doc
[29/09/2009 - 11:09:58 | A | 21504] H:\Škola v přírodě.doc
[14/10/2007 - 23:41:34 | A | 4096] H:\Temat.plány Č 6 (2007-8).doc
[10/09/2006 - 11:19:52 | A | 4096] H:\Tematický plán - LV 9.r..doc
[05/11/2007 - 11:34:28 | A | 4096] H:\Testy IQ.doc
[07/12/2009 - 00:49:02 | A | 1526784] H:\vánoční cukroví.doc
[26/09/2009 - 08:21:50 | A | 15764157] H:\VĚTNÉ ČLENY-PA.notebook
[25/11/2009 - 09:07:52 | A | 4879360] H:\Vikingové.ppt
[02/11/2007 - 12:23:04 | A | 4096] H:\VNJ - 7.doc
[14/10/2007 - 23:36:24 | A | 4096] H:\Výchovná komise - formulář.doc
[02/05/2010 - 22:39:34 | D ] H:\zájezdy
[23/01/2010 - 09:59:30 | A | 30720] H:\přihlášky SŠ- informace.doc
[03/05/2010 - 18:39:18 | A | 33280] H:\Program Drážďan 2010.doc
[04/11/2008 - 14:36:36 | A | 26112] I:\Rabštejn a SŠ.doc
[07/01/2008 - 21:41:38 | A | 4204] I:\ransome.jpg
[07/01/2008 - 21:46:04 | A | 22653] I:\ransome1.jpg
[07/01/2008 - 21:45:14 | A | 31417] I:\ransome2.jpg
[27/01/2008 - 21:04:24 | A | 32295] I:\rudo moric.jpg
[05/11/2008 - 13:06:00 | A | 23040] I:\Seznam CD středních škol.doc
[13/03/2008 - 19:26:04 | A | 17017] I:\Soutěž Tahle kniha, to je ono.odt
[02/11/2007 - 12:21:58 | A | 69120] I:\SŠ - Rabštejn.doc
[21/11/2007 - 09:54:58 | A | 25088] I:\SŠ -Rab. -jmenovky.doc
[02/11/2007 - 12:23:58 | A | 77824] I:\Temat. plán - Dě 2007-2008.doc
[14/10/2007 - 23:41:34 | A | 77312] I:\Temat.plány Č 6 (2007-8).doc
[10/09/2006 - 11:19:52 | A | 31744] I:\Tematický plán - LV 9.r..doc
[05/11/2007 - 11:34:28 | A | 36864] I:\Testy IQ.doc
[08/09/2008 - 01:59:34 | A | 120320] I:\Tisk - 2 str.doc
[27/01/2008 - 20:19:20 | A | 16329] I:\vlcak Kazan.jpg
[02/11/2007 - 12:23:04 | A | 68096] I:\VNJ - 7.doc
[14/10/2007 - 23:36:24 | A | 76288] I:\Výchovná komise - formulář.doc
[09/05/2008 - 13:39:38 | A | 59904] I:\Výlet Salzburg 2008.doc
[06/11/2007 - 11:03:42 | A | 9728] I:\Výsledek IQ.xls
[29/08/2007 - 12:28:32 | A | 40960] I:\vývěska přijímací zkoušky 2007-08.doc
[07/10/2008 - 20:55:16 | AH | 166400] I:\~WRL0675.tmp
[20/04/2009 - 12:39:52 | D ] I:\Nová složka
[20/04/2009 - 12:40:20 | D ] I:\výlet dětenice kopidlno
[12/03/2008 - 20:19:34 | A | 130197] I:\asterix-obelix-idefix_gif.jpg
[12/03/2008 - 20:19:44 | A | 35498] I:\AsterixObelix.jpg
[30/10/2008 - 15:57:00 | A | 19868] I:\CD SŠ, vojenská.docx
[02/11/2007 - 12:13:34 | A | 71168] I:\Charakteristika ZŠ 1.doc
[27/01/2008 - 20:22:32 | A | 25692] I:\Curwood.jpg
[30/10/2008 - 12:08:12 | A | 84480] I:\DOD.xls
[14/04/2008 - 17:05:58 | A | 34618] I:\Drijverová.jpg
[16/01/2008 - 02:02:44 | A | 75776] I:\Dě - Egypt. bohové.doc
[18/01/2008 - 07:06:54 | A | 15276] I:\Dě - Fénicie.odt
[29/12/2007 - 22:06:42 | A | 198656] I:\ekariera.doc
[12/03/2008 - 20:16:40 | A | 14264] I:\Goscinny.jpg
[16/04/2008 - 09:56:00 | A | 77312] I:\Hasiči.doc
[07/10/2008 - 13:10:36 | A | 102400] I:\hlavičkový_papír_guth.doc
[23/11/2007 - 08:31:02 | A | 33792] I:\Informace ke SŠ (různé).doc
[31/10/2008 - 15:11:22 | A | 25088] I:\Jízdné - Klub rodičů.doc
[07/01/2008 - 21:37:20 | A | 31584] I:\kipling.jpg
[22/04/2008 - 21:56:46 | A | 97792] I:\klenoty.doc
[14/10/2007 - 23:37:30 | A | 62464] I:\KU- výpůjčky.xls
[23/09/2008 - 09:17:12 | A | 29184] I:\Lv 7 Nepil.doc
[01/04/2008 - 01:12:00 | A | 109056] I:\LV-6.doc
[25/03/2007 - 17:02:08 | A | 67584] I:\M. Herák - žádost na MÚ.doc
[14/04/2008 - 17:04:14 | A | 7508] I:\mark-twain.jpg
[27/01/2008 - 20:18:18 | A | 31325] I:\medvedi.jpg
[12/03/2008 - 20:16:32 | A | 11212] I:\mikulasovy lapalie.jpg
[14/11/2007 - 00:05:52 | A | 89600] I:\ML 6.doc
[29/08/2007 - 12:05:10 | A | 20480] I:\Moje úřední hodiny VP.doc
[14/04/2008 - 17:00:20 | A | 67426] I:\pagnol.jpg
[14/04/2008 - 17:03:26 | A | 31700] I:\Pagnol2.gif
[21/11/2007 - 14:52:02 | A | 56320] I:\Plán práce výchovného poradce 2007-08.doc
[10/09/2006 - 10:24:42 | A | 29696] I:\Plán práce výchovného poradce.doc
[10/09/2006 - 10:34:20 | A | 23552] I:\Plán VP - volba povolání 9.r..doc
[08/10/2009 - 16:24:30 | A | 78336] I:\Dě - 7.doc
[19/01/2010 - 11:31:40 | A | 189440] I:\Dě - 6new.doc
[03/11/2009 - 11:34:46 | A | 231424] I:\Dě - 6. 2008-09 doc
[09/12/2009 - 14:45:00 | A | 79872] I:\Školení vých. por .v HK - SVPU.doc
[09/12/2009 - 15:11:46 | A | 104960] I:\Tělesné postižení -školení HK.doc
[09/12/2009 - 16:02:02 | A | 378880] I:\Logopedie školení HK.doc
[19/01/2010 - 11:17:06 | RSHD ] I:\winlogonss
[25/03/2010 - 13:21:40 | A | 69120] I:\češtna1.doc
[09/03/2010 - 23:55:58 | D ] J:\doplnění křížác. výprav_soubory
[09/03/2010 - 23:56:00 | A | 33840] J:\doplnění křížác. výprav.htm
[10/03/2010 - 00:17:12 | D ] J:\Lv 7
[13/03/2010 - 18:19:30 | A | 6225208] J:\Doplněk-procv-..notebook
[15/03/2010 - 08:20:50 | RSHD ] J:\winlogonss
[15/03/2010 - 08:27:02 | A | 8261632] J:\D7 - křížové výpravy.ppt
[25/03/2010 - 23:42:14 | A | 16823] J:\Dě - 6, opak.notebook
[14/04/2010 - 02:12:18 | A | 11036022] J:\D7 Karel IV..pptx
[14/04/2010 - 03:13:28 | A | 4689424] J:\D7 gotika.pptx
[14/04/2010 - 03:13:52 | A | 4767232] J:\D7 gotika 2.ppt
[14/04/2010 - 03:19:04 | A | 11335680] J:\D7 Karel IV.2.ppt
[19/04/2010 - 11:24:48 | AH | 165] J:\~$D7 Karel IV..pptx
[21/04/2010 - 13:22:08 | A | 13851136] J:\Výchovný poradce.ppt
[21/04/2010 - 13:24:32 | D ] J:\VP Jičín
[22/04/2010 - 11:28:08 | A | 3966464] J:\Řemeslo -prez.ppt
[24/04/2010 - 08:59:56 | A | 5853140] J:\testy-demo.zip
[04/05/2010 - 22:17:24 | D ] J:\zájezdy
[04/05/2010 - 22:17:46 | D ] J:\soutěže
[04/05/2010 - 22:18:10 | D ] J:\Německo - PVP9
[11/03/2010 - 16:34:58 | A | 13119488] J:\durynsko - bára vítková.ppt
[04/03/2010 - 23:59:26 | A | 16047104] J:\BAVORSKO -morávková.ppt
[06/05/2010 - 13:05:06 | D ] J:\Školení VP v HK
[06/05/2010 - 13:20:10 | D ] J:\VP Třískalová
[06/05/2010 - 18:20:18 | D ] J:\ofice
[06/05/2010 - 18:51:08 | A | 311808] J:\Zakon o socialnich sluzbach.ppt
[06/05/2010 - 18:55:12 | A | 262144] J:\soc.sluzby.ppt
[19/05/2010 - 23:43:44 | A | 12452379] J:\Koloseum, Spartakus.notebook
[08/06/2010 - 14:14:22 | D ] J:\fotky drazdany
[15/06/2010 - 11:29:30 | AH | 132] J:\.~lock.pro ředitele.doc#
[15/06/2010 - 11:29:30 | A | 22016] J:\pro ředitele.doc
[28/06/2010 - 10:13:44 | D ] J:\Projekt Kutná Hora
[28/06/2010 - 10:14:26 | D ] J:\nástěnka Kutná Hora
[27/06/2010 - 20:14:10 | A | 305152] K:\Cato kladene otazky - vypracovane.doc
[30/05/2010 - 08:53:20 | A | 51712] K:\_8N06_zkusebni_otazky_kone.doc
[02/07/2010 - 16:26:44 | A | 237568] K:\casto kladene otazky.doc
[02/07/2010 - 23:48:10 | A | 41] K:\pmp_usb.ini
[01/07/2010 - 18:33:54 | H | 38] K:\treeinfo.wc
[02/07/2010 - 16:26:40 | A | 193536] K:\Vypracovane testy.doc
[07/06/2010 - 09:55:08 | A | 497911] K:\Oftalmologie_2010_pro tisk.pdf
[02/07/2010 - 16:29:52 | A | 7198846] K:\Always_final.mp3
[04/12/2009 - 18:29:12 | RSHD ] K:\winlogonss

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
I:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
J:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
K:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: F:\UsbFix_Upload_Me_STARY.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Omlouvam se za zdržení, ale po několika pokusech se mi konečně podařilo doskenovat PC ... tady je log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4284

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

9.7.2010 12:02:29
mbam-log-2010-07-09 (12-02-29).txt

Typ skenu: Úplný sken (C:\|F:\|)
Skenované objekty: 213171
Uplynulý čas: 1 hodina(y), 39 minuta(y), 7 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 3
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Co našel mbam, smažte.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

VIRY.CZ

pomalé pc - zátěž CPU

pomalé pc - zátěž CPU

Re: pomalé pc - zátěž CPU

Re: pomalé pc - zátěž CPU

Re: pomalé pc - zátěž CPU

Re: pomalé pc - zátěž CPU

Re: pomalé pc - zátěž CPU