VIRY.CZ

Zdravím vespolek! Trápí mne zajímavý problém. Nedávno (tj. asi 14 dní nazpět) se objevila jistá prodleva před tím, než se mi načte stránka v prohlížeči na mém notebooku. V průměru tak 2 vteřiny navíc oproti dřívější rychlosti. Není to vždy, ale dost často na to, abych si toho všimnul. Odzkoušel jsem to v FF 3.6.10, IE 8.0.7600.16385 i Chrome 6.0.472.62. To by nebylo nic nezvyklého, ale na dalších počítačích u toho samého připojení se to neděje (tudíž podezření na vir). A aby to nebylo úplně tak jednoduché, tak problém u mne nenastává, když se připojím kdekoliv jinde (pak je podezření na chybu u ISP, případně někde na mém routeru). Procházel jsem komp Avirou, Stingerem, TrojanHunterem, Spybotem, AdAwarem, CWShredderem a MBAMem. Všechno na maximálně paranoidní nastavení a v aktuálních verzích s aktuálními databázemi. Jediným výsledkem byl jeden tracking cookie ve Spybotu a podezřelý záznam v registrech v MBAMu:

Kód: Vybrat vše

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowCpl\1 (Malware.Trace) -> No action taken.

Kteréžto jsem všechno napravil.
Ping i rychlost připojení jsou stabilní a stejné jako dříve.

Rád bych vyloučil všechny možnosti na mé straně, než začnu křičet na poskytovatele. Proto děkuji za jakékoliv návrhy a připomínky. Díky.

Jo a jen pro zajímavost, téměř totožný problém jsem měl s předchozím noťasem (WinXP), tam jsem to ale neřešil, neb už byl kousek před vyřazením.

Kód: Vybrat vše

Logfile of random's system information tool 1.08 (written by random/random)
Run by Xen at 2010-09-21 20:28:36
Microsoft Windows 7 Professional  
System drive C: has 20 GB (60%) free of 33 GB
Total RAM: 1944 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:58, on 21.9.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
D:\Software\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
D:\Software\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
D:\Work\DAEMON Tools Lite\DTLite.exe
D:\Software\Apache\bin\ApacheMonitor.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\igfxext.exe
D:\Software\Pidgin\pidgin.exe
D:\Software\Salamander\SALAMAND.EXE
C:\Windows\system32\taskmgr.exe
D:\Software\Firefox\firefox.exe
D:\A\RSIT.exe
C:\Program Files\trend micro\Xen.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O4 - HKLM\..\Run: [avgnt] "D:\Software\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [FingerPrintSoftwareSplashScreen] "C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe" \s
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKLM\..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Software\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Work\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Monitor Apache Servers.lnk = D:\Software\Apache\bin\ApacheMonitor.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:  C:\Windows\system32\guard32.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\Windows\system32\ADMonitor.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Software\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Software\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apache2.2 - Apache Software Foundation - D:\Software\Apache\bin\httpd.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Windows\system32\AtService.exe
O23 - Service: B-Service - Unknown owner - C:\Users\Xen\AppData\Roaming\Mikogo\B-Service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Software\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\Windows\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: MySQL - Unknown owner - D:\Software\MySQL\bin\mysqld (file missing)
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Software\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 7141 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-904805162-1261590103-2039216501-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-904805162-1261590103-2039216501-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"avgnt"=D:\Software\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-12-11 337256]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2010-02-05 1582400]
"FingerPrintSoftwareSplashScreen"=C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [2010-02-05 102400]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-09-09 176128]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"tsnp2uvc"=C:\Windows\tsnp2uvc.exe []
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [2009-10-13 36864]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2010-07-27 69560]
"COMODO Internet Security"=D:\Software\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe [2010-06-01 2039240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-21 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-21 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-21 169496]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2010-04-20 62312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Work\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Google Update"=C:\Users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-21 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Monitor Apache Servers.lnk - D:\Software\Apache\bin\ApacheMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-04-21 227328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"DisallowCpl"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-21 20:28:36 ----D---- C:\rsit
2010-09-21 20:25:41 ----D---- C:\Program Files\trend micro
2010-09-21 17:30:57 ----D---- C:\Users\Xen\AppData\Roaming\Malwarebytes
2010-09-21 17:30:41 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-09-21 17:30:39 ----D---- C:\ProgramData\Malwarebytes
2010-09-21 17:30:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-21 17:26:35 ----DC---- C:\Windows\system32\DRVSTORE
2010-09-21 17:26:35 ----A---- C:\Windows\system32\drivers\Lbd.sys
2010-09-21 17:26:34 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-09-21 17:21:35 ----D---- C:\ProgramData\Lavasoft
2010-09-21 17:21:35 ----D---- C:\Program Files\Lavasoft
2010-09-21 17:16:16 ----HDC---- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-21 16:07:38 ----D---- C:\Users\Xen\AppData\Roaming\TrojanHunter
2010-09-21 15:04:57 ----D---- C:\ProgramData\TrojanHunter
2010-09-21 15:04:50 ----R---- C:\Windows\system32\streamhlp.dll
2010-09-21 09:08:40 ----A---- C:\Windows\ntbtlog.txt
2010-09-21 08:49:01 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-09-20 13:57:57 ----D---- C:\AuthLog
2010-09-15 21:50:32 ----A---- C:\Windows\system32\iertutil.dll
2010-09-15 21:49:54 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-09 08:16:01 ----D---- C:\Program Files\OpenAL
2010-09-09 08:16:01 ----A---- C:\Windows\system32\wrap_oal.dll
2010-09-09 08:16:01 ----A---- C:\Windows\system32\OpenAL32.dll
2010-09-08 20:24:45 ----A---- C:\Windows\IsUninst.exe
2010-09-08 20:24:39 ----RASH---- C:\MSDOS.SYS
2010-09-08 20:24:39 ----RASH---- C:\IO.SYS
2010-08-31 22:38:13 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-08-31 22:38:13 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-08-31 22:38:13 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-08-31 22:38:13 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-08-31 22:38:13 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-08-31 22:38:13 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-08-31 22:38:12 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-08-31 22:38:12 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-08-31 22:38:12 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-08-31 22:38:12 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-08-31 22:38:12 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-08-31 22:38:11 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-08-31 22:38:11 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-08-31 22:38:11 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-08-31 22:38:11 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-08-31 22:38:10 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-08-31 22:38:10 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-08-31 22:38:10 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-08-31 22:38:10 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-08-31 22:38:10 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-08-31 22:38:10 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-08-31 22:38:09 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-08-31 22:38:09 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-08-31 22:38:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-08-31 22:38:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-08-31 22:38:08 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-08-31 22:38:08 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-08-31 22:38:07 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-08-31 22:38:07 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-08-31 22:38:07 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-08-31 22:38:07 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-08-31 22:38:06 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-08-31 22:38:06 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-08-31 22:38:06 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-08-31 22:38:06 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-08-31 22:38:06 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-08-31 22:38:06 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-08-31 22:38:05 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-08-31 22:38:05 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-08-31 22:38:05 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-08-31 22:38:05 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-08-31 22:38:05 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-08-31 22:38:05 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-08-31 22:38:04 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-08-31 22:38:04 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-08-31 22:38:03 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-08-31 22:38:03 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-08-31 22:38:03 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-08-31 22:38:03 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-08-31 22:38:02 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-08-31 22:38:02 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-08-31 22:38:01 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-08-31 22:38:01 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-08-31 22:38:01 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-08-31 22:38:01 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-08-31 22:38:01 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-08-31 22:38:00 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-08-31 22:38:00 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-08-31 22:38:00 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-08-31 22:35:52 ----D---- C:\Program Files\Microsoft.NET
2010-08-31 22:35:24 ----D---- C:\Windows\system32\directx
2010-08-31 21:31:40 ----D---- C:\Windows\system32\URTTEMP
2010-08-31 21:31:07 ----A---- C:\Windows\iun6002.exe
2010-08-25 15:55:12 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 1 months======

2010-09-21 20:27:31 ----D---- C:\Users\Xen\AppData\Roaming\.purple
2010-09-21 20:27:21 ----D---- C:\Windows\System32
2010-09-21 20:27:21 ----D---- C:\Windows\inf
2010-09-21 20:27:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-21 20:25:41 ----RD---- C:\Program Files
2010-09-21 20:25:39 ----D---- C:\Windows\system32\config
2010-09-21 20:24:47 ----D---- C:\Windows\Temp
2010-09-21 18:56:11 ----D---- C:\Windows\Tasks
2010-09-21 18:51:00 ----D---- C:\Windows\system32\Tasks
2010-09-21 18:49:03 ----D---- C:\Users\Xen\AppData\Roaming\SiteAdvisor
2010-09-21 17:30:41 ----D---- C:\Windows\system32\drivers
2010-09-21 17:30:39 ----HD---- C:\ProgramData
2010-09-21 17:26:36 ----D---- C:\Windows\system32\catroot
2010-09-21 17:22:03 ----SHD---- C:\Windows\Installer
2010-09-21 17:21:31 ----D---- C:\Windows\winsxs
2010-09-21 17:20:07 ----D---- C:\Windows\Prefetch
2010-09-21 09:21:39 ----D---- C:\Windows
2010-09-21 09:05:57 ----D---- C:\Windows\system32\catroot2
2010-09-21 09:04:56 ----SHD---- C:\System Volume Information
2010-09-21 08:39:48 ----D---- C:\Users\Xen\AppData\Roaming\Skype
2010-09-17 17:49:19 ----D---- C:\Program Files\Windows Media Player
2010-09-17 13:41:33 ----D---- C:\Program Files\Lenovo
2010-09-17 12:41:53 ----D---- C:\Users\Xen\AppData\Roaming\vlc
2010-09-17 12:39:30 ----D---- C:\Users\Xen\AppData\Roaming\gtk-2.0
2010-09-15 21:50:47 ----A---- C:\Windows\system32\MRT.exe
2010-09-14 15:55:48 ----D---- C:\Users\Xen\AppData\Roaming\FileZilla
2010-09-10 19:59:14 ----D---- C:\Users\Xen\AppData\Roaming\dvdcss
2010-09-10 00:27:14 ----D---- C:\Windows\Downloaded Program Files
2010-09-01 13:15:17 ----D---- C:\Windows\Microsoft.NET
2010-09-01 13:15:16 ----RSD---- C:\Windows\assembly
2010-08-31 22:38:42 ----D---- C:\Windows\system32\cs-CZ
2010-08-31 22:35:56 ----D---- C:\Windows\system32\en-US
2010-08-31 22:35:25 ----D---- C:\Windows\Logs
2010-08-31 21:32:37 ----D---- C:\Windows\Registration
2010-08-31 21:31:40 ----D---- C:\Program Files\Internet Explorer
2010-08-25 15:55:30 ----D---- C:\Windows\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DozeHDD;DozeHDD; C:\Windows\System32\DRIVERS\DozeHDD.sys [2010-03-03 24304]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2009-10-09 120360]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-17 691696]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-06-04 224240]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-06-01 30112]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-06-01 75944]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2010-03-03 11552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-09-07 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-09-15 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-09-15 38400]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-09-09 154672]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-02-05 661448]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-10-05 460800]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-06-30 981504]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-06-30 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-04-21 8746496]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-12-08 31680]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-11 3486208]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-06-30 661504]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 iatmunin;iatmunin; \??\C:\Users\Xen\AppData\Local\Temp\iatmunin.sys []
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2010-04-22 124264]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2010-04-22 259432]
R2 AntiVirService;Avira AntiVir Guard; D:\Software\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Software\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 Apache2.2;Apache2.2; D:\Software\Apache\bin\httpd.exe [2010-03-04 24645]
R2 ATService;AuthenTec Fingerprint Service; C:\Windows\system32\AtService.exe [2010-02-05 1824064]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Software\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2010-06-01 1778480]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dtsvc;Data Transfer Service; C:\Windows\system32\DTS.exe [2010-02-05 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-01-19 858384]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-11-18 38248]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2010-04-20 50536]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-04-20 74088]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
R2 MySQL;MySQL; D:\Software\MySQL\bin\mysqld --defaults-file=D:\Software\MySQL\my.ini MySQL []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-01-19 473360]
R2 SBSDWSCService;SBSD Security Center Service; D:\Software\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-09-24 15872]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
S3 ADMonitor;AD Monitor; C:\Windows\system32\ADMonitor.exe [2010-02-05 106496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 B-Service;B-Service; C:\Users\Xen\AppData\Roaming\Mikogo\B-Service.exe [2010-06-28 185640]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2010-03-03 132456]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-09-21 1355928]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-03-03 75112]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-10-09 39976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-14 1343400]
S4 ApRunSvc;Alps Application Launcher Service; C:\Program Files\Apoint2K\ApRunSvc.exe []

-----------------EOF-----------------

Log vypadá čistý. Zkuste smazat cache prohlížeče.

Veškerou cache jsem promazával (ve všech testovaných prohlížečích). IE a Chrome jsem měl dokonce čistě nainstalované; pokud se u IE dá mluvi o čisté instalaci, protože to bylo poprvé, co jsem ho na počítači zapnul.

OK. Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Tak asi nějaká havěť tam bude. Při skenování mi to hodilo pár erorů, můžu to kdyžtak zkusit pustit znovu.
Jinak k tomu userinit.exe - http://virusscan.jotti.org/cs/scanresul ... 606b66beb6
Ale předpokládám, že se umí nějak pěkně maskovat. A v případě nebezpečí vrací zpět původní soubor.
Ty ostatní soubory jsem na disku nenašel (byla tam hláška už dřív, tak jsem měl možnost je zkusit vyhledat), až pak se mazaly.

Kód: Vybrat vše

ComboFix 10-09-21.01 - Xen 21.09.2010  22:35:15.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1250.420.1029.18.1944.854 [GMT 2:00]
Spuštěný z: d:\a\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
 * Vytvořen nový Bod Obnovení
.

(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\host32.exe
c:\windows\localsys64.exe
c:\windows\system32\64dlls.exe
c:\windows\system32\intel64.exe
c:\windows\system32\lsjdfh.exe
c:\windows\system32\ntos.exe
c:\windows\system32\oembios.exe
c:\windows\system32\sdra64.exe
c:\windows\system32\sdra73.exe
c:\windows\system32\swin32.exe
c:\windows\system32\twex.exe
c:\windows\system32\twext.exe
c:\windows\system32\wsnpoema.exe

c:\windows\system32\userinit.exe . . . je infikován!!

.
(((((((((((((((((((((((((   Soubory vytvořené od 2010-08-21 do 2010-09-21  )))))))))))))))))))))))))))))))
.

2010-09-21 20:48 . 2010-09-21 20:48    --------    d-----w-    C:\Device
2010-09-21 20:48 . 2010-09-21 20:50    --------    d-----w-    c:\users\Xen\AppData\Local\temp
2010-09-21 20:48 . 2010-09-21 20:48    --------    d-----w-    c:\users\inferior\AppData\Local\temp
2010-09-21 20:48 . 2010-09-21 20:48    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-09-21 19:36 . 2010-09-21 20:33    --------    d-----w-    c:\programdata\Kaspersky Lab
2010-09-21 19:35 . 2009-10-22 11:54    37392    ----a-w-    c:\windows\system32\drivers\62396942.sys
2010-09-21 19:35 . 2009-10-09 21:31    311312    ----a-w-    c:\windows\system32\drivers\6239694.sys
2010-09-21 19:35 . 2009-09-25 15:59    128016    ----a-w-    c:\windows\system32\drivers\62396941.sys
2010-09-21 18:28 . 2010-09-21 18:29    --------    d-----w-    C:\rsit
2010-09-21 18:25 . 2010-09-21 18:28    --------    d-----w-    c:\program files\trend micro
2010-09-21 18:23 . 2010-09-21 18:23    1791    ----a-w-    c:\users\Xen\AppData\Roaming\.purple\certificates\x509\tls_peers\bos.oscar.aol.com
2010-09-21 18:23 . 2010-09-21 18:23    1779    ----a-w-    c:\users\Xen\AppData\Roaming\.purple\certificates\x509\tls_peers\api.oscar.aol.com
2010-09-21 18:23 . 2010-09-21 18:23    1691    ----a-w-    c:\users\Xen\AppData\Roaming\.purple\certificates\x509\tls_peers\api.screenname.aol.com
2010-09-21 15:30 . 2010-09-21 15:30    --------    d-----w-    c:\users\Xen\AppData\Roaming\Malwarebytes
2010-09-21 15:30 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-21 15:30 . 2010-09-21 15:30    --------    d-----w-    c:\programdata\Malwarebytes
2010-09-21 15:30 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-09-21 15:26 . 2010-09-21 15:26    --------    dc----w-    c:\windows\system32\DRVSTORE
2010-09-21 15:26 . 2010-08-12 12:15    64288    ----a-w-    c:\windows\system32\drivers\Lbd.sys
2010-09-21 15:26 . 2010-09-21 15:26    95024    ----a-w-    c:\windows\system32\drivers\SBREDrv.sys
2010-09-21 15:22 . 2010-09-21 15:22    --------    d-----w-    c:\users\Xen\AppData\Local\Sunbelt Software
2010-09-21 15:22 . 2010-08-12 12:16    2979848    -c--a-w-    c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}\Ad-AwareInstall.exe
2010-09-21 15:21 . 2010-09-21 15:26    --------    d-----w-    c:\programdata\Lavasoft
2010-09-21 15:21 . 2010-09-21 15:21    --------    d-----w-    c:\program files\Lavasoft
2010-09-21 15:16 . 2010-09-21 15:22    --------    dc-h--w-    c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-21 14:07 . 2010-09-21 14:07    --------    d-----w-    c:\users\Xen\AppData\Roaming\TrojanHunter
2010-09-21 13:04 . 2010-09-21 13:04    --------    d-----w-    c:\programdata\TrojanHunter
2010-09-21 06:49 . 2010-09-21 14:09    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2010-09-20 11:57 . 2010-09-20 11:57    --------    d-----w-    C:\AuthLog
2010-09-15 19:49 . 2010-08-21 05:32    316928    ----a-w-    c:\windows\system32\spoolsv.exe
2010-09-15 09:07 . 2010-09-15 09:08    --------    d-----w-    c:\users\inferior\AppData\Roaming\vlc
2010-09-14 21:50 . 2010-09-14 21:50    --------    d-----w-    c:\users\inferior\AppData\Roaming\Intel
2010-09-09 06:16 . 2010-09-09 06:16    444952    ----a-w-    c:\windows\system32\wrap_oal.dll
2010-09-09 06:16 . 2010-09-09 06:16    109080    ----a-w-    c:\windows\system32\OpenAL32.dll
2010-09-09 06:16 . 2010-09-09 06:16    --------    d-----w-    c:\program files\OpenAL
2010-09-08 18:24 . 1998-10-29 14:45    306688    ----a-w-    c:\windows\IsUninst.exe
2010-08-31 20:35 . 2010-08-31 20:35    --------    d-----w-    c:\program files\Microsoft.NET
2010-08-31 19:42 . 2010-08-31 20:39    --------    d-----w-    c:\users\Xen\AppData\Local\ApplicationHistory
2010-08-31 19:42 . 2010-08-31 19:42    96    ----a-w-    c:\users\Xen\AppData\Local\fusioncache.dat
2010-08-31 19:31 . 2010-08-31 19:31    --------    d-----w-    c:\windows\system32\URTTEMP
2010-08-31 19:31 . 2010-08-31 19:57    724992    ----a-w-    c:\windows\iun6002.exe
2010-08-25 13:55 . 2010-04-07 07:10    571904    ----a-w-    c:\windows\system32\oleaut32.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-21 20:36 . 2009-07-14 08:44    639986    ----a-w-    c:\windows\system32\perfh005.dat
2010-09-21 20:36 . 2009-07-14 08:44    126866    ----a-w-    c:\windows\system32\perfc005.dat
2010-09-21 20:20 . 2010-06-15 21:31    --------    d-----w-    c:\users\Xen\AppData\Roaming\.purple
2010-09-21 19:34 . 2010-06-14 17:29    --------    d-----w-    c:\users\Xen\AppData\Roaming\SiteAdvisor
2010-09-21 06:39 . 2010-06-14 20:32    --------    d-----w-    c:\users\Xen\AppData\Roaming\Skype
2010-09-20 14:57 . 2010-06-15 12:43    1    ----a-w-    c:\users\Xen\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-17 11:41 . 2010-06-14 09:49    --------    d-----w-    c:\program files\Lenovo
2010-09-17 10:41 . 2010-06-15 18:06    --------    d-----w-    c:\users\Xen\AppData\Roaming\vlc
2010-09-17 10:39 . 2010-06-15 21:56    --------    d-----w-    c:\users\Xen\AppData\Roaming\gtk-2.0
2010-09-15 09:49 . 2010-06-23 20:29    --------    d-----w-    c:\users\inferior\AppData\Roaming\SiteAdvisor
2010-09-14 13:55 . 2010-06-14 18:48    --------    d-----w-    c:\users\Xen\AppData\Roaming\FileZilla
2010-09-10 17:59 . 2010-07-20 08:57    --------    d-----w-    c:\users\Xen\AppData\Roaming\dvdcss
2010-08-20 07:45 . 2010-08-20 07:45    --------    d-----w-    c:\program files\QS
2010-08-20 07:45 . 2010-08-20 07:45    --------    d-----w-    c:\users\Xen\AppData\Roaming\TeamViewer
2010-08-17 09:36 . 2010-08-17 09:36    --------    d-----w-    c:\users\Xen\AppData\Roaming\Foxit Software
2010-08-15 19:06 . 2010-06-14 10:27    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-08-09 15:25 . 2010-06-16 08:07    --------    d-----w-    c:\users\Xen\AppData\Roaming\Winamp
2010-08-03 10:36 . 2010-08-03 10:36    --------    d-----w-    c:\program files\MSECache
2010-07-29 06:30 . 2010-08-12 20:08    197632    ----a-w-    c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 20:08    82944    ----a-w-    c:\windows\system32\iccvid.dll
2010-07-28 18:06 . 2010-07-28 17:49    --------    d-----w-    c:\users\Xen\AppData\Roaming\Hamachi
2010-07-17 01:12 . 2010-07-17 01:12    691696    ----a-w-    c:\windows\system32\drivers\sptd.sys
2010-06-30 06:25 . 2010-08-12 20:08    978432    ----a-w-    c:\windows\system32\wininet.dll
2010-06-28 15:47 . 2010-06-28 15:47    24576    ----a-w-    c:\users\Xen\AppData\Roaming\Mikogo\B-Capture.exe
2010-06-28 15:47 . 2010-06-28 15:47    185640    ----a-w-    c:\users\Xen\AppData\Roaming\Mikogo\B-Service.exe
2009-06-10 21:26 . 2009-07-14 02:04    9633792    --sha-r-    c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42    396800    --sha-w-    c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\work\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Google Update"="c:\users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-09-21 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"FingerPrintSoftwareSplashScreen"="c:\program files\Lenovo Fingerprint Software\SplashScreen.exe \s" [X]
"avgnt"="d:\software\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-09-09 176128]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-03-03 886120]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-13 36864]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2010-07-27 69560]
"COMODO Internet Security"="d:\software\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-21 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-21 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-21 169496]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2010-04-20 62312]

c:\users\Xen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
avptool.lnk - d:\software\AVPTool\avptool\startup.exe [2010-9-21 72208]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Apache Servers.lnk - d:\software\Apache\bin\ApacheMonitor.exe [2010-3-4 41051]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2010-02-05 106496]
R3 B-Service;B-Service;c:\users\Xen\AppData\Roaming\Mikogo\B-Service.exe [2010-06-28 185640]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-03-03 132456]
R3 iatmunin;iatmunin;c:\users\Xen\AppData\Local\Temp\iatmunin.sys [x]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-09-21 1355928]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-03-03 75112]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-14 1343400]
R4 ApRunSvc;Alps Application Launcher Service;c:\program files\Apoint2K\ApRunSvc.exe [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-07-17 691696]
S0 62396942;62396942 Boot Guard Driver;c:\windows\system32\DRIVERS\62396942.sys [2009-10-22 37392]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-03-03 24304]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
S1 62396941;62396941;c:\windows\system32\DRIVERS\62396941.sys [2009-09-25 128016]
S1 avptooldrv;avptooldrv;c:\windows\system32\DRIVERS\6239694.sys [2009-10-09 311312]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-06-04 224240]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-06-01 30112]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\software\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 Apache2.2;Apache2.2;d:\software\Apache\bin\httpd.exe [2010-03-04 24645]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2010-02-05 1824064]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2010-02-05 98304]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-04-20 50536]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-04-20 74088]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
S2 SBSDWSCService;SBSD Security Center Service;d:\software\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2010-02-05 661448]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService    REG_MULTI_SZ       HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'

2010-09-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 15:26]

2010-09-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-904805162-1261590103-2039216501-1000Core.job
- c:\users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-21 06:15]

2010-09-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-904805162-1261590103-2039216501-1000UA.job
- c:\users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-21 06:15]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
FF - ProfilePath - c:\users\Xen\AppData\Roaming\Mozilla\Firefox\Profiles\54i3923q.default\
FF - prefs.js: browser.search.selectedEngine - Wikimedia Commons (en)
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.enabled - false
FF - plugin: c:\users\Xen\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Xen\AppData\Roaming\Mozilla\Firefox\Profiles\54i3923q.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll

---- NASTAVENÍ FIREFOXU ----
d:\software\Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
d:\software\Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
d:\software\Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\software\Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-tsnp2uvc - c:\windows\tsnp2uvc.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"d:\software\MySQL\bin\mysqld\" --defaults-file=\"d:\software\MySQL\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{3037D694-FD904ACA-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(1272)
c:\program files\Lenovo\Access Connections\ACDeskBand.dll
c:\program files\Lenovo\Access Connections\AcLocSettings.dll
c:\program files\Lenovo\Access Connections\AcCryptHlpr.dll
c:\program files\Lenovo\Access Connections\ACHelper.dll
c:\program files\Lenovo\Access Connections\AcSvcStub.dll
c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
d:\software\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\software\Avira\AntiVir Desktop\avguard.exe
d:\software\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\ibmpmsvc.exe
d:\software\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
d:\software\MySQL\bin\mysqld.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Lenovo\Access Connections\AcSvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\system32\wbem\unsecapp.exe
c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\windows\System32\TpShocks.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\windows\system32\sppsvc.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2010-09-21  22:56:19 - počítač byl restartován
ComboFix-quarantined-files.txt  2010-09-21 20:56

Před spuštěním: Volných bajtů: 20 418 428 928
Po spuštění: Volných bajtů: 20 227 526 656

- - End Of File - - D3479783BD1742A2CC50ADA1AE4527E0

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\system32\drivers\62396942.sys
c:\windows\system32\drivers\6239694.sys
c:\windows\system32\drivers\62396941.sys

Driver::
62396941
6239694
62396942

Uložte na plochu jako CFScript.txt. pak jej myšípřetáhněte nad ikonu ComboFix a pustte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Provedl jsem. Mohl byste mi případně vysvětlit, prož zrovna tyto .sys soubory? Je to příznak nějakého konkrétního rootkitu? Rád se něco přiučím.

Kód: Vybrat vše

ComboFix 10-09-21.01 - Xen 21.09.2010  23:21:11.2.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1250.420.1029.18.1944.851 [GMT 2:00]
Spuštěný z: c:\users\Xen\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Xen\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
 * Vytvořen nový Bod Obnovení

file zipped: c:\windows\system32\drivers\6239694.sys
file zipped: c:\windows\system32\drivers\62396941.sys
file zipped: c:\windows\system32\drivers\62396942.sys
.

(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\6239694.sys
c:\windows\system32\drivers\62396941.sys
c:\windows\system32\drivers\62396942.sys

Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena. 
Obnovena kopie z - c:\windows\ERDNT\cache\userinit.exe 

.
(((((((((((((((((((((((((((((((((((((((   Ovladače/Služby   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_62396941
-------\Legacy_62396942
-------\Service_62396941
-------\Service_62396942
-------\Legacy_avptooldrv
-------\Service_avptooldrv


(((((((((((((((((((((((((   Soubory vytvořené od 2010-08-21 do 2010-09-21  )))))))))))))))))))))))))))))))
.

2010-09-21 21:29 . 2010-09-21 21:31    --------    d-----w-    c:\users\Xen\AppData\Local\temp
2010-09-21 21:29 . 2010-09-21 21:29    --------    d-----w-    c:\users\Public\AppData\Local\temp
2010-09-21 21:29 . 2010-09-21 21:29    --------    d-----w-    c:\users\inferior\AppData\Local\temp
2010-09-21 21:29 . 2010-09-21 21:29    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-09-21 20:48 . 2010-09-21 20:48    --------    d-----w-    C:\Device
2010-09-21 19:36 . 2010-09-21 20:51    --------    d-----w-    c:\programdata\Kaspersky Lab
2010-09-21 18:28 . 2010-09-21 18:29    --------    d-----w-    C:\rsit
2010-09-21 18:25 . 2010-09-21 18:28    --------    d-----w-    c:\program files\trend micro
2010-09-21 18:23 . 2010-09-21 18:23    1791    ----a-w-    c:\users\Xen\AppData\Roaming\.purple\certificates\x509\tls_peers\bos.oscar.aol.com
2010-09-21 18:23 . 2010-09-21 18:23    1779    ----a-w-    c:\users\Xen\AppData\Roaming\.purple\certificates\x509\tls_peers\api.oscar.aol.com
2010-09-21 18:23 . 2010-09-21 18:23    1691    ----a-w-    c:\users\Xen\AppData\Roaming\.purple\certificates\x509\tls_peers\api.screenname.aol.com
2010-09-21 15:30 . 2010-09-21 15:30    --------    d-----w-    c:\users\Xen\AppData\Roaming\Malwarebytes
2010-09-21 15:30 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-21 15:30 . 2010-09-21 15:30    --------    d-----w-    c:\programdata\Malwarebytes
2010-09-21 15:30 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-09-21 15:26 . 2010-09-21 15:26    --------    dc----w-    c:\windows\system32\DRVSTORE
2010-09-21 15:26 . 2010-08-12 12:15    64288    ----a-w-    c:\windows\system32\drivers\Lbd.sys
2010-09-21 15:26 . 2010-09-21 15:26    95024    ----a-w-    c:\windows\system32\drivers\SBREDrv.sys
2010-09-21 15:22 . 2010-09-21 15:22    --------    d-----w-    c:\users\Xen\AppData\Local\Sunbelt Software
2010-09-21 15:22 . 2010-08-12 12:16    2979848    -c--a-w-    c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}\Ad-AwareInstall.exe
2010-09-21 15:21 . 2010-09-21 15:26    --------    d-----w-    c:\programdata\Lavasoft
2010-09-21 15:21 . 2010-09-21 15:21    --------    d-----w-    c:\program files\Lavasoft
2010-09-21 15:16 . 2010-09-21 15:22    --------    dc-h--w-    c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-21 14:07 . 2010-09-21 14:07    --------    d-----w-    c:\users\Xen\AppData\Roaming\TrojanHunter
2010-09-21 06:49 . 2010-09-21 14:09    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2010-09-20 11:57 . 2010-09-20 11:57    --------    d-----w-    C:\AuthLog
2010-09-15 19:49 . 2010-08-21 05:32    316928    ----a-w-    c:\windows\system32\spoolsv.exe
2010-09-15 09:07 . 2010-09-15 09:08    --------    d-----w-    c:\users\inferior\AppData\Roaming\vlc
2010-09-14 21:50 . 2010-09-14 21:50    --------    d-----w-    c:\users\inferior\AppData\Roaming\Intel
2010-09-09 06:16 . 2010-09-09 06:16    444952    ----a-w-    c:\windows\system32\wrap_oal.dll
2010-09-09 06:16 . 2010-09-09 06:16    109080    ----a-w-    c:\windows\system32\OpenAL32.dll
2010-09-09 06:16 . 2010-09-09 06:16    --------    d-----w-    c:\program files\OpenAL
2010-09-08 18:24 . 1998-10-29 14:45    306688    ----a-w-    c:\windows\IsUninst.exe
2010-08-31 20:35 . 2010-08-31 20:35    --------    d-----w-    c:\program files\Microsoft.NET
2010-08-31 19:42 . 2010-08-31 20:39    --------    d-----w-    c:\users\Xen\AppData\Local\ApplicationHistory
2010-08-31 19:42 . 2010-08-31 19:42    96    ----a-w-    c:\users\Xen\AppData\Local\fusioncache.dat
2010-08-31 19:31 . 2010-08-31 19:31    --------    d-----w-    c:\windows\system32\URTTEMP
2010-08-31 19:31 . 2010-08-31 19:57    724992    ----a-w-    c:\windows\iun6002.exe
2010-08-25 13:55 . 2010-04-07 07:10    571904    ----a-w-    c:\windows\system32\oleaut32.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-21 21:19 . 2010-06-14 17:29    --------    d-----w-    c:\users\Xen\AppData\Roaming\SiteAdvisor
2010-09-21 20:54 . 2009-07-14 08:44    639986    ----a-w-    c:\windows\system32\perfh005.dat
2010-09-21 20:54 . 2009-07-14 08:44    126866    ----a-w-    c:\windows\system32\perfc005.dat
2010-09-21 20:20 . 2010-06-15 21:31    --------    d-----w-    c:\users\Xen\AppData\Roaming\.purple
2010-09-21 06:39 . 2010-06-14 20:32    --------    d-----w-    c:\users\Xen\AppData\Roaming\Skype
2010-09-20 14:57 . 2010-06-15 12:43    1    ----a-w-    c:\users\Xen\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-17 11:41 . 2010-06-14 09:49    --------    d-----w-    c:\program files\Lenovo
2010-09-17 10:41 . 2010-06-15 18:06    --------    d-----w-    c:\users\Xen\AppData\Roaming\vlc
2010-09-17 10:39 . 2010-06-15 21:56    --------    d-----w-    c:\users\Xen\AppData\Roaming\gtk-2.0
2010-09-15 09:49 . 2010-06-23 20:29    --------    d-----w-    c:\users\inferior\AppData\Roaming\SiteAdvisor
2010-09-14 13:55 . 2010-06-14 18:48    --------    d-----w-    c:\users\Xen\AppData\Roaming\FileZilla
2010-09-10 17:59 . 2010-07-20 08:57    --------    d-----w-    c:\users\Xen\AppData\Roaming\dvdcss
2010-08-20 07:45 . 2010-08-20 07:45    --------    d-----w-    c:\program files\QS
2010-08-20 07:45 . 2010-08-20 07:45    --------    d-----w-    c:\users\Xen\AppData\Roaming\TeamViewer
2010-08-17 09:36 . 2010-08-17 09:36    --------    d-----w-    c:\users\Xen\AppData\Roaming\Foxit Software
2010-08-15 19:06 . 2010-06-14 10:27    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-08-09 15:25 . 2010-06-16 08:07    --------    d-----w-    c:\users\Xen\AppData\Roaming\Winamp
2010-08-03 10:36 . 2010-08-03 10:36    --------    d-----w-    c:\program files\MSECache
2010-07-29 06:30 . 2010-08-12 20:08    197632    ----a-w-    c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 20:08    82944    ----a-w-    c:\windows\system32\iccvid.dll
2010-07-28 18:06 . 2010-07-28 17:49    --------    d-----w-    c:\users\Xen\AppData\Roaming\Hamachi
2010-07-17 01:12 . 2010-07-17 01:12    691696    ----a-w-    c:\windows\system32\drivers\sptd.sys
2010-06-30 06:25 . 2010-08-12 20:08    978432    ----a-w-    c:\windows\system32\wininet.dll
2010-06-28 15:47 . 2010-06-28 15:47    24576    ----a-w-    c:\users\Xen\AppData\Roaming\Mikogo\B-Capture.exe
2010-06-28 15:47 . 2010-06-28 15:47    185640    ----a-w-    c:\users\Xen\AppData\Roaming\Mikogo\B-Service.exe
2009-06-10 21:26 . 2009-07-14 02:04    9633792    --sha-r-    c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42    396800    --sha-w-    c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\work\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Google Update"="c:\users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-09-21 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"FingerPrintSoftwareSplashScreen"="c:\program files\Lenovo Fingerprint Software\SplashScreen.exe \s" [X]
"avgnt"="d:\software\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-09-09 176128]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-03-03 886120]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-13 36864]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2010-07-27 69560]
"COMODO Internet Security"="d:\software\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-21 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-21 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-21 169496]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2010-04-20 62312]

c:\users\Xen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
avptool.lnk - d:\software\AVPTool\avptool\startup.exe [2010-9-21 72208]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Apache Servers.lnk - d:\software\Apache\bin\ApacheMonitor.exe [2010-3-4 41051]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2010-02-05 106496]
R3 B-Service;B-Service;c:\users\Xen\AppData\Roaming\Mikogo\B-Service.exe [2010-06-28 185640]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-03-03 132456]
R3 iatmunin;iatmunin;c:\users\Xen\AppData\Local\Temp\iatmunin.sys [x]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-09-21 1355928]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-03-03 75112]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-14 1343400]
R4 ApRunSvc;Alps Application Launcher Service;c:\program files\Apoint2K\ApRunSvc.exe [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-07-17 691696]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-03-03 24304]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-06-04 224240]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-06-01 30112]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\software\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 Apache2.2;Apache2.2;d:\software\Apache\bin\httpd.exe [2010-03-04 24645]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2010-02-05 1824064]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2010-02-05 98304]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-04-20 50536]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-04-20 74088]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
S2 SBSDWSCService;SBSD Security Center Service;d:\software\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2010-02-05 661448]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService    REG_MULTI_SZ       HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'

2010-09-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 15:26]

2010-09-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-904805162-1261590103-2039216501-1000Core.job
- c:\users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-21 06:15]

2010-09-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-904805162-1261590103-2039216501-1000UA.job
- c:\users\Xen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-21 06:15]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
FF - ProfilePath - c:\users\Xen\AppData\Roaming\Mozilla\Firefox\Profiles\54i3923q.default\
FF - prefs.js: browser.search.selectedEngine - Wikimedia Commons (en)
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.enabled - false
FF - plugin: c:\users\Xen\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Xen\AppData\Roaming\Mozilla\Firefox\Profiles\54i3923q.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll

---- NASTAVENÍ FIREFOXU ----
d:\software\Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
d:\software\Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
d:\software\Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\software\Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"d:\software\MySQL\bin\mysqld\" --defaults-file=\"d:\software\MySQL\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{3037D694-FD904ACA-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(4924)
c:\program files\Lenovo\Access Connections\ACDeskBand.dll
c:\program files\Lenovo\Access Connections\AcLocSettings.dll
c:\program files\Lenovo\Access Connections\AcCryptHlpr.dll
c:\program files\Lenovo\Access Connections\ACHelper.dll
c:\program files\Lenovo\Access Connections\AcSvcStub.dll
c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
d:\software\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\software\Avira\AntiVir Desktop\avguard.exe
d:\software\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\ibmpmsvc.exe
d:\software\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
d:\software\MySQL\bin\mysqld.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Lenovo\Access Connections\AcSvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\system32\wbem\unsecapp.exe
c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\windows\System32\TpShocks.exe
c:\windows\System32\rundll32.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
d:\software\AVPTool\avptool\avptool.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\sppsvc.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2010-09-21  23:36:44 - počítač byl restartován
ComboFix-quarantined-files.txt  2010-09-21 21:36
ComboFix2.txt  2010-09-21 20:56

Před spuštěním: Volných bajtů: 19 935 870 976
Po spuštění: Volných bajtů: 19 738 808 320

- - End Of File - - 6215B635A9B0025B0F23063B14695C28
Nahr nˇ probŘhlo ŁspŘçnŘ

Tohle se jen jako rootkit tváří. Soubory a ovladače patří AVPTool, který jste jednorázově použil jako skener. Být tam a zatěžovat systém nemusí. Jinak je log čistý.

Díky, snad jsem se té havěti zbavil. Bohužel mne to připojení pořád trápí tím samým problémem.

Zkuste použít WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Utilita reinstaluje protokol TCP/IP . Máte-li parametry sítě zadány ručně, budete je muset po restartu PC znovu zadat.

Mám Win7, takže ten prográmek nespustím. Mám to zkusit ručně?

Jj. To je pravda, pod Win7 nefunguje. Zkuste to ručně.

Nuže tak ani tento krok potíže neodstranil.

Ještě můžete PC vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 . Problém ale také může být v připojení.

VIRY.CZ

Zpoždění načítání webové stránky

Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky

Re: Zpoždění načítání webové stránky