VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by Milan at 2010-11-22 19:07:55
Systém Microsoft Windows XP Professional Service Pack 1
System drive C: has 14 GB (46%) free of 30 GB
Total RAM: 1014 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:30, on 22.11.2010
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\WINDOWS\System32\igfxext.exe
C:\DOCUME~1\Milan\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\ICQ7.2\ICQ.exe
C:\Documents and Settings\Milan\Plocha\RSIT.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: CHelper Class - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - D:\EUROTR~1\e2003i.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{380DC7C2-B36F-4523-9705-730B2EEDE37E}: NameServer = 192.168.30.2,62.40.86.5
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O24 - Desktop Component 0: (no name) - http://atlas.cz/design/logo-atlas.gif

--
End of file - 8811 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2007-08-13 1129472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-10-24 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99A7C4DD-B2E6-4CA0-BB6E-737A61364155}]
CHelper Class - D:\EUROTR~1\e2003i.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-08 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Rádio - C:\WINDOWS\System32\msdxm.ocx [2002-09-20 844828]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2007-08-13 1129472]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-08-16 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-08-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2006-08-16 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-08-16 53248]
"igfxtray"=C:\WINDOWS\System32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\System32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\System32\igfxpers.exe [2006-03-23 118784]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-11-22 949376]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-03-09 2957824]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-24 198160]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2009-04-17 54576]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe [2010-07-14 409600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2002-09-20 13312]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-11-15 1670144]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-07 39408]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-04-17 95536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]
C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe -nosplash -minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\Milan\Plocha\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-11-22 19:07:57 ----D---- C:\Program Files\trend micro
2010-11-22 19:07:55 ----D---- C:\rsit
2010-11-18 13:59:10 ----D---- C:\Documents and Settings\Milan\Data aplikací\Publish Providers
2010-11-18 13:58:33 ----D---- C:\Documents and Settings\Milan\Data aplikací\Sony
2010-11-18 13:51:08 ----D---- C:\Program Files\Vstplugins
2010-11-18 13:51:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2010-11-18 13:49:57 ----D---- C:\WINDOWS\SxsCaPendDel
2010-11-16 18:43:04 ----RSH---- C:\Documents and Settings\Milan\Data aplikací\juzjf.exe
2010-11-07 21:18:12 ----A---- C:\WINDOWS\System32\CmdLineExt.dll

======List of files/folders modified in the last 1 months======

2010-11-22 19:07:57 ----RD---- C:\Program Files
2010-11-22 18:59:01 ----D---- C:\WINDOWS\Temp
2010-11-22 18:55:32 ----D---- C:\Program Files\Mozilla Firefox
2010-11-22 18:21:19 ----D---- C:\Documents and Settings\Milan\Data aplikací\ICQ
2010-11-22 17:57:56 ----D---- C:\Program Files\WinClamAVShield
2010-11-22 17:57:30 ----SD---- C:\WINDOWS\Tasks
2010-11-22 17:57:23 ----D---- C:\WINDOWS\Debug
2010-11-22 14:33:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-21 18:20:35 ----D---- C:\Documents and Settings\Milan\Data aplikací\Spyware Terminator
2010-11-21 18:20:26 ----D---- C:\Program Files\Spyware Terminator
2010-11-19 20:34:36 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-18 13:51:26 ----SHD---- C:\WINDOWS\Installer
2010-11-18 13:50:53 ----D---- C:\WINDOWS\system32
2010-11-18 13:50:14 ----D---- C:\WINDOWS\WinSxS
2010-11-18 13:49:57 ----D---- C:\WINDOWS
2010-11-07 20:22:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-07 18:51:37 ----D---- C:\WINDOWS\System32\CatRoot2
2010-11-02 17:33:09 ----D---- C:\WINDOWS\Prefetch
2010-10-31 20:09:25 ----D---- C:\Program Files\ICQ7.2
2010-10-31 17:58:31 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2010-10-27 13:05:14 ----D---- C:\WINDOWS\Minidump
2010-10-27 11:33:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-10-26 18:17:22 ----D---- C:\Documents and Settings\Milan\Data aplikací\MSN6
2010-10-24 13:27:59 ----D---- C:\WINDOWS\System32\drivers
2010-10-24 13:27:58 ----HD---- C:\WINDOWS\inf

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-10-24 43840]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2007-11-22 15424]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\System32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2001-08-17 8064]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2007-11-22 512096]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\System32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-16 4304384]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\System32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112]
R3 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\System32\DRIVERS\Axtmvflt.sys [2007-09-20 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\System32\DRIVERS\Axtmvmdm.sys [2007-09-20 40064]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\System32\DRIVERS\k750bus.sys [2008-04-05 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\System32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\System32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\System32\DRIVERS\k750obex.sys []
S3 upperdev;upperdev; C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2002-08-29 28160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 Wdf01000;Wdf01000; C:\WINDOWS\System32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-11-22 552064]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-03-09 1097216]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-08 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-08 194032]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

-----------------EOF-----------------

Zdravim a pekny vecer preji

Kde presne je havet hlasena, ja tam nejakou vidim, ale at se pokocham i detekci AV

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Dobrý večer, vyskakuje to při zapnutí PC

info.txt logfile of random's system information tool 1.08 2010-11-22 19:08:36

======Uninstall list======

-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A70000000000}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\System32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Antivirový systém NOD32-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
ATF-->C:\WINDOWS\UIA200.exe "D:\\DelList.lst"
aTube Catcher-->H:\aTube Catcher 2.0\uninstall.exe
BSPlayer-->"C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini
Canon MP210 series-->"C:\WINDOWS\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series /L0x0005
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
Crawler Toolbar with Web Security Guard-->C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe uninst
CS 1.6 cz-->C:\Program Files\Valve\Uninstal.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\fmcodec.inf
FormatFactory 2.00-->G:\Programy\FormatFactory\uninst.exe
Free Pascal 2.2.4-->"G:\Pascal\unins000.exe"
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcZUnM5k.inf
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spuninst.exe"
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
InfoMapa 12-->MsiExec.exe /I{DE96B80B-3DC8-48B9-89AC-C5FDE2915FFB}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 5.3.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Motocross Madness 2 Trial-->"G:\MVIDEO\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (2.0.0.20)-->C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe"
OLYMPUS Master 2-->MsiExec.exe /X{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}
Oprava Hotfix systému Windows XP číslo KB842773-->C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
Oprava Hotfix systému Windows XP číslo KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
save2pc Light 4.01-->"G:\save2pc\unins000.exe"
ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
Vegas Movie Studio Platinum 9.0-->MsiExec.exe /X{97E038E1-41AD-4C93-BCDC-6A2394AEE352}
VertrigoServ (remove only)-->G:\Programy\VertrigoServ\Uninstall.exe
Windows Commander (Remove or Repair)-->c:\wincmd\wcuninst.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Xvid 1.2.1 final uninstall-->"C:\Program Files\Xvid\unins000.exe"

======System event log======

Computer Name: JABLUNKO-ADQUCP
Event Code: 34
Message: Služba Systémový čas zjistila, že je nutné změnit
systémový čas o -26179198 sekund. Služba Systémový čas nemění systémový
čas o více než -54000 sekund. Ověřte správnost času a časového pásma, a zda zdroj času time.windows.com (ntp.m|0x1|192.168.1.100:123->207.46.232.182:123) pracuje správně.

Record Number: 24052
Source Name: W32Time
Time Written: 20101222175625.000000+060
Event Type: Chyba
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 8033
Message: Prohledávač vyvolal v síti \Device\NetBT_Tcpip_{E1D3E168-A5FB-49E0-80C1-F525D9959E3B} volby, protože hlavní prohledávač byl zastaven.

Record Number: 24051
Source Name: BROWSER
Time Written: 20101222175606.000000+060
Event Type: Informace
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 1000
Message: Zapůjčení adresy IP počítače 192.168.1.100 pro
síťovou kartu se síťovou adresou 0019D265B9E2 byla ukončena.

Record Number: 24050
Source Name: Dhcp
Time Written: 20101222175606.000000+060
Event Type: Chyba
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 1003
Message: Nebylo možno obnovit adresu počítače ze sítě (ze serveru
DHCP) pro síťovou kartu s adresou 0019D265B9E2. Došlo k následující
chybě:
Časový limit semaforu vypršel.
.
Počítač se bude pokoušet získat síťovou adresu samostatně ze serveru
DHCP.

Record Number: 24049
Source Name: Dhcp
Time Written: 20101222175606.000000+060
Event Type: Upozornění
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{E1D3E168-A5FB-49E0-80C1-F525D9959E3B} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 24048
Source Name: Tcpip
Time Written: 20101222175606.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: JABLUNKO-ADQUCP
Event Code: 0
Message:
Record Number: 5
Source Name: gupdate
Time Written: 20100404173612.000000+120
Event Type: Informace
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 0
Message:
Record Number: 4
Source Name: gusvc
Time Written: 20100404122404.000000+120
Event Type: Informace
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 0
Message:
Record Number: 3
Source Name: gupdate
Time Written: 20100404122337.000000+120
Event Type: Informace
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 0
Message:
Record Number: 2
Source Name: gusvc
Time Written: 20100404122301.000000+120
Event Type: Informace
User:

Computer Name: JABLUNKO-ADQUCP
Event Code: 0
Message:
Record Number: 1
Source Name: gupdate
Time Written: 20100404122301.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Teleca Shared
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Vzhledem k tomu, ze pouzivate nelegalni SW Obrázek

se nedivim, ze jste navstevnikem naseho fora

Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek

, pachate trestny cin a ten jako takovy nebude nasim forem podporovan

Uvedomte si, ze jste na bezpecnostnim foru, podpora warezu (zvlaste bezpecnostnich programu) by byla zcela proti logice fora

Obstarejte si proto legalni ochranu Vaseho PC (antivir+firewall), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.

Osobne Vam doporucuji kombinaci Avast+ZoneAlarm. Prehled antiviru mate ZDE a firewallu TADY.

Log z RSITu - viz muj podpis

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Neni to můj počitač, a omlouvám se

Me se neomlouvejte, me na dvere busit ČPPU nebude

Az bude v PC legalni ochrana, budeme pokracovat...

VIRY.CZ

Antivirus hlásí 2viry které nelze smazat zde log

Antivirus hlásí 2viry které nelze smazat zde log

Re: Antivirus hlásí 2viry které nelze smazat zde log

Re: Antivirus hlásí 2viry které nelze smazat zde log

Re: Antivirus hlásí 2viry které nelze smazat zde log

Re: Antivirus hlásí 2viry které nelze smazat zde log

Re: Antivirus hlásí 2viry které nelze smazat zde log