VIRY.CZ

Zdravím, mám tu nějakýho hajzlíka v systému, nijak se neprojevuje, jen nejedou browsery, aktualizace programů.
Použito: NOD 32 3,0; hijackthis, lspfix, spybot, combofix - nic nepomohlo, spojení je, protože pingy procházejí.

RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ivan at 2011-02-22 19:55:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 56 GB (74%) free of 76 GB
Total RAM: 2039 MB (77% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-01 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-01 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-01 138008]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-06-13 16377344]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-04-10 372825]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-06-29 89541]
"AveoSTI.exe"=C:\Program Files\AVEO\AveoCap\AveoSTI.exe [2007-11-06 24576]
"MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2008-01-09 180224]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-25 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-02-22 19:55:01 ----D---- C:\rsit
2011-02-22 19:55:01 ----D---- C:\Program Files\trend micro
2011-02-22 19:51:59 ----D---- C:\WINDOWS\temp
2011-02-22 19:51:58 ----A---- C:\ComboFix.txt
2011-02-22 19:47:51 ----A---- C:\WINDOWS\zip.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\SWSC.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\SWREG.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\sed.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\PEV.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\NIRCMD.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\MBR.exe
2011-02-22 19:47:51 ----A---- C:\WINDOWS\grep.exe
2011-02-22 19:47:46 ----D---- C:\WINDOWS\ERDNT
2011-02-22 19:47:41 ----AD---- C:\Qoobox
2011-02-22 19:39:31 ----A---- C:\WINDOWS\UC.PIF
2011-02-22 19:39:31 ----A---- C:\WINDOWS\RAR.PIF
2011-02-22 19:39:31 ----A---- C:\WINDOWS\PKZIP.PIF
2011-02-22 19:39:31 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-02-22 19:39:31 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-02-22 19:39:31 ----A---- C:\WINDOWS\LHA.PIF
2011-02-22 19:39:31 ----A---- C:\WINDOWS\ARJ.PIF
2011-02-22 19:39:30 ----D---- C:\totalcmd
2011-02-22 19:39:30 ----D---- C:\Documents and Settings\Ivan\Data aplikací\GHISLER
2011-02-22 19:15:58 ----D---- C:\Program Files\CCleaner
2011-02-22 19:13:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-02-22 19:13:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-02-22 18:23:01 ----D---- C:\Config.Msi
2011-02-22 17:54:01 ----D---- C:\Program Files\Mozilla Firefox
2011-02-22 16:50:22 ----D---- C:\Program Files\ESET
2011-02-22 16:50:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-02-22 16:43:28 ----D---- C:\Documents and Settings\Ivan\Data aplikací\TuneUp Software
2011-02-22 16:43:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-02-22 16:42:46 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2011-02-22 16:27:30 ----D---- C:\Documents and Settings\Ivan\Data aplikací\Mozilla
2011-02-19 21:58:15 ----D---- C:\WINDOWS\Prefetch
2011-02-19 21:54:54 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2011-02-19 21:54:46 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2011-02-19 21:54:38 ----HD---- C:\WINDOWS\$NtUninstallKB975561$
2011-02-19 21:54:32 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2011-02-19 21:54:23 ----HD---- C:\WINDOWS\$NtUninstallKB970430$
2011-02-19 21:54:17 ----HD---- C:\WINDOWS\$NtUninstallKB971737$
2011-02-19 21:54:11 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-02-19 21:54:05 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2011-02-19 21:53:57 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2011-02-19 21:53:50 ----HD---- C:\WINDOWS\$NtUninstallKB971468$
2011-02-19 21:53:41 ----HD---- C:\WINDOWS\$NtUninstallKB980232$
2011-02-19 21:53:33 ----HD---- C:\WINDOWS\$NtUninstallKB973687_1$
2011-02-19 21:53:27 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2011-02-19 21:53:21 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2011-02-19 21:53:14 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2011-02-19 21:53:07 ----HD---- C:\WINDOWS\$NtUninstallKB979683$
2011-02-19 21:52:59 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2011-02-19 21:52:53 ----HD---- C:\WINDOWS\$NtUninstallKB2229593$
2011-02-19 21:52:47 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2011-02-19 21:52:41 ----HD---- C:\WINDOWS\$NtUninstallKB980218$
2011-02-19 21:52:34 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2011-02-19 21:52:28 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2011-02-19 21:52:22 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2011-02-19 21:52:16 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2011-02-19 21:52:10 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2011-02-19 21:52:04 ----HD---- C:\WINDOWS\$NtUninstallKB978601$
2011-02-19 21:51:57 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2011-02-19 21:51:51 ----HD---- C:\WINDOWS\$NtUninstallKB979309$
2011-02-19 21:51:45 ----HD---- C:\WINDOWS\$NtUninstallKB975562$
2011-02-19 21:51:38 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2011-02-19 21:51:31 ----HD---- C:\WINDOWS\$NtUninstallKB974318$
2011-02-19 21:51:25 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2011-02-19 21:51:18 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2011-02-19 21:51:12 ----HD---- C:\WINDOWS\$NtUninstallKB975713$
2011-02-19 21:51:06 ----HD---- C:\WINDOWS\$NtUninstallKB978338$
2011-02-19 21:50:59 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2011-02-19 21:50:51 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2011-02-19 21:50:44 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2011-02-19 21:50:37 ----HD---- C:\WINDOWS\$NtUninstallKB978542$
2011-02-19 21:50:30 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2011-02-19 21:50:24 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2011-02-19 21:50:16 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2011-02-19 21:50:09 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2011-02-19 21:50:03 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2011-02-19 21:49:56 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2011-02-19 21:49:48 ----HD---- C:\WINDOWS\$NtUninstallKB974392$
2011-02-19 21:49:42 ----HD---- C:\WINDOWS\$NtUninstallKB977914$
2011-02-19 21:49:35 ----HD---- C:\WINDOWS\$NtUninstallKB978706$
2011-02-19 21:49:29 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2011-02-19 21:49:23 ----HD---- C:\WINDOWS\$NtUninstallKB978037$
2011-02-19 21:49:17 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2011-02-19 21:49:11 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2011-02-19 21:49:04 ----HD---- C:\WINDOWS\$NtUninstallKB975560$
2011-02-19 21:48:58 ----HD---- C:\WINDOWS\$NtUninstallKB979559$
2011-02-19 21:48:51 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2011-02-19 21:48:45 ----HD---- C:\WINDOWS\$NtUninstallKB979482$
2011-02-19 21:48:38 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2011-02-19 21:48:30 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2011-02-19 21:44:52 ----D---- C:\WINDOWS\l2schemas
2011-02-19 21:44:51 ----D---- C:\WINDOWS\system32\cs
2011-02-19 21:44:51 ----D---- C:\WINDOWS\system32\bits
2011-02-19 21:37:22 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2011-02-19 18:45:30 ----D---- C:\WINDOWS\ie7updates
2011-02-19 18:45:12 ----D---- C:\WINDOWS\WBEM
2011-02-19 18:45:11 ----D---- C:\WINDOWS\system32\cs-cz
2011-02-19 18:44:01 ----HD---- C:\WINDOWS\ie7
2011-02-19 18:43:49 ----HD---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2011-02-19 18:43:32 ----HD---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2011-02-19 18:43:10 ----HD---- C:\WINDOWS\$NtUninstallKB915865$
2011-02-19 18:43:08 ----A---- C:\WINDOWS\system32\xmllite.dll
2011-02-19 18:42:00 ----D---- C:\WINDOWS\network diagnostic
2011-02-19 18:41:59 ----HD---- C:\WINDOWS\$NtUninstallKB914440$
2011-02-18 22:09:03 ----A---- C:\WINDOWS\system32\MRT.exe

======List of files/folders modified in the last 1 months======

2011-02-22 19:50:46 ----A---- C:\WINDOWS\system.ini
2011-02-22 19:48:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-22 18:40:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 O2MDRDR;O2MDRDR; C:\WINDOWS\system32\DRIVERS\o2media.sys [2007-04-03 39680]
R0 O2SDRDR;O2SDRDR; C:\WINDOWS\system32\DRIVERS\o2sd.sys [2007-04-02 35712]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2009-02-19 184496]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-06-29 1160320]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-04-05 546112]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-25 5761760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-23 4432384]
R3 MGHwCtrl;MGHwCtrl; \??\C:\WINDOWS\system32\drivers\MGHwCtrl.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-02-06 90880]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2009-02-19 13616]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2009-02-19 96560]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2009-02-19 38576]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-19 31280]
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2009-02-19 37424]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 catchme;catchme; \??\C:\DOCUME~1\Ivan\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-19 31280]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2007-04-10 364629]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-23 243064]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
S2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

COMBOFIX
ComboFix 11-02-21.02 - Ivan 22.02.2011 19:48:27.1.2 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1565 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ivan\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

E:\Autorun.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-22 do 2011-02-22 )))))))))))))))))))))))))))))))
.

2011-02-22 18:47 . 2011-02-22 18:47 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Data aplikací\GHISLER
2011-02-22 18:39 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-02-22 18:39 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-02-22 18:39 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-02-22 18:39 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-02-22 18:39 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-02-22 18:39 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-02-22 18:39 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-02-22 18:39 . 2011-02-22 18:39 -------- d-----w- C:\totalcmd
2011-02-22 18:39 . 2011-02-22 18:39 -------- d-----w- c:\documents and settings\Ivan\Data aplikací\GHISLER
2011-02-22 18:15 . 2011-02-22 18:16 -------- d-----w- c:\program files\CCleaner
2011-02-22 18:13 . 2011-02-22 18:13 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-22 18:13 . 2011-02-22 18:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-02-22 18:10 . 2011-02-22 18:10 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Data aplikací\ESET
2011-02-22 15:51 . 2008-03-03 17:21 568 ---ha-w- c:\windows\nod32fixtemdono.reg
2011-02-22 15:51 . 2008-03-03 13:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg
2011-02-22 15:50 . 2011-02-22 15:50 -------- d-----w- c:\program files\ESET
2011-02-22 15:50 . 2011-02-22 15:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-02-22 15:43 . 2011-02-22 15:43 -------- d-----w- c:\documents and settings\Ivan\Data aplikací\TuneUp Software
2011-02-22 15:43 . 2011-02-22 15:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2011-02-22 15:42 . 2011-02-22 15:42 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2011-02-22 15:27 . 2011-02-22 15:27 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Data aplikací\Mozilla
2011-02-19 20:44 . 2011-02-19 20:44 -------- d-----w- c:\windows\l2schemas
2011-02-19 20:44 . 2011-02-19 20:44 -------- d-----w- c:\windows\system32\cs
2011-02-19 20:44 . 2011-02-19 20:44 -------- d-----w- c:\windows\system32\bits
2011-02-19 17:45 . 2010-05-04 17:18 6067200 ------w- c:\windows\system32\dllcache\ieframe.dll
2011-02-19 17:45 . 2010-05-04 17:18 52224 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-02-19 17:45 . 2010-05-04 17:18 459264 ------w- c:\windows\system32\dllcache\msfeeds.dll
2011-02-19 17:45 . 2010-05-04 17:18 268288 ------w- c:\windows\system32\dllcache\iertutil.dll
2011-02-19 17:45 . 2010-05-04 17:18 63488 ------w- c:\windows\system32\dllcache\icardie.dll
2011-02-19 17:45 . 2010-05-04 17:18 380928 ------w- c:\windows\system32\dllcache\ieapfltr.dll
2011-02-19 17:45 . 2010-04-16 13:24 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2011-02-19 17:45 . 2010-02-22 22:04 2452872 ------w- c:\windows\system32\dllcache\ieapfltr.dat
2011-02-19 17:45 . 2011-02-19 17:45 -------- d-----w- c:\windows\system32\cs-cz

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-26 05:59 . 2011-02-22 16:54 66408 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-10-26 05:59 . 2011-02-22 16:54 54112 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-10-26 05:59 . 2011-02-22 16:54 34688 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-10-26 05:59 . 2011-02-22 16:54 46456 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-10-26 05:59 . 2011-02-22 16:54 171880 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-01 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-01 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-01 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 16377344]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-04-10 372825]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"AveoSTI.exe"="c:\program files\AVEO\AveoCap\AveoSTI.exe" [2007-11-06 24576]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-01-09 180224]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [13.12.2008 18:28 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [13.12.2008 18:28 35712]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [13.3.2008 16:49 472320]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [13.12.2008 18:46 9088]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [13.12.2008 18:46 40960]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [25.10.2001 14:00 3584]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ivan\Data aplikací\Mozilla\Firefox\Profiles\xc8pt40r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-22 19:50
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1348)
c:\windows\system32\igfxdev.dll
.
Celkový čas: 2011-02-22 19:51:58
ComboFix-quarantined-files.txt 2011-02-22 18:51

Před spuštěním: Volných bajtů: 59 190 050 816
Po spuštění: Volných bajtů: 59 149 680 640

- - End Of File - - FAE4EEB440BF7F1A435F8D4BD77298CF

V prvé řadě odinstalujte cracklý NOD a použijte nějaká free řešení: http://www.viry.cz/forum/viewforum.php?f=29 . Pak budeme řešit věci další.

nod fuč, nahozen avast free

1. Máte správně nastavenu síť?
2. Pokud ano, zkuste WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Utilita reinstaluje protokol TCP/IP. Máte-li parametry sítě nastaveny ručně, budete je muset po restartu PC znovu zadat.

Ano, síť je nastavena automaticky, winsock jsem aplikoval - bohužel nepomohlo to, pingy na internet procházejí (procházely i předtím), prohlížeče končí hláškou, Firefox server nenalezen, IE8 potíže s připojením - navrhuje diagnostiku.

Zkuste do adresního řádku browseru zadat:

77.75.72.3

a odentrujte. Měl by se otevřít Seznam.

bohužel nejede, stejné, překlad adres alespoň u pingu funguje, ping na www.seznam.cz projde.

Zkuste restartovat modem, nebo jiný síť. prvek v datové cestě.

v modemu to není, další dvě pc na něm normálně jedou

na tomto pc připojení taky je, pingy normálně procházejí ven, ale něco blokuje browsery.

OK. Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

mbam
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5363

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

22.2.2011 22:26:07
mbam-log-2011-02-22 (22-26-07).txt

Typ kontroly: Úplný test (C:\|E:\|)
Testované objekty: 173024
Uplynulý čas: 14 minut, 42 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Reinstalujte ovladače síť karty. Už opravdu nevím, kde jinde by mohl být problém.

VIRY.CZ

PC je připojené k netu, pingy OK, browsery nejedou

PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou

Re: PC je připojené k netu, pingy OK, browsery nejedou