VIRY.CZ

při vložení DVD do mechaniky mi zmodrá obrazovka a napíše se hlášení - viz obrázek. Jeden opravář mi sdělil, že to může být virem v PC. Projela jsem kontrolu Avastem + Spyware Terminatorem a nehlásí žádnou chybu. Prosím o kontrolu logu... Děkuji Jitka


Windows XP SP 3 (build 2600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
Log vygenerován: 24.3.2011 19:08:29
================================================================

SmallARK
================================================================
[R]NtAllocateVirtualMemory -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtClose -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtCreateKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtDeleteKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtDeleteValueKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtDuplicateObject -> C:\WINDOWS\system32\drivers\aswSP.SYS
[?]NtEnumerateKey -> C:\WINDOWS\system32\drivers\sptd.sys
[?]NtEnumerateValueKey -> C:\WINDOWS\system32\drivers\sptd.sys
[R]NtFreeVirtualMemory -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtOpenKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtOpenProcess -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtOpenThread -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtProtectVirtualMemory -> C:\WINDOWS\system32\drivers\aswSP.SYS
[?]NtQueryKey -> C:\WINDOWS\system32\drivers\sptd.sys
[R]NtQueryValueKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtRenameKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtRestoreKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtSetValueKey -> C:\WINDOWS\system32\drivers\aswSP.SYS



Běžící procesy
================================================================

C:\PROGRAM FILES\VIA\VIAUDIOI\HDADECK\HDECK.EXE
C:\WINDOWS\FIXCAMERA.EXE
C:\WINDOWS\TSNP325.EXE
C:\WINDOWS\VSNP325.EXE
C:\PROGRAM FILES\PINNACLE\INSTANTCDDVD\INSTANTWRITE\IWCTRL.EXE
C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.EXE
C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.BIN

Scanner
================================================================
[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]

[R] AvastUI.exe
Spouští se po startu HKLM Run [avast5]

[?] HDeck.exe
Spouští se po startu HKLM Run [HDAudDeck]
Soubor 14%

[S] rundll32.exe
Spouští se po startu HKLM Run [NvMediaCenter]

[S] rundll32.exe
Spouští se po startu HKLM Run [NvMediaCenter]

[?] FixCamera.exe
Spouští se po startu HKLM Run [FixCamera]
Soubor 7%

[?] tsnp325.exe
Podobná jména: TSNP325.EXE X VSNP325.EXE
Spouští se po startu HKLM Run [tsnp325]
Soubor 7%

[?] vsnp325.exe
Podobná jména: VSNP325.EXE X TSNP325.EXE
Spouští se po startu HKLM Run [snp325]
Soubor 7%

[S] ctfmon.exe
Spouští se po startu HKCU Run [CTFMON.EXE]

[R] TBPANEL.exe
Spouští se po startu HKCU Run [GAINWARD]

[R] Skype.exe
Spouští se po startu HKCU Run [Skype]
Podvržená cesta modulu: (00400000) C:\Program Files\Skype\Phone\Skype.exe

[R] ICQ.exe
Spouští se po startu HKCU Run [ICQ]

[?] iwctrl.exe
Spouští se po startu HKCU Run [IW_Drop_Icon]
EntryPoint v sekci: CODE
|_ Celkový počet sekcí: 8
Soubor 63%

[?] soffice.exe
Nemá okno
Soubor 14%

[?] soffice.bin
Soubor 14%

[R] skypePM.exe
EntryPoint v sekci: CODE
|_ Celkový počet sekcí: 8


Po spuštění
================================================================

HKCU Run
|_ [R][GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
|_ [R][Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
|_ [R][Google Update] C:\Documents and Settings\Triline\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
|_ [R][ICQ] C:\Program Files\ICQ7.2\ICQ.exe silent loginmode=4
|_ [!][IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc

HKLM Run
|_ [R][avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
|_ [?][HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
|_ [?][EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 EPSON Stylus Photo R240 Series /O6 USB001 /M Stylus Photo R240
|_ [R][NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll ,NvTaskbarInit
|_ [R][NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll ,NvStartup
|_ [R][nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
|_ [?][FixCamera] C:\WINDOWS\FixCamera.exe
|_ [?][tsnp325] C:\WINDOWS\tsnp325.exe
|_ [?][snp325] C:\WINDOWS\vsnp325.exe
|_ [X][PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
|_ [X][KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k (Soubor nenalezen)

HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Soubor nenalezen)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp11.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll

Po spuštění
|_ [?][OpenOffice.org 3.2.lnk] C:\Program Files\OpenOffice.org 3\program\quickstart.exe


HKLM BHO
|_ [?][{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

HKCU IE WebBrowser Toolbar
|_ [?][{EE5D279F-081B-4404-994D-C6B60AAEBA6D}] C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
|_ [X][{32099AAC-C132-4136-9E9A-4E364A424E17}] (Soubor nenalezen)

HKLM IE Toolbar
|_ [?][{EE5D279F-081B-4404-994D-C6B60AAEBA6D}] C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================

Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] ASAPIW2K
|_ Cesta: C:\WINDOWS\System32\Drivers\ASAPIW2K.sys
| |_ Výrobce: Pinnacle Systems GmbH
| |_ Popis: ASAPI
| |_ MD5: 4F9CBBF95E8F7A0D4C0EDCFE3B78102E
|
|_ Jméno: ASAPIW2K
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Cdrdrv
|_ Cesta: C:\WINDOWS\System32\Drivers\Cdrdrv.sys
| |_ Výrobce: Pinnacle Systems GmbH
| |_ Popis: InstantWrite Driver
| |_ MD5: 1407BC5C00EA37B1BEF106C1A225FF6D
|
|_ Jméno: cdrdrv
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] cercsr6
|_ Cesta: C:\WINDOWS\system32\drivers\cercsr6.sys
| |_ Výrobce: Adaptec, Inc.
| |_ Popis: DELL CERC SATA1.5/6ch Miniport Driver
| |_ MD5: 84853B3FD012251690570E9E7E43343F
|
|_ Jméno: cercsr6
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[X] DAEMON Tools Virtual Bus Driver
|_ Cesta: system32\DRIVERS\dtsoftbus01.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: dtsoftbus01
|_ StartName:
|_ Typ spouštění: Vypnuto
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Pinnacle Marvin Bus
|_ Cesta: C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
| |_ Výrobce: Pinnacle Systems GmbH
| |_ Popis: Pinnacle Marvin Discrete Bus Enumerator
| |_ MD5: 269C14D512B74CC28D2812FF7D1EB066
|
|_ Jméno: MarvinBus
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] nv
|_ Cesta: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Compatible Windows 2000 Miniport Driver, Version 260.99
| |_ MD5: B9B1BB146EB9A83DCF0F5635B09D3D43
|
|_ Jméno: nv
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] NVIDIA nForce 10/100 Mbps Ethernet
|_ Cesta: C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Networking Function Driver.
| |_ MD5: 70217A23470F4BB4C8FB4ABE06813081
|
|_ Jméno: NVENETFD
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] NVIDIA Network Bus Enumerator
|_ Cesta: C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Networking Bus Driver.
| |_ MD5: BE8513730653384939A4D2D977C81027
|
|_ Jméno: nvnetbus
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] PCLEPCI
|_ Cesta: C:\WINDOWS\system32\drivers\pclepci.sys
| |_ Výrobce: Pinnacle Systems GmbH
| |_ Popis: PCLEPCI
| |_ MD5: 1BEBE7DE8508A02650CDCE45C664C2A2
|
|_ Jméno: PCLEPCI
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] USB PC Camera (SNPSTD325)
|_ Cesta: C:\WINDOWS\system32\DRIVERS\snp325.sys
| |_ Výrobce: Sonix Co. Ltd.
| |_ Popis: USB PC Camera driver
| |_ MD5: 7AEC975D1E0FE3B92276B120D05FA065
|
|_ Jméno: SNP325
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[X] sptd
|_ Cesta: C:\WINDOWS\C:\WINDOWS\System32\Drivers\sptd.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: sptd
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] VIA High Definition Audio Driver Service
|_ Cesta: C:\WINDOWS\system32\drivers\viahduaa.sys
| |_ Výrobce: VIA Technologies, Inc.
| |_ Popis: VIA High Definition Audio Function Driver
| |_ MD5: F29BFD0C5CCCC9823E5FCDEE71DBC054
|
|_ Jméno: VIAHdAudAddService
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] vobiw
|_ Cesta: C:\WINDOWS\system32\drivers\vobiw.sys
| |_ Výrobce: Pinnacle Systems GmbH
| |_ Popis: InstantWrite File System Driver
| |_ MD5: 1DD1D1E3C3FAE2BF7CE5ED2F71A356A1
|
|_ Jméno: vobiw
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:


lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
-----------------------------------------------------------------------------------------
TCP (284) Skype.exe 0.0.0.0:80 LISTENING
TCP (1096) svchost.exe 0.0.0.0:135 LISTENING
TCP (284) Skype.exe 0.0.0.0:443 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (284) Skype.exe 0.0.0.0:37436 LISTENING
TCP (972) alg.exe 127.0.0.1:1100 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12025 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12080 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12110 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12119 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12143 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12465 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12563 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12993 LISTENING
TCP (1544) AvastSvc.exe 127.0.0.1:12995 LISTENING
TCP (4) Systém 192.168.1.165:139 LISTENING
TCP (344) ICQ.exe 192.168.1.165:1030 <-> 205.188.2.184:5190 ESTABLISHED
TCP (284) Skype.exe 192.168.1.165:1033 <-> 94.156.40.8:8837 ESTABLISHED
TCP (284) Skype.exe 192.168.1.165:1091 <-> 212.161.8.5:12350 ESTABLISHED
TCP (1832) AvastUI.exe 192.168.1.165:1786 CLOSE_WAIT
TCP (1832) AvastUI.exe 192.168.1.165:1787 CLOSE_WAIT
TCP (1832) AvastUI.exe 192.168.1.165:1788 CLOSE_WAIT
TCP (1544) AvastSvc.exe 192.168.1.165:1901 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1902 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1906 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1921 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1925 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1926 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1929 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1954 LAST_ACK
TCP (0) 192.168.1.165:1959 TIME_WAIT
TCP (1544) AvastSvc.exe 192.168.1.165:1966 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1967 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1969 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1970 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1971 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1973 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1975 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1977 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1978 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1979 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1980 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1981 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1982 LAST_ACK
TCP (1544) AvastSvc.exe 192.168.1.165:1983 LAST_ACK
TCP (1868) UPM.exe 192.168.1.165:1985 <-> 109.123.209.238:80 ESTABLISHED
UDP (284) Skype.exe 0.0.0.0:443 <-> 199.7.52.190:80 ESTABLISHED
UDP (4) Systém 0.0.0.0:445
UDP (796) lsass.exe 0.0.0.0:500
UDP (796) lsass.exe 0.0.0.0:4500
UDP (284) Skype.exe 0.0.0.0:37436
UDP (1192) svchost.exe 127.0.0.1:123
UDP (284) Skype.exe 127.0.0.1:1027
UDP (344) ICQ.exe 127.0.0.1:1029
UDP (284) Skype.exe 127.0.0.1:1038
UDP (2572) iexplore.exe 127.0.0.1:1875
UDP (2540) iexplore.exe 127.0.0.1:1896
UDP (1388) svchost.exe 127.0.0.1:1900
UDP (1192) svchost.exe 192.168.1.165:123
UDP (4) Systém 192.168.1.165:137
UDP (4) Systém 192.168.1.165:138
UDP (1388) svchost.exe 192.168.1.165:1900

Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[?] nvwddi.dll
|_ Cesta: C:\WINDOWS\system32\nvwddi.dll
|_ MD5: 58D8F10B1F2C2C4F8C3A57830EB72852
|_ Výrobce: NVIDIA Corporation
|_ Procesy
|_ explorer.exe (1736)
|_ AvastUI.exe (1832)
|_ HDeck.exe (1880)
|_ rundll32.exe (2004)
|_ tsnp325.exe (204)
|_ vsnp325.exe (212)
|_ Skype.exe (284)
|_ ICQ.exe (344)
|_ iwctrl.exe (492)
|_ iexplore.exe (2540)
|_ iexplore.exe (2572)
|_ UPM.exe (1868)

[?] epson web-to-page.dll
|_ Cesta: C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
|_ MD5: 01319CF4030B3740BA8261E7024ACAD1
|_ Výrobce: SEIKO EPSON CORPORATION
|_ Procesy
|_ explorer.exe (1736)
|_ iexplore.exe (2572)

[?] vsnp325.dll
|_ Cesta: C:\WINDOWS\system32\vsnp325.dll
|_ MD5: 1B0F5579C38071BCCCF7223F7E5C0162
|_ Výrobce:
|_ Procesy
|_ tsnp325.exe (204)
|_ Skype.exe (284)

[?] tbmanage.dll
|_ Cesta: C:\Program Files\EXPERTool\TBMANAGE.DLL
|_ MD5: ABC15D3BD68D48CA30124EAB016B71E0
|_ Výrobce:
|_ Procesy
|_ TBPANEL.exe (276)

[?] usbdvr2src.ax
|_ Cesta: C:\Program Files\Pinnacle\Shared Files\Filter\DVC150\usbdvr2src.ax
|_ MD5: E0281C1EF7191A809A72244971B048F3
|_ Výrobce: Magnum Semiconductor
|_ Procesy
|_ Skype.exe (284)

[?] mutils.dll
|_ Cesta: C:\Program Files\ICQ7.2\MUtils.dll
|_ MD5: D82CAD5DB2E207CEE3CE55A9563691F0
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] mkernel.dll
|_ Cesta: C:\Program Files\ICQ7.2\MKernel.dll
|_ MD5: 9D051BCB89EA26AF91987D6591B6804D
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] mcorelib.dll
|_ Cesta: C:\Program Files\ICQ7.2\MCoreLib.dll
|_ MD5: AFF94F65A52302249D4294988B2CF5C9
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] mcore.dll
|_ Cesta: C:\Program Files\ICQ7.2\MCore.dll
|_ MD5: 11834981B3999023B2EEDCB5AF5F29D7
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] mreport.dll
|_ Cesta: C:\Program Files\ICQ7.2\MReport.dll
|_ MD5: 727520362FED2D311DF0A1CEA14C910A
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] mdb.dll
|_ Cesta: C:\Program Files\ICQ7.2\MDb.dll
|_ MD5: 2C0DEADE4E758BD1A4D3E4C59FDD68C2
|_ Výrobce:
|_ Procesy
|_ ICQ.exe (344)

[?] muiutils.dll
|_ Cesta: C:\Program Files\ICQ7.2\MUIUtils.dll
|_ MD5: C2F3703DACAD2B287D95A7FA242E3989
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] muicorelib.dll
|_ Cesta: C:\Program Files\ICQ7.2\MUICoreLib.dll
|_ MD5: 091A33439ABB972D878461F98AA8B5FC
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] muicore.dll
|_ Cesta: C:\Program Files\ICQ7.2\MUICore.dll
|_ MD5: 3E614B9A7017B4F6182593855D6006B8
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] muimessage.dll
|_ Cesta: C:\Program Files\ICQ7.2\MUIMessage.dll
|_ MD5: 199FAB65344B051BE97F0784AF1F04DB
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] misb.dll
|_ Cesta: C:\Program Files\ICQ7.2\MISB.dll
|_ MD5: A211286EAE87F8B4B7D1526D8C281EE3
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] mbcontainer.dll
|_ Cesta: C:\Program Files\ICQ7.2\MBContainer.dll
|_ MD5: 1531B4C80E643970C16B64D2DDC26381
|_ Výrobce: ICQ, LLC.
|_ Procesy
|_ ICQ.exe (344)

[?] mfacebook.dll
|_ Cesta: C:\Program Files\ICQ7.2\MFacebook.dll
|_ MD5: B6D9101B0B4E7C26CB42402C7430D123
|_ Výrobce: TODO: <Company name>
|_ Procesy
|_ ICQ.exe (344)

[?] xprt6.dll
|_ Cesta: C:\Program Files\ICQ7.2\xprt6.dll
|_ MD5: 2DE09FF6BA207367EF7EFE420237E1A8
|_ Výrobce: AOL Inc.
|_ Procesy
|_ ICQ.exe (344)

[?] coolcore59.dll
|_ Cesta: C:\Program Files\ICQ7.2\coolcore59.dll
|_ MD5: 83A88F70B0A02947A94068F8707D54E0
|_ Výrobce: AOL Inc.
|_ Procesy
|_ ICQ.exe (344)

[?] acccore.dll
|_ Cesta: C:\Program Files\ICQ7.2\acccore.dll
|_ MD5: 4E600EDCFE729A7F55360CED4FCF2058
|_ Výrobce: AOL Inc.
|_ Procesy
|_ ICQ.exe (344)

[?] tbdiag.dll
|_ Cesta: C:\Program Files\ICQ7.2\tbdiag.dll
|_ MD5: 628C28F3B0F227266573EFD19FAA9EB6
|_ Výrobce: AOL LLC
|_ Procesy
|_ ICQ.exe (344)

[?] sofficeapp.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll
|_ MD5: C7E51CBA882E37768C334DAEE68F2372
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] cppuhelper3msc.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
|_ MD5: 57ABCC5F94285E01A69731A82E96DE39
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] salhelper3msc.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
|_ MD5: B9B7AC8B62FF0F4FA6460136101728C0
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] comphelp4msc.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\comphelp4MSC.dll
|_ MD5: E08CB4D3418DB3988869343E3FF1535E
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] cppu3.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
|_ MD5: AC5C3EE4BEBFB57D8480A8CC0D8A2B9D
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] stlport_vc7145.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
|_ MD5: 8B42A1FD9C3C1E844EA2CBE90563FFC3
|_ Výrobce: STLport Consulting, Inc.
|_ Procesy
|_ soffice.bin (532)

[?] ucbhelper4msc.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll
|_ MD5: BF30BB2C9FD999FA2AA3DDC2D4AF2202
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] vos3msc.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll
|_ MD5: 52E1B77FC9F38EA419A92129BCDD5D44
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] i18nisolang1msc.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll
|_ MD5: 0F87838DCDEDC76E965AC099A2E541C4
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] sfxmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\sfxmi.dll
|_ MD5: 56605E52225269A0A2EA28EDF990BC93
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] fwemi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\fwemi.dll
|_ MD5: 6D08162428147A12E57D2FADC7B5CFC6
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] fwimi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\fwimi.dll
|_ MD5: E4041DD3F8BFBA57E253C5271509D860
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] utlmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\utlmi.dll
|_ MD5: 98EF8E5B91045AC61643E1E945BBCB1F
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] tlmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\tlmi.dll
|_ MD5: CFD2499DA732FDF91EB3747D339460CB
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] basegfxmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\basegfxmi.dll
|_ MD5: 01E20C7E7DD48595E94361828C64B07F
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] vclmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\vclmi.dll
|_ MD5: A0656B7D3046C2249DDB98A8AF33E369
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] sotmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\sotmi.dll
|_ MD5: E064F0784A9B2285166D09FBF01B49B6
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] i18npapermi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\i18npapermi.dll
|_ MD5: 67FF8438AC7214AB9E49F547FA505E2B
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] i18nutilmsc.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll
|_ MD5: 74BB2863CB4EF6D1669F5A4B5849DC23
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] icuuc40.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\icuuc40.dll
|_ MD5: 9C60855DD5C049F58AFE4A3AA0E07BD8
|_ Výrobce: IBM Corporation and others
|_ Procesy
|_ soffice.bin (532)

[?] tkmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\tkmi.dll
|_ MD5: 29752FF79CBE3ACC355DFAD602B439C4
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] svlmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\svlmi.dll
|_ MD5: 716018C6E4E73D5C438BBBA329154BC1
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] svtmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\svtmi.dll
|_ MD5: 80BB97D0E312EBF4DAA321E333087A40
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] jvmfwk3.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
|_ MD5: 6C40CF02D3F1CB44DEC1F8944C90F6C0
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] libxml2.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\libxml2.dll
|_ MD5: A39A84FF710FD163629FEC6F4349A5F3
|_ Výrobce:
|_ Procesy
|_ soffice.bin (532)

[?] sbmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\sbmi.dll
|_ MD5: A7256496835F5E92ADC3CB1382B17968
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] xcrmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\xcrmi.dll
|_ MD5: E6E55F0B51CC7D7A192B02F3D31AFABF
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] saxmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\saxmi.dll
|_ MD5: AD22312422E35146AD3BFC2BE148D52A
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] msci_uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
|_ MD5: 626B270479657A1FBDB98A64A42F6D7E
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] bootstrap.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
|_ MD5: AF76F8287B6B946519317A93553CB6E1
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] reg3.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
|_ MD5: 7F6E9FF9F63FD4F9A79525B9FDF69504
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] store3.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
|_ MD5: 0BB0A0C6011A35ACED83725A89FDE3A9
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] configmgr2.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\configmgr2.uno.dll
|_ MD5: 0AFA640BC88F021C53E144C42ADE5372
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] stocservices.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
|_ MD5: 2A26D0A3D5DE8092740891F22721D759
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] sysmgr1.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\sysmgr1.uno.dll
|_ MD5: 9EDB6B2DBC6E92EB4F3F63EAC4A13275
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] sax.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\sax.uno.dll
|_ MD5: 75BC225EBDA9E4E369446530FBE639F7
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] localebe1.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll
|_ MD5: B5CBBE50BEF08901C1A1B39B2136C8CC
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] behelper.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\behelper.uno.dll
|_ MD5: C7BB41127ABCC5DC66B424AF92D7F62E
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] ucb1.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\ucb1.dll
|_ MD5: B568FAD461ED50370F94255DD5FE08F4
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] fwkmi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\fwkmi.dll
|_ MD5: 47A3E29C8238DB3AD5E030E7D6E29793
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] ucpfile1.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll
|_ MD5: E8D53967C3B513A94CF479C11D518B12
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] oleautobridge.uno.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll
|_ MD5: F2EE237A027C1236D83D305C8656C0D5
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] emsermi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\program\emsermi.dll
|_ MD5: 105C2868303011869D2E7DC130D2BB0C
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)

[?] sal3.dll
|_ Cesta: C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
|_ MD5: 837F3840950F4B98539DCDE20843893F
|_ Výrobce: OpenOffice.org
|_ Procesy
|_ soffice.bin (532)



================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]

Vir to být může, ale problém může být i někde jinde (systémová chyba, hardware). Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

tak tady je log z ComboFix:

ComboFix 11-03-24.01 - Triline 24.03.2011 20:32:22.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1301 [GMT 1:00]
Spuštěný z: c:\documents and settings\Triline\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-24 do 2011-03-24 )))))))))))))))))))))))))))))))
.
.
2011-03-24 18:24 . 2011-03-24 18:25 -------- d-----w- c:\program files\Crawler
2011-03-24 18:24 . 2011-03-24 18:24 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-03-24 18:24 . 2011-03-24 18:32 -------- d-----w- c:\documents and settings\Triline\Data aplikací\Spyware Terminator
2011-03-24 18:24 . 2011-03-24 19:24 -------- d-----w- c:\program files\Spyware Terminator
2011-03-24 18:24 . 2011-03-24 18:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-03-24 18:08 . 2011-03-24 18:08 -------- d-----w- c:\program files\Ultimate Process Manager
2011-03-24 18:04 . 2011-03-24 18:04 -------- d-----w- c:\documents and settings\Triline\Local Settings\Data aplikací\Help
2011-03-22 17:45 . 2011-03-22 17:45 -------- d-----w- c:\program files\PhotoFiltre Studio
2011-03-05 11:09 . 2011-03-05 11:09 -------- d-----w- c:\program files\Common Files\Skype
2011-02-23 20:13 . 2011-02-23 20:13 -------- d-----w- c:\documents and settings\Triline\Data aplikací\EPSON
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2004-08-18 10:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-18 10:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2011-01-06 10:56 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2011-01-06 10:56 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-18 10:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47 . 2011-01-06 12:31 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2011-01-06 12:31 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2011-01-06 12:31 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2011-01-06 12:31 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2011-01-06 12:31 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2011-01-06 12:31 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2011-01-06 12:31 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2011-01-06 12:31 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2011-01-06 12:31 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-08 08:48 . 2011-01-08 08:48 2019 ----a-w- c:\windows\NewRecorder.reg
2011-01-08 08:08 . 2011-01-08 08:08 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-07 14:09 . 2004-08-18 10:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2004-08-18 10:00 1854976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2010-07-30 2181744]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Google Update"="c:\documents and settings\Triline\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2011-01-06 136176]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"IW_Drop_Icon"="c:\program files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe" [2005-06-29 1346560]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-03-24 3037696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-12-03 33718272]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-07-09 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"EPSON Stylus Photo R240 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE" [2005-04-25 98304]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-11 406016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Triline\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6.1.2011 13:31 294608]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [24.3.2011 19:24 142592]
R1 vobiw;vobiw;c:\windows\system32\drivers\vobIW.sys [1.9.2004 14:50 188416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.1.2011 13:31 17744]
R3 cdrdrv;Cdrdrv;c:\windows\system32\drivers\Cdrdrv.sys [10.2.2005 11:55 62976]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [8.1.2011 8:55 10251904]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [6.1.2011 18:37 1617408]
R4 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys --> c:\windows\system32\DRIVERS\dtsoftbus01.sys [?]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [6.1.2011 18:37 1656960]
S3 AsrCDDrv;AsrCDDrv;\??\c:\windows\system32\Drivers\AsrCDDrv.sys --> c:\windows\system32\Drivers\AsrCDDrv.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - APPMGMT
*NewlyCreated* - SP_RSDRV2
*NewlyCreated* - SP_RSSRV
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-24 20:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2232)
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\program files\NVIDIA Corporation\nView\NVWRSCS.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-03-24 20:37:34
ComboFix-quarantined-files.txt 2011-03-24 19:37
.
Před spuštěním: Volných bajtů: 27 380 879 360
Po spuštění: Volných bajtů: 28 497 821 696
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 880AC54547719B66AD6A1E8B86FC405B

Log vypadá OK. Zkuste reinstal ovladačů chipsetu. Pokud to nepomůže, proveďte kontrolu RAM Memtestem: http://www.stahuj.centrum.cz/utility_a_ ... i/memtest/ . Utilitu ponechte v chodu minimálně hodinu.