prosím o kontrolu

Zpráva

Hynek88 · #1 Příspěvek od **Hynek88** » 18 úno 2012 06:50

Logfile of random's system information tool 1.09 (written by random/random)
Run by 1 at 2012-02-18 06:48:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (42%) free of 38 GB
Total RAM: 1015 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:48:51, on 18.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Altap Salamander 2.5\salamand.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\1\Plocha\RSIT.exe
C:\Program Files\trend micro\1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60209
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={6FCFD5E4-A ... 2012-02-11 19:01:08&v=9.0.0.23&sap=hp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
R3 - URLSearchHook: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IsoBuster - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O2 - BHO: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7323086859
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

--
End of file - 4588 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ccc97f2c45153a.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\1\Data aplikací\Mozilla\Firefox\Profiles\q61oymm2.default

prefs.js - "browser.startup.homepage" - "http://www.advaita.cz/page/100.aktuality/"
prefs.js - "extensions.enabledItems" - "{dc572301-7619-498c-a57d-39143191b318}:0.3.8.5, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.12, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25, fileserve@fileserve.com:2.9, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.9.0.3, gencrawler@some.com:2.0, {3713a489-0634-4472-8456-dc7abd7eba00}:1.3.1, {3926fb20-4bea-11de-8a39-0800200c9a66}:3.6.1, {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6, nasanightlaunch@example.com:0.6.20110419"
prefs.js - "keyword.URL" - "http://www15.yoog.com/search.php?q="

"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.102.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=0.8.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
fileserve@fileserve.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt

C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
npdeployJava1.dll
nppdf32.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\1\Data aplikací\Mozilla\Firefox\Profiles\q61oymm2.default\extensions\
cs@dictionaries.addons.mozilla.org
nasanightlaunch@example.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{1018e4d6-728f-4b20-ad56-37578a4de76b}(2)
{1018e4d6-728f-4b20-ad56-37578a4de76b}(3)
{2bae58c2-79f9-45d1-a286-81f911301c3a}(2)
{3713a489-0634-4472-8456-dc7abd7eba00}
{3926fb20-4bea-11de-8a39-0800200c9a66}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}(2)
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}(3)
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(3)

C:\Documents and Settings\1\Data aplikací\Mozilla\Firefox\Profiles\q61oymm2.default\searchplugins\
hledn-na-irecepti.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
imdb.xml
movie-library.xml
opensubtitles.xml
sfd.xml
vyhledvn-vide-ve-slub-youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 241664]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-09-15 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-09-15 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-09-15 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-09-15 139264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Radio Stream Player\Radio Stream Player.exe"="C:\Program Files\Radio Stream Player\Radio Stream Player.exe:*:Enabled:Radio Stream Player"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\MP3Torpedo\MP3Torpedo.exe"="C:\Program Files\MP3Torpedo\MP3Torpedo.exe:*:Enabled:MP3Torpedo"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\BitComet\plugin_emule\plugin_eMule.exe"="C:\Program Files\BitComet\plugin_emule\plugin_eMule.exe:*:Enabled:eMule plugin host for BitComet"
"C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe"="C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe:*:Enabled:ESN Sonar Host Application"
"E:\red alert\command-and-conquer-red-alert-2-full-game-\game.exe"="E:\red alert\command-and-conquer-red-alert-2-full-game-\game.exe:*:Enabled:Main executable for Red Alert 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Veetle\Player\VeetleNet.exe"="C:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.xvid"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.tscc"=C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
"vidc.dvsd"=mcdvd_32.dll
"msacm.divxa32"=msaud32_divx.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-02-18 06:48:43 ----D---- C:\rsit
2012-02-18 06:28:47 ----D---- C:\Program Files\CCleaner
2012-02-18 06:23:21 ----A---- C:\user.js
2012-02-18 06:22:45 ----D---- C:\Program Files\Dw .com .com Removal Tool
2012-02-18 01:31:32 ----A---- C:\WINDOWS\system32\drivers\cpuz135_x32.sys
2012-02-17 22:38:08 ----D---- C:\Program Files\ToniArts
2012-02-17 22:31:46 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-02-16 11:29:42 ----D---- C:\Program Files\Common Files\Apple
2012-02-16 11:29:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2012-02-15 20:19:56 ----D---- C:\panzer2ake
2012-02-15 19:30:47 ----D---- C:\Simpsonovi
2012-02-15 18:06:42 ----D---- C:\Panzer2
2012-02-15 15:31:58 ----D---- C:\Program Files\GOGcom
2012-02-14 20:35:57 ----A---- C:\WINDOWS\d3dx.dat
2012-02-14 20:11:10 ----A---- C:\WINDOWS\system32\igfxres.dll
2012-02-14 16:24:57 ----A---- C:\WINDOWS\IsUninst.exe
2012-02-11 21:59:37 ----A---- C:\WINDOWS\system32\Stac97co.dll
2012-02-11 21:59:37 ----A---- C:\WINDOWS\system32\drivers\STAC97.sys
2012-02-11 21:56:43 ----D---- C:\Program Files\IDT
2012-02-11 19:00:57 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2012-01-24 18:28:34 ----D---- C:\Documents and Settings\1\Data aplikací\Ventrilo
2012-01-22 21:36:44 ----D---- C:\Documents and Settings\1\Data aplikací\DAEMON Tools Lite
2012-01-22 21:36:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-01-22 15:21:47 ----D---- C:\Program Files\Altap Salamander 2.5

======List of files/folders modified in the last 1 month======

2012-02-18 06:48:48 ----D---- C:\Program Files\trend micro
2012-02-18 06:43:25 ----D---- C:\WINDOWS
2012-02-18 06:38:12 ----D---- C:\Documents and Settings\1\Data aplikací\Winamp
2012-02-18 06:34:42 ----SHD---- C:\WINDOWS\Installer
2012-02-18 06:34:42 ----D---- C:\WINDOWS\WinSxS
2012-02-18 06:34:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-18 06:30:29 ----D---- C:\WINDOWS\SoftwareDistribution
2012-02-18 06:30:29 ----D---- C:\WINDOWS\Logs
2012-02-18 06:29:42 ----D---- C:\Program Files
2012-02-18 06:15:03 ----D---- C:\WINDOWS\Temp
2012-02-18 05:57:38 ----D---- C:\WINDOWS\system32
2012-02-18 05:57:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-02-18 05:57:27 ----D---- C:\WINDOWS\Help
2012-02-18 05:57:14 ----D---- C:\WINDOWS\Cursors
2012-02-18 05:57:13 ----D---- C:\Program Files\Windows NT
2012-02-18 05:57:07 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-18 05:41:04 ----SD---- C:\WINDOWS\Tasks
2012-02-18 02:53:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2012-02-18 01:31:32 ----D---- C:\WINDOWS\system32\drivers
2012-02-17 22:55:42 ----D---- C:\Program Files\Incomplete
2012-02-17 22:55:42 ----D---- C:\Documents and Settings\1\Data aplikací\uTorrent
2012-02-17 22:55:41 ----D---- C:\WINDOWS\system
2012-02-17 22:55:41 ----D---- C:\WINDOWS\security
2012-02-17 22:55:41 ----D---- C:\Program Files\Mozilla Firefox
2012-02-17 22:55:41 ----D---- C:\Program Files\CometBird
2012-02-17 22:55:41 ----D---- C:\Documents and Settings\1\Data aplikací\CometPlayer
2012-02-17 22:55:41 ----D---- C:\Documents and Settings\1\Data aplikací\Cabos
2012-02-17 22:55:41 ----D---- C:\Documents and Settings\1\Data aplikací\BitComet
2012-02-17 22:55:41 ----D---- C:\Documents and Settings\1\Data aplikací\Addax
2012-02-17 22:55:40 ----D---- C:\Program Files\mkv2vob
2012-02-17 22:55:40 ----D---- C:\Documents and Settings\1\Data aplikací\tigerplayer
2012-02-17 22:38:08 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-17 22:29:30 ----SH---- C:\boot.ini
2012-02-17 22:29:30 ----A---- C:\WINDOWS\win.ini
2012-02-17 22:29:30 ----A---- C:\WINDOWS\system.ini
2012-02-17 22:24:43 ----D---- C:\Program Files\Common Files
2012-02-17 21:37:22 ----D---- C:\WINDOWS\Registration
2012-02-17 18:37:07 ----D---- C:\Program Files\DOSBox-0.74
2012-02-17 15:11:31 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-02-17 13:21:05 ----D---- C:\Downloads
2012-02-16 22:51:43 ----RSD---- C:\WINDOWS\Fonts
2012-02-16 22:51:31 ----RSD---- C:\WINDOWS\assembly
2012-02-16 11:33:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2012-02-15 16:44:33 ----D---- C:\WINDOWS\system32\DirectX
2012-02-15 16:43:16 ----HD---- C:\WINDOWS\inf
2012-02-14 20:37:47 ----D---- C:\Program Files\PC Wizard 2008
2012-02-14 19:44:34 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-02-14 17:53:09 ----D---- C:\WINDOWS\system32\Restore
2012-02-14 17:32:32 ----SHD---- C:\System Volume Information
2012-02-11 22:01:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-02-11 22:00:17 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-11 21:59:37 ----D---- C:\Program Files\SigmaTel
2012-02-10 23:57:26 ----D---- C:\WINDOWS\Prefetch
2012-01-24 18:29:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-01-22 21:09:17 ----D---- C:\Documents and Settings\1\Data aplikací\Media Player Classic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-25 8704]
R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-12-26 14336]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-03-14 229928]
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2006-04-06 88192]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-09-15 1173468]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-06-13 47488]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2005-04-06 39904]
S1 MpKsl067a119f;MpKsl067a119f; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{53481303-7F05-4F42-AC46-0213F53891D5}\MpKsl067a119f.sys []
S1 MpKsl5fe45a67;MpKsl5fe45a67; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A5D56FD0-1744-4244-BA5A-B56A42B4BCD4}\MpKsl5fe45a67.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-06-13 111232]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-29 60672]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-06-09 40192]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys []
S3 XPADFL02;XPAD Filter Service 02; C:\WINDOWS\system32\DRIVERS\xpadfl02.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S4 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-09-25 574808]
S4 Bluetooth Hid Switch Service;Bluetooth Hid Switch Service; C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe [2005-08-30 188416]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 GhostStartService;GhostStartService; C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe [2002-08-14 200704]
S4 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

-----------------EOF-----------------

díky!

#2 Příspěvek od **Rudy** » 18 úno 2012 11:12

Dvouklikem na soubor C:\Program Files\trend micro\1.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60209
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O2 - BHO: IsoBuster - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O2 - BHO: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)

a klikněte na >Fix checked<. Restartujte PC. Chybí antivirus.

Hynek88 · #3 Příspěvek od **Hynek88** » 18 úno 2012 11:25

ok, díky, před tím jsem ještě kontroloval pc a našlo mi to tohle: (je to v karanténě, můžu to smazat?)

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

18.2.2012 6:13:41
mbam-log-2012-02-18 (06-13-41).txt

Typ: Rychlá kontrola
Kontrolované objekty: 143557
Uplynulý čas: 3 minut, 2 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

a jaký antivir byste mně doporučil? (aby ale moc nezatěžoval pc)

#4 Příspěvek od **Rudy** » 18 úno 2012 12:23

Samozřejmě smažte. Z antivirů (free) nejméně zatěžuje systém Avira: http://www.avira.com/en/avira-free-antivirus . Má solidní detekci a můžete ji mít i bez registrace. Nevýhody: nekontroluje poštu a není česky. Máte-li silnější stroj, pak mohu dodpručit Avast: http://www.avast.com/cs-cz/free-antivirus-download . Poslední verze má již značně menší nároky na syst. prostředky. Má rovněž solidní detekci, je česky a navíc obsahuje antispy. Nemáte zač!

VIRY.CZ

prosím o kontrolu

prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu