Vekmi pomaly beh systemu

[amarok]

Ahoj,

AVG naslo BackDoor.Generic12.AEIU a do viroveho trezoru presunulo tyhle soubory:

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1161\A0139075.sys, Trojský kůň BackDoor.Generic12.AEIU, Přesunuto do trezoru, 2010-02-20 19:50:44, Soubor, C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\a38usbxp.sys, Trojský kůň BackDoor.Generic12.AEIU, Přesunuto do trezoru, 2010-02-20 12:29:38, Soubor, System
C:\WINDOWS\system32\drivers\aec.sys, Trojský kůň BackDoor.Generic12.AEIU, Přesunuto do trezoru, 2010-02-20 12:29:39, Soubor, System
C:\WINDOWS\system32\drivers\arp1394.sys, Trojský kůň BackDoor.Generic12.AEIU, Přesunuto do trezoru, 2010-02-20 12:29:40, Soubor, System
C:\WINDOWS\system32\drivers\asyncmac.sys, Trojský kůň BackDoor.Generic12.AEIU, "Objekt je vedený na bílé listině (důležitý/systémový soubor, který by neměl být odstraněn)", 2010-02-20 12:29:40, Soubor, System
C:\WINDOWS\system32\drivers\yelrnw.sys, Trojský kůň BackDoor.Generic12.AEIU, Přesunuto do trezoru, 2010-02-20 12:29:42, Soubor, System

System je ale zrejme stale nakazeny. asilam RSIT log. Dik.

Logfile of random's system information tool 1.06 (written by random/random)
Run by tpavlik at 2010-02-22 09:18:15
Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (57%) free of 57 GB
Total RAM: 759 MB (39% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{07425981-CCA3-42A1-9F99-E7138FDF5529}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{B2459F15-7DF9-4D57-9006-9CEBFF63E728}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}]
CmjBrowserHelperObject Object - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2008-06-10 70944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-10 1484056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-17 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
Locked

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2005-03-04 606208]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-30 385024]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-14 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-14 536576]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2004-04-26 53248]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"openvpn-gui"=C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2005-04-21 98816]
"MMReminderService"=C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe [2008-06-10 37656]
"BlackBerryAutoUpdate"=C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [2009-10-30 623960]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-12-22 2033432]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2003-10-29 24576]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Documents and Settings\tpavlik\Start Menu\Programs\Startup
monnid32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
c:\windows\system32\avgrsstx.dll [2009-11-10 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
c:\windows\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-09-07 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
c:\windows\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"consentpromptbehavioradmin"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceStartMenuLogOff"=1
"ForceRunOnStartMenu"=1
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe"="C:\Program Files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe:*:Disabled:mRouterRuntime"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:AVG Control Center"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fb0586f-fc60-11de-b2d3-0013ce364642}]
shell\AutoRun\command - D:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bf1578c-aa4f-11dd-935a-0050b640ba44}]
shell\AutoRun\command - D:\hbcd\wintools\autorun.exe
shell\Option1\command - D:\hbcd\wintools\autorun.exe


======List of files/folders created in the last 1 months======

2010-02-22 09:18:17 ----D---- C:\Program Files\trend micro
2010-02-22 09:18:15 ----D---- C:\rsit
2010-02-20 12:29:29 ----A---- C:\WINDOWS\system32\fjhdyfhsn.bat
2010-02-19 17:51:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-18 17:51:16 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-18 17:51:16 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-18 17:51:16 ----A---- C:\WINDOWS\system32\java.exe
2010-02-18 17:48:48 ----D---- C:\Program Files\Common Files\Java
2010-02-18 17:07:31 ----D---- C:\Program Files\Java
2010-02-10 07:13:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 07:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 07:08:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 07:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 07:07:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 07:07:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 07:06:01 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 07:05:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 07:05:16 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 23:20:00 ----D---- C:\Program Files\Virtual Earth 3D
2010-02-06 18:34:55 ----D---- C:\Documents and Settings\tpavlik\Application Data\Facebook

======List of files/folders modified in the last 1 months======

2010-02-22 09:18:17 ----RD---- C:\Program Files
2010-02-22 09:18:11 ----D---- C:\WINDOWS\Prefetch
2010-02-22 09:17:00 ----D---- C:\Documents and Settings\tpavlik\Application Data\U3
2010-02-22 09:05:53 ----D---- C:\WINDOWS\Temp
2010-02-22 09:05:04 ----SD---- C:\WINDOWS\Tasks
2010-02-21 20:31:26 ----D---- C:\WINDOWS\security
2010-02-21 20:30:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-20 12:30:03 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-02-20 12:29:57 ----D---- C:\WINDOWS\system32\drivers
2010-02-20 12:29:42 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-20 12:29:29 ----D---- C:\WINDOWS\system32
2010-02-19 20:19:17 ----D---- C:\WINDOWS
2010-02-19 17:52:28 ----HD---- C:\WINDOWS\inf
2010-02-19 17:52:09 ----D---- C:\WINDOWS\system32\en-us
2010-02-19 17:52:08 ----D---- C:\Program Files\Internet Explorer
2010-02-19 17:51:35 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-19 17:51:25 ----A---- C:\WINDOWS\imsins.BAK
2010-02-18 17:51:20 ----SHD---- C:\WINDOWS\Installer
2010-02-18 17:48:48 ----D---- C:\Program Files\Common Files
2010-02-18 17:44:37 ----D---- C:\WINDOWS\Media
2010-02-18 17:44:36 ----D---- C:\WINDOWS\Help
2010-02-18 17:42:11 ----D---- C:\WINDOWS\ie8updates
2010-02-18 17:14:12 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-02-18 16:54:53 ----A---- C:\WINDOWS\ISASOFT.INI
2010-02-10 01:36:44 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-10 01:36:43 ----RSD---- C:\WINDOWS\assembly
2010-02-09 23:21:45 ----SD---- C:\Documents and Settings\tpavlik\Application Data\Microsoft
2010-02-09 09:21:47 ----D---- C:\Program Files\Google
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-24 09:41:34 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-24 09:39:48 ----D---- C:\Program Files\PDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2004-08-18 16128]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-11-10 333192]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-11-10 28424]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-10 360584]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-05 62799]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.0.1; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-10-21 17056]
R2 BASFND;BASFND; \??\C:\WINDOWS\system32\Drivers\BASFND.sys []
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-08-31 11354]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2239]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-10 30104]
R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-09-03 121472]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-17 200064]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 newnhamga;newnhamga; C:\WINDOWS\system32\DRIVERS\newnhamgaport.sys [2006-03-08 13424]
R3 newnhammirror;newnhammirror; C:\WINDOWS\system32\DRIVERS\newnhammirrorport.sys [2006-03-08 10096]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-14 182688]
R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2004-06-24 23552]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-01-08 51582]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-21 3210496]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-17 685056]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usbxp.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-10 30104]
S3 AX88772;ASIX AX88772 USB2.0 to Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\ax88772.sys [2006-09-06 19072]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys [2004-03-24 4272]
S3 DisplayLinkGA;DisplayLinkGA; C:\WINDOWS\system32\DRIVERS\DisplayLinkGAport.sys []
S3 DisplayLinkmirror;DisplayLinkmirror; C:\WINDOWS\system32\DRIVERS\DisplayLinkmirrorport.sys []
S3 DisplayLinkUsbPort;DisplayLink USB Device; C:\WINDOWS\system32\DRIVERS\DisplayLinkUsbPort.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 FTDIBUS;SEMC DSS-20 SyncStation Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2003-02-21 19153]
S3 FTLUND;Lundinova Filter Driver; C:\WINDOWS\system32\drivers\ftlund.sys [2004-01-19 6828]
S3 FTSER2K;SEMC DSS SyncStation Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2004-01-19 50396]
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys [2004-02-20 159308]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 newnhamusbport;USB Display Adapter; C:\WINDOWS\system32\DRIVERS\newnhamusbport.sys [2006-03-08 29296]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-17 2851]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-01-17 98304]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-09 36531]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-16 50048]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2004-12-16 50048]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-22 34816]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-10 285392]
R2 avgagent;AVG7 Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-01-15 2304192]
R2 BAsfIpM;Broadcom ASF IP monitoring service v6.0.4; C:\WINDOWS\system32\basfipm.exe [2004-04-01 77824]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-09-07 86016]
R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics; C:\lotus\notes\nsd.exe [2009-09-29 3397000]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\lotus\notes\ntmulti.exe [2009-09-29 58760]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [2005-03-03 356352]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-09-07 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-09-07 360521]
R2 USB Display Service;USB Display Service; C:\Program Files\USB Display Adapter\USBDisplayService.exe [2006-03-08 54896]
R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-09-07 225353]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c9df8ecb685806;Služba Google Update (gupdate1c9df8ecb685806); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-28 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-28 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2005-02-20 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 winvnc;VNC Server; C:\WINDOWS\Pointdev\VNC\WinVNC.exe [2005-05-10 667648]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[stell]

Zdravim

Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem

Kód: Vybrat vše

:processes
explorer.exe

:files
C:\Documents and Settings\tpavlik\Start Menu\Programs\Startup\monnid32.exe
C:\WINDOWS\system32\fjhdyfhsn.bat

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bf1578c-aa4f-11dd-935a-0050b640ba44}]

:commands
[emptytemp]
[ClearAllRestorePoints]
[resethosts]
[start explorer]
[Reboot]

ttp://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe
Stiahnes>>Malwarebytes' Anti-Malware
sprav komplet skan,,log vloz sem,

[amarok]

Zasilam log z OTM:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File move failed. C:\Documents and Settings\tpavlik\Start Menu\Programs\Startup\monnid32.exe scheduled to be moved on reboot.
C:\WINDOWS\system32\fjhdyfhsn.bat moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bf1578c-aa4f-11dd-935a-0050b640ba44}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1bf1578c-aa4f-11dd-935a-0050b640ba44}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 1599 bytes
->Temporary Internet Files folder emptied: 4888035 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: jminarik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 802282 bytes
->Temporary Internet Files folder emptied: 756584 bytes

User: ptous
->Temp folder emptied: 1599 bytes
->Temporary Internet Files folder emptied: 238245 bytes
->Java cache emptied: 45599 bytes

User: tpavlik
->Temp folder emptied: 18666942 bytes
->Temporary Internet Files folder emptied: 298527629 bytes
->Java cache emptied: 35830631 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24121584 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 10447810 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 43149 bytes

Total Files Cleaned = 376,00 mb


Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.9.0 log created on 02222010_110836

Files moved on Reboot...
C:\Documents and Settings\tpavlik\Start Menu\Programs\Startup\monnid32.exe moved successfully.

Registry entries deleted on Reboot...

[amarok]

Zasilam log z MBAM:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

22.2.2010 12:57:17
mbam-log-2010-02-22 (12-57-09)_mbam

Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 221783
Uplynulý čas: 1 hour(s), 18 minute(s), 51 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Documents and Settings\tpavlik\Application Data\avdrn.dat (Malware.Trace) -> No action taken.

[stell]

Dobre zmaz co Malwarebytes nasiel,,mas este problem s pc??

[amarok]

Zatim bezi dobre, Diky.

[stell]

dobre ,,ak nieco tak napis,,

nemas zaco.