VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=99938

Stránka 1 z 2

Prosím o kontrolu logu

Napsal: 10 dub 2010 17:54
od acc
Prosím o kontrolu logu a děkuji alespoň za odpoved RTFM

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-04-10 18:51:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (39%) free of 30 GB
Total RAM: 1022 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52:12, on 10.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\wincmd\TOTALCMD.EXE
C:\download\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
E:\HijackThis\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1029
O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: syspck32.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 6221 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-05-15 339968]
"acerWireless"=C:\Program Files\acer\Wireless\Utility\WlanUtil.exe [2004-06-09 417792]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-20 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-20 532480]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-07-05 315392]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-21 40960]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"PRONoMgr.exe"=C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe [2004-02-05 86016]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"FinePrint Dispatcher v4"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe [2001-03-08 327680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mRouterConfig]
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
C:\PROGRA~1\ESET\MINODL~1\MINODL~1.EXE -u -d 10000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [2005-06-06 1183744]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
syspck32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
C:\WINDOWS\system32\LgNotify.dll [2004-03-03 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-03-30 200064]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe"="C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\download\Miranda IM\miranda32.exe"="C:\download\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"E:\1\1\miranda32.exe"="E:\1\1\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Appz\miranda-pack-105\miranda32.exe"="C:\Appz\miranda-pack-105\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\I&M\MaxSea\MaxSea.exe"="C:\Program Files\I&M\MaxSea\MaxSea.exe:*:Enabled:MaxSea"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-10 10:32:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-10 10:32:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-04-10 10:16:59 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2010-04-09 18:01:54 ----A---- C:\ComboFix.txt
2010-04-09 17:26:31 ----A---- C:\Boot.bak
2010-04-09 17:26:25 ----RASHD---- C:\cmdcons
2010-04-09 17:23:38 ----A---- C:\WINDOWS\zip.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\SWSC.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\SWREG.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\sed.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\PEV.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\NIRCMD.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\MBR.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\grep.exe
2010-04-09 17:23:24 ----D---- C:\WINDOWS\ERDNT
2010-04-09 17:22:42 ----D---- C:\Qoobox
2010-04-09 08:35:57 ----D---- C:\Program Files\trend micro
2010-04-09 08:35:49 ----D---- C:\rsit
2010-04-09 07:53:05 ----D---- C:\!KillBox
2010-04-07 10:01:28 ----A---- C:\WINDOWS\SeaDriver.ini
2010-04-07 10:01:28 ----A---- C:\WINDOWS\Predictor.ini
2010-04-07 10:01:25 ----A---- C:\WINDOWS\CMapConfig.ini
2010-04-07 09:56:48 ----D---- C:\WINDOWS\MaxSea
2010-04-07 09:56:46 ----A---- C:\WINDOWS\SeaDriver2000.ini
2010-04-07 09:37:50 ----D---- C:\Program Files\SentEmul
2010-04-07 09:32:06 ----D---- C:\Program Files\C-Map
2010-04-07 09:31:50 ----A---- C:\WINDOWS\Maxsea.ini
2010-04-07 09:31:23 ----A---- C:\WINDOWS\system32\CMGBase.dll
2010-04-07 09:31:21 ----A---- C:\WINDOWS\Crypkey.ini
2010-04-07 09:31:17 ----RA---- C:\WINDOWS\Setup_ck.exe
2010-04-07 09:31:17 ----A---- C:\WINDOWS\system32\Crypserv.exe
2010-04-07 09:31:17 ----A---- C:\WINDOWS\Setup_ck.dll
2010-04-07 09:31:17 ----A---- C:\WINDOWS\Ckrfresh.exe
2010-04-07 09:31:17 ----A---- C:\WINDOWS\Ckconfig.exe
2010-04-07 09:31:13 ----D---- C:\WINDOWS\system32\RNBOSENT
2010-04-07 09:31:13 ----A---- C:\WINDOWS\system32\SNTI386.DLL
2010-04-07 09:31:13 ----A---- C:\WINDOWS\system32\RNBOVDD.DLL
2010-04-07 09:30:38 ----D---- C:\WINDOWS\Drivers
2010-04-07 09:30:15 ----D---- C:\Program Files\I&M
2010-03-31 07:40:08 ----D---- C:\Documents and Settings\Administrator\Data aplikací\VMware
2010-03-31 07:13:55 ----A---- C:\WINDOWS\system32\vmnetdhcp.exe
2010-03-31 07:13:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2010-03-31 07:13:51 ----A---- C:\WINDOWS\system32\vmnat.exe
2010-03-31 07:13:40 ----A---- C:\WINDOWS\system32\vnetlib.dll
2010-03-31 07:03:18 ----D---- C:\Program Files\Common Files\VMware
2010-03-31 07:03:17 ----D---- C:\Program Files\VMware
2010-03-30 20:57:21 ----D---- C:\Program Files\miranda-pack-105
2010-03-30 20:31:07 ----D---- C:\Program Files\ESET
2010-03-30 20:04:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-03-30 20:04:32 ----A---- C:\WINDOWS\system32\javaws.exe
2010-03-30 20:04:32 ----A---- C:\WINDOWS\system32\javaw.exe
2010-03-30 20:04:32 ----A---- C:\WINDOWS\system32\java.exe
2010-03-28 11:30:15 ----D---- C:\Folklor_movie
2010-03-28 11:20:28 ----D---- C:\Program Files\Miranda IM
2010-03-26 08:12:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Tor
2010-03-26 08:12:51 ----D---- C:\Program Files\Vidalia Bundle
2010-03-20 12:18:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-03-20 12:18:15 ----D---- C:\Program Files\DVD Shrink
2010-03-20 12:15:13 ----D---- C:\Program Files\ultraiso
2010-03-15 21:56:05 ----D---- C:\Program Files\HxD
2010-03-15 20:31:22 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mael
2010-03-15 16:34:17 ----D---- C:\Program Files\PSAS
2010-03-13 16:37:49 ----D---- C:\WINDOWS\system32\NtmsData
2010-03-13 16:05:14 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll

======List of files/folders modified in the last 1 months======

2010-04-10 16:09:59 ----D---- C:\download
2010-04-10 15:54:59 ----A---- C:\WINDOWS\WINCMD.INI
2010-04-10 15:37:40 ----D---- C:\Program Files\Mozilla Thunderbird
2010-04-10 15:22:09 ----D---- C:\WINDOWS\Temp
2010-04-10 10:32:52 ----RD---- C:\Program Files
2010-04-10 10:26:07 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-10 10:16:59 ----D---- C:\WINDOWS\system32
2010-04-09 18:19:24 ----D---- C:\Program Files\wincmd
2010-04-09 18:01:56 ----D---- C:\WINDOWS\system32\drivers
2010-04-09 18:01:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-09 17:58:09 ----D---- C:\WINDOWS
2010-04-09 17:58:09 ----A---- C:\WINDOWS\system.ini
2010-04-09 17:54:32 ----D---- C:\WINDOWS\AppPatch
2010-04-09 17:54:27 ----D---- C:\Program Files\Common Files
2010-04-09 17:43:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2010-04-09 17:42:49 ----D---- C:\WINDOWS\system32\config
2010-04-09 17:26:31 ----RASH---- C:\boot.ini
2010-04-08 21:17:23 ----A---- C:\WINDOWS\win.ini
2010-04-07 15:20:14 ----HD---- C:\WINDOWS\inf
2010-04-07 10:27:07 ----D---- C:\WINDOWS\system32\DllCache
2010-04-07 10:27:01 ----D---- C:\Program Files\Internet Explorer
2010-04-07 09:32:07 ----SHD---- C:\WINDOWS\Installer
2010-04-07 09:30:20 ----RSD---- C:\WINDOWS\Fonts
2010-04-06 23:28:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2010-04-04 10:59:38 ----D---- C:\Program Files\Mozilla Firefox
2010-04-02 22:00:41 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-01 09:43:45 ----D---- C:\WINDOWS\Minidump
2010-04-01 09:27:32 ----D---- C:\Docs
2010-03-31 07:36:23 ----D---- C:\WINDOWS\security
2010-03-31 07:14:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-31 07:02:18 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-31 06:59:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 20:33:22 ----D---- C:\WINDOWS\pss
2010-03-30 20:29:45 ----D---- C:\temp
2010-03-30 20:04:51 ----D---- C:\Program Files\Common Files\Java
2010-03-30 20:04:14 ----D---- C:\Program Files\Java
2010-03-26 08:33:10 ----D---- C:\Appz
2010-03-13 16:02:09 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-11 14:36:24 ----N---- C:\WINDOWS\system32\wininet.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\pngfilt.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\occache.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\mstime.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\msrating.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\mshtmled.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\mshtml.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\url.dll
2010-03-11 14:36:22 ----N---- C:\WINDOWS\system32\jsproxy.dll
2010-03-11 14:36:22 ----N---- C:\WINDOWS\system32\iernonce.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\ieaksie.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\ieakeng.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\icardie.dll
2010-03-11 14:36:20 ----N---- C:\WINDOWS\system32\dxtrans.dll
2010-03-11 14:36:20 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2010-03-11 14:36:20 ----A---- C:\WINDOWS\system32\corpol.dll
2010-03-11 14:36:20 ----A---- C:\WINDOWS\system32\advpack.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 SMBHC;Microsoft SM Bus Host Controller Driver; C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2005-07-29 6784]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.2.1.0; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2009-12-22 14037]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2004-05-31 4054]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2003-09-15 11258]
R2 sentemul;sentemul; \??\C:\WINDOWS\system32\drivers\sentemul.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2006-11-13 30256]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-05-15 745984]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-04-29 292352]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-04-29 274688]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2002-11-20 17983]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2005-07-29 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-02-02 27632]
R3 SMBBATT;Microsoft Smart Battery Driver; C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2008-04-13 16000]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-20 184768]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2006-11-13 16560]
R3 w22n51;Intel(R) PRO/Wireless 2200 Adapter Driver; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-03-08 1657344]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
S3 androidusb;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2008-10-20 25728]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2005-07-29 3328]
S3 Sentinel;Sentinel; \??\C:\WINDOWS\system32\drivers\sentinel.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2005-05-31 26120]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-07-05 1286144]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-05-15 376832]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 RegSrvc;RegSrvc; C:\WINDOWS\system32\RegSrvc.exe [2004-03-03 122880]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\system32\S24EvMon.exe [2004-03-03 311363]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2006-11-13 224048]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2006-11-13 113456]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2006-11-13 269104]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2006-11-13 142128]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

-----------------EOF-----------------

Re: Prosím o kontrolu logu

Napsal: 10 dub 2010 20:05
od Rudy
V PC chybí antivir. Nainstalujte, updatujte, proveďte sken a dejte nový log z RSIT.

Re: Prosím o kontrolu logu

Napsal: 10 dub 2010 20:46
od acc
Log je po online scanu Esetem, ale nainstaluji

Re: Prosím o kontrolu logu

Napsal: 10 dub 2010 21:19
od Rudy
acc píše:Log je po online scanu Esetem, ale nainstaluji
Online sken je v běžném provozu k ničemu. PC musí mít realtime ochranu, jinak jste na iínternetu snadným cílem. Bez nainstalovaného AV nemá smysl ani PC čistit.

Re: Prosím o kontrolu logu

Napsal: 10 dub 2010 21:43
od acc
Akceptuji a ted cekam na vysledek. Btw je Eset spravna volba?

Re: Prosím o kontrolu logu

Napsal: 10 dub 2010 22:18
od Rudy
Eset vám určitě mohu doporučit. Existují ale free programy solidní kvality, např. Avast, nebo Avira.

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 14:00
od acc
Tak konecne po patnacti hodinach skoncil test s vysledkem 0 infikovanych souboru.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-04-11 14:55:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (38%) free of 30 GB
Total RAM: 1022 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56:23, on 11.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\wincmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\download\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
E:\HijackThis\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1029
O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: syspck32.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 6488 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-05-15 339968]
"acerWireless"=C:\Program Files\acer\Wireless\Utility\WlanUtil.exe [2004-06-09 417792]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-20 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-20 532480]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-07-05 315392]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-21 40960]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"PRONoMgr.exe"=C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe [2004-02-05 86016]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"FinePrint Dispatcher v4"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe [2001-03-08 327680]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2145000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mRouterConfig]
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
C:\PROGRA~1\ESET\MINODL~1\MINODL~1.EXE -u -d 10000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [2005-06-06 1183744]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
syspck32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
C:\WINDOWS\system32\LgNotify.dll [2004-03-03 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-03-30 200064]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe"="C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\download\Miranda IM\miranda32.exe"="C:\download\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"E:\1\1\miranda32.exe"="E:\1\1\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Appz\miranda-pack-105\miranda32.exe"="C:\Appz\miranda-pack-105\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\I&M\MaxSea\MaxSea.exe"="C:\Program Files\I&M\MaxSea\MaxSea.exe:*:Enabled:MaxSea"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-10 21:56:55 ----D---- C:\WINDOWS\LastGood
2010-04-10 21:54:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-04-10 10:32:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-10 10:32:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-04-10 10:16:59 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2010-04-09 18:01:54 ----A---- C:\ComboFix.txt
2010-04-09 17:26:31 ----A---- C:\Boot.bak
2010-04-09 17:26:25 ----RASHD---- C:\cmdcons
2010-04-09 17:23:38 ----A---- C:\WINDOWS\zip.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\SWSC.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\SWREG.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\sed.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\PEV.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\NIRCMD.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\MBR.exe
2010-04-09 17:23:38 ----A---- C:\WINDOWS\grep.exe
2010-04-09 17:23:24 ----D---- C:\WINDOWS\ERDNT
2010-04-09 17:22:42 ----D---- C:\Qoobox
2010-04-09 08:35:57 ----D---- C:\Program Files\trend micro
2010-04-09 08:35:49 ----D---- C:\rsit
2010-04-09 07:53:05 ----D---- C:\!KillBox
2010-04-07 10:01:28 ----A---- C:\WINDOWS\SeaDriver.ini
2010-04-07 10:01:28 ----A---- C:\WINDOWS\Predictor.ini
2010-04-07 10:01:25 ----A---- C:\WINDOWS\CMapConfig.ini
2010-04-07 09:56:48 ----D---- C:\WINDOWS\MaxSea
2010-04-07 09:56:46 ----A---- C:\WINDOWS\SeaDriver2000.ini
2010-04-07 09:37:50 ----D---- C:\Program Files\SentEmul
2010-04-07 09:32:06 ----D---- C:\Program Files\C-Map
2010-04-07 09:31:50 ----A---- C:\WINDOWS\Maxsea.ini
2010-04-07 09:31:23 ----A---- C:\WINDOWS\system32\CMGBase.dll
2010-04-07 09:31:21 ----A---- C:\WINDOWS\Crypkey.ini
2010-04-07 09:31:17 ----RA---- C:\WINDOWS\Setup_ck.exe
2010-04-07 09:31:17 ----A---- C:\WINDOWS\system32\Crypserv.exe
2010-04-07 09:31:17 ----A---- C:\WINDOWS\Setup_ck.dll
2010-04-07 09:31:17 ----A---- C:\WINDOWS\Ckrfresh.exe
2010-04-07 09:31:17 ----A---- C:\WINDOWS\Ckconfig.exe
2010-04-07 09:31:13 ----D---- C:\WINDOWS\system32\RNBOSENT
2010-04-07 09:31:13 ----A---- C:\WINDOWS\system32\SNTI386.DLL
2010-04-07 09:31:13 ----A---- C:\WINDOWS\system32\RNBOVDD.DLL
2010-04-07 09:30:38 ----D---- C:\WINDOWS\Drivers
2010-04-07 09:30:15 ----D---- C:\Program Files\I&M
2010-03-31 07:40:08 ----D---- C:\Documents and Settings\Administrator\Data aplikací\VMware
2010-03-31 07:13:55 ----A---- C:\WINDOWS\system32\vmnetdhcp.exe
2010-03-31 07:13:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2010-03-31 07:13:51 ----A---- C:\WINDOWS\system32\vmnat.exe
2010-03-31 07:13:40 ----A---- C:\WINDOWS\system32\vnetlib.dll
2010-03-31 07:03:18 ----D---- C:\Program Files\Common Files\VMware
2010-03-31 07:03:17 ----D---- C:\Program Files\VMware
2010-03-30 20:57:21 ----D---- C:\Program Files\miranda-pack-105
2010-03-30 20:31:07 ----D---- C:\Program Files\ESET
2010-03-30 20:04:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-03-30 20:04:32 ----A---- C:\WINDOWS\system32\javaws.exe
2010-03-30 20:04:32 ----A---- C:\WINDOWS\system32\javaw.exe
2010-03-30 20:04:32 ----A---- C:\WINDOWS\system32\java.exe
2010-03-28 11:30:15 ----D---- C:\Folklor_movie
2010-03-28 11:20:28 ----D---- C:\Program Files\Miranda IM
2010-03-26 08:12:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Tor
2010-03-26 08:12:51 ----D---- C:\Program Files\Vidalia Bundle
2010-03-20 12:18:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-03-20 12:18:15 ----D---- C:\Program Files\DVD Shrink
2010-03-20 12:15:13 ----D---- C:\Program Files\ultraiso
2010-03-15 21:56:05 ----D---- C:\Program Files\HxD
2010-03-15 20:31:22 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mael
2010-03-15 16:34:17 ----D---- C:\Program Files\PSAS
2010-03-13 16:37:49 ----D---- C:\WINDOWS\system32\NtmsData
2010-03-13 16:05:14 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll

======List of files/folders modified in the last 1 months======

2010-04-11 14:56:24 ----D---- C:\WINDOWS\Temp
2010-04-11 10:43:04 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2010-04-11 10:40:01 ----D---- C:\Program Files\Mozilla Thunderbird
2010-04-10 21:57:43 ----SHD---- C:\WINDOWS\Installer
2010-04-10 21:57:14 ----D---- C:\WINDOWS\system32\drivers
2010-04-10 21:57:13 ----HD---- C:\WINDOWS\inf
2010-04-10 21:56:55 ----D---- C:\WINDOWS
2010-04-10 21:56:37 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-10 21:45:37 ----D---- C:\download
2010-04-10 15:54:59 ----A---- C:\WINDOWS\WINCMD.INI
2010-04-10 10:32:52 ----RD---- C:\Program Files
2010-04-10 10:26:07 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-10 10:16:59 ----D---- C:\WINDOWS\system32
2010-04-09 18:19:24 ----D---- C:\Program Files\wincmd
2010-04-09 17:58:09 ----A---- C:\WINDOWS\system.ini
2010-04-09 17:54:32 ----D---- C:\WINDOWS\AppPatch
2010-04-09 17:54:27 ----D---- C:\Program Files\Common Files
2010-04-09 17:43:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2010-04-09 17:42:49 ----D---- C:\WINDOWS\system32\config
2010-04-09 17:26:31 ----RASH---- C:\boot.ini
2010-04-08 21:17:23 ----A---- C:\WINDOWS\win.ini
2010-04-07 10:27:07 ----D---- C:\WINDOWS\system32\DllCache
2010-04-07 10:27:01 ----D---- C:\Program Files\Internet Explorer
2010-04-07 09:30:20 ----RSD---- C:\WINDOWS\Fonts
2010-04-04 10:59:38 ----D---- C:\Program Files\Mozilla Firefox
2010-04-02 22:00:41 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-01 09:43:45 ----D---- C:\WINDOWS\Minidump
2010-04-01 09:27:32 ----D---- C:\Docs
2010-03-31 07:36:23 ----D---- C:\WINDOWS\security
2010-03-31 07:14:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-31 07:02:18 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-31 06:59:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 20:33:22 ----D---- C:\WINDOWS\pss
2010-03-30 20:29:45 ----D---- C:\temp
2010-03-30 20:04:51 ----D---- C:\Program Files\Common Files\Java
2010-03-30 20:04:14 ----D---- C:\Program Files\Java
2010-03-26 08:33:10 ----D---- C:\Appz
2010-03-13 16:02:09 ----D---- C:\WINDOWS\system32\ReinstallBackups

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-31 95872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 SMBHC;Microsoft SM Bus Host Controller Driver; C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2005-07-29 6784]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-31 140216]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.2.1.0; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2009-12-22 14037]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2004-05-31 4054]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2003-09-15 11258]
R2 sentemul;sentemul; \??\C:\WINDOWS\system32\drivers\sentemul.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2006-11-13 30256]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-05-15 745984]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-04-29 292352]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-04-29 274688]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2002-11-20 17983]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2005-07-29 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-02-02 27632]
R3 SMBBATT;Microsoft Smart Battery Driver; C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2008-04-13 16000]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-20 184768]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2006-11-13 16560]
R3 w22n51;Intel(R) PRO/Wireless 2200 Adapter Driver; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-03-08 1657344]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
S3 androidusb;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2008-10-20 25728]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2005-07-29 3328]
S3 Sentinel;Sentinel; \??\C:\WINDOWS\system32\drivers\sentinel.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2005-05-31 26120]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-07-05 1286144]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-05-15 376832]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 RegSrvc;RegSrvc; C:\WINDOWS\system32\RegSrvc.exe [2004-03-03 122880]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\system32\S24EvMon.exe [2004-03-03 311363]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2006-11-13 224048]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2006-11-13 113456]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2006-11-13 269104]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2006-11-13 142128]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 33560]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

-----------------EOF-----------------

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 16:09
od Rudy
Log vypadá čistý.

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 17:52
od acc
Dekuji, da se z toho logu tez vyvodit, proc mi XP hlasi 100% vytizeni procesoru?

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 18:46
od Rudy
To nedá. Který proces nejvíc zatěžuje systém?

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 19:11
od acc
svchost.exe

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 20:09
od Rudy
Zkuste vypnout aut. aktualizace.

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 20:26
od acc
pokud mate na mysli aktualizace XP, tak byly nastaveny na oznamovani a stazeni rucne. ted sem je zakazal a po restartu nijaka zmena. nebo jste myslel nejake jine? zakazal sem temer vse co slo pres msconfig. nechal sem aplikace od aceru, eset, virt. mechaniku, tisk a neco od intelu.

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 20:39
od Rudy
Dejte log z Combofix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: Prosím o kontrolu logu

Napsal: 11 dub 2010 21:46
od acc
ComboFix 10-04-10.02 - Administrator 11.04.2010 22:32:41.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1022.718 [GMT 2:00]
Spuštěný z: c:\download\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-11 do 2010-04-11 )))))))))))))))))))))))))))))))
.

2010-04-10 08:32 . 2010-04-10 12:40 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-10 08:16 . 2005-08-25 17:18 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-04-09 06:35 . 2010-04-09 06:36 -------- d-----w- c:\program files\trend micro
2010-04-09 06:35 . 2010-04-09 06:36 -------- d-----w- C:\rsit
2010-04-09 05:53 . 2010-04-09 05:53 -------- d-----w- C:\!KillBox
2010-04-07 07:56 . 2010-04-07 07:56 -------- d-----w- c:\windows\MaxSea
2010-04-07 07:37 . 2010-04-11 17:34 -------- d-----w- c:\program files\SentEmul
2010-04-07 07:37 . 2003-03-24 16:06 11812 ----a-w- c:\windows\system32\drivers\SentEmul.sys
2010-04-07 07:32 . 2002-07-26 14:07 20000 ------w- c:\windows\system32\drivers\cmapusb.sys
2010-04-07 07:32 . 2002-07-26 10:59 16088 ------w- c:\windows\system32\drivers\cmapldr.sys
2010-04-07 07:32 . 2002-07-29 08:44 18013 ------w- c:\windows\system32\drivers\cmap_pc2.sys
2010-04-07 07:32 . 2010-04-07 07:32 -------- d-----w- c:\program files\C-Map
2010-04-07 07:31 . 2002-04-16 19:29 192512 ----a-w- c:\windows\system32\CMGBase.dll
2010-04-07 07:31 . 2000-06-29 08:45 52224 ----a-w- c:\windows\system32\Crypserv.exe
2010-04-07 07:31 . 2000-02-03 19:53 24608 ----a-w- c:\windows\system32\Ckldrv.sys
2010-04-07 07:31 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe
2010-04-07 07:31 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe
2010-04-07 07:31 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll
2010-04-07 07:31 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2010-04-07 07:31 . 2005-05-31 03:30 26120 ----a-w- c:\windows\system32\drivers\SNTNLUSB.SYS
2010-04-07 07:31 . 2010-04-07 07:31 -------- d-----w- c:\windows\system32\RNBOSENT
2010-04-07 07:31 . 2005-05-31 03:30 50176 ----a-w- c:\windows\system32\SNTI386.DLL
2010-04-07 07:31 . 2005-05-31 03:30 76288 ------w- c:\windows\system32\drivers\SENTINEL.SYS
2010-04-07 07:31 . 2005-05-31 03:30 18432 ----a-w- c:\windows\system32\RNBOVDD.DLL
2010-04-07 07:30 . 2010-04-07 07:30 -------- d-----w- c:\windows\Drivers
2010-04-07 07:30 . 2010-04-07 07:30 -------- d-----w- c:\program files\I&M
2010-04-06 22:56 . 2010-04-11 20:39 804864 ----a-w- c:\windows\system32\drivers\ohvgntx.sys
2010-03-31 06:23 . 2010-03-31 06:23 95872 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2010-03-31 06:22 . 2010-03-31 06:22 114984 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-03-31 06:17 . 2010-03-31 06:17 140216 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-03-31 05:13 . 2006-11-13 11:00 113456 ----a-w- c:\windows\system32\vmnetdhcp.exe
2010-03-31 05:13 . 2006-11-13 11:01 142128 ----a-w- c:\windows\system32\vmnat.exe
2010-03-31 05:13 . 2006-11-13 11:01 22576 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2010-03-31 05:13 . 2006-11-13 11:01 391984 ----a-w- c:\windows\system32\vnetlib.dll
2010-03-31 05:03 . 2010-03-31 05:03 -------- d-----w- c:\program files\Common Files\VMware
2010-03-31 05:03 . 2010-03-31 05:03 -------- d-----w- c:\program files\VMware
2010-03-30 18:57 . 2010-03-30 18:57 -------- d-----w- c:\program files\miranda-pack-105
2010-03-30 18:31 . 2010-04-10 19:54 -------- d-----w- c:\program files\ESET
2010-03-28 09:30 . 2010-03-28 09:30 -------- d-----w- C:\Folklor_movie
2010-03-28 09:20 . 2010-03-28 09:21 -------- d-----w- c:\program files\Miranda IM
2010-03-26 06:12 . 2010-04-01 07:46 -------- d-----w- c:\program files\Vidalia Bundle
2010-03-20 10:18 . 2010-03-20 10:18 -------- d-----w- c:\program files\DVD Shrink
2010-03-20 10:15 . 2010-03-20 10:15 -------- d-----w- c:\program files\ultraiso
2010-03-15 19:56 . 2010-03-16 06:51 -------- d-----w- c:\program files\HxD
2010-03-15 14:34 . 2010-03-15 14:34 -------- d-----w- c:\program files\PSAS
2010-03-13 14:37 . 2010-03-13 14:39 -------- d-----w- c:\windows\system32\NtmsData
2010-03-13 14:05 . 2008-10-19 22:00 25728 ----a-w- c:\windows\system32\drivers\androidusb.sys
2010-03-13 14:05 . 2008-10-19 22:00 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2010-03-13 14:02 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-03-13 13:25 . 2010-03-13 13:25 -------- d-----w- c:\documents and settings\Administrator\.android
2010-03-13 13:14 . 2005-07-29 16:12 3328 ----a-w- c:\windows\system32\drivers\qv2kux.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-11 17:14 . 2009-12-22 10:00 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-04-09 16:19 . 2009-12-22 07:25 -------- d-----w- c:\program files\wincmd
2010-03-31 05:14 . 2001-10-25 14:00 47604 ----a-w- c:\windows\system32\perfc005.dat
2010-03-31 05:14 . 2001-10-25 14:00 312912 ----a-w- c:\windows\system32\perfh005.dat
2010-03-30 18:04 . 2009-12-22 09:15 -------- d-----w- c:\program files\Common Files\Java
2010-03-30 18:04 . 2009-12-22 09:15 -------- d-----w- c:\program files\Java
2010-03-22 19:21 . 2005-07-29 15:13 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-03-13 14:06 . 2010-03-13 14:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_androidusb_01005.Wdf
2010-03-11 12:36 . 2004-08-17 13:49 832512 ------w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2004-08-17 13:49 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-09 02:28 . 2010-01-01 16:14 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-02 14:03 . 2010-02-02 14:04 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
.

------- Sigcheck -------

[-] 2010-03-22 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\DllCache\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys

[7] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll

[7] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll

c:\windows\System32\regsvc.dll ... chybí !!
c:\windows\System32\schedsvc.dll ... chybí !!
.
((((((((((((((((((((((((((((( SnapShot@2010-04-09_15.58.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-11 20:38 . 2010-04-11 20:38 16384 c:\windows\Temp\Perflib_Perfdata_cc.dat
+ 2010-04-11 20:38 . 2010-04-11 20:38 16384 c:\windows\Temp\Perflib_Perfdata_374.dat
+ 2010-04-11 20:31 . 2010-04-11 20:31 16384 c:\windows\Temp\Perflib_Perfdata_1f0.dat
+ 2010-04-10 19:57 . 2010-04-10 19:57 10134 c:\windows\Installer\{08B38E56-09A1-4155-906C-FA5A6495C34B}\callmsi.exe
+ 2010-04-10 19:57 . 2010-04-10 19:57 958976 c:\windows\Installer\184c22d.msi
+ 2010-04-10 19:57 . 2010-04-10 19:57 101480 c:\windows\Installer\{08B38E56-09A1-4155-906C-FA5A6495C34B}\egui.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-20 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-20 532480]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2004-07-05 315392]
"FinePrint Dispatcher v4"="c:\windows\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe" [2001-03-07 327680]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-15 339968]
"PRONoMgr.exe"="c:\program files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2004-02-05 86016]
"acerWireless"="c:\program files\acer\Wireless\Utility\WlanUtil.exe" [2004-06-09 417792]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
syspck32.exe [2008-4-14 31744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2004-03-03 15:48 110592 ----a-w- c:\windows\system32\LgNotify.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^syspck32.exe]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\syspck32.exe
backup=c:\windows\pss\syspck32.exeStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Aktualizovat ESET licenci.lnk
backup=c:\windows\pss\Aktualizovat ESET licenci.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2010-03-31 06:22 2145000 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mRouterConfig]
2006-03-02 10:54 290816 ----a-w- c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
2007-12-25 14:53 548864 ----a-r- c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-10-21 10:52 40960 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 13:31 2144088 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Administrator\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"=
"c:\\Program Files\\MyPhoneExplorer\\MyPhoneExplorer.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\download\\Miranda IM\\miranda32.exe"=
"e:\\1\\1\\miranda32.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Appz\\miranda-pack-105\\miranda32.exe"=
"c:\\Program Files\\I&M\\MaxSea\\MaxSea.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"64893:TCP"= 64893:TCP:utorrent

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [27.12.2009 17:37 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [27.12.2009 17:37 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [31.3.2010 8:22 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [31.3.2010 8:23 95872]
R1 SMBHC;Microsoft SM Bus Host Controller Driver;c:\windows\system32\drivers\smbhc.sys [22.12.2009 0:38 6784]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [31.3.2010 8:23 810120]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2.2.2010 16:04 27632]
R3 SMBBATT;Microsoft Smart Battery Driver;c:\windows\system32\drivers\smbbatt.sys [22.12.2009 0:38 16000]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [13.3.2010 16:05 25728]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [26.1.2010 15:12 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [26.1.2010 15:12 8320]
S3 sentemul;sentemul;c:\windows\system32\drivers\SentEmul.sys [7.4.2010 9:37 11812]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - ohvgntx
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\kg9qeykp.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://morfeo.centrum.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101795&gct=&gc=1&q=
FF - component: c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\kg9qeykp.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll

---- NASTAVENÍ FIREFOXU ----
# Tento soubor slouží pro nastavení různých předvoleb

//Předvolby jsou z tohoto souboru pouze načítány při startu prohlížeče a nehrozí tedy jejich přepis

//narozdíl od souboru prefs.js, který je generovaný při ukončení prohlížeče a zachycuje stav předvoleb.


// Použití postranní lišty Stahování namísto jednotlivých oken
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-11 22:39
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\syspck32.exe 31744 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x863E0C68]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf78c7f28
\Driver\ACPI -> ACPI.sys @ 0xf77f4cb8
\Driver\atapi -> 0x863e0c68
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: Intel(R) PRO/Wireless 2200BG Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf752bbb0
PacketIndicateHandler -> NDIS.sys @ 0xf7538a21
SendHandler -> NDIS.sys @ 0xf751687b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ohvgntx]

.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1164)
c:\windows\system32\LgNotify.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\S24EvMon.exe
c:\windows\system32\ZCfgSvc.exe
c:\acer\eManager\anbmServ.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\windows\system32\crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\RegSrvc.exe
c:\program files\VMware\VMware Workstation\vmware-authd.exe
c:\program files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
c:\windows\system32\vmnat.exe
c:\windows\system32\vmnetdhcp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\1XConfig.exe
.
**************************************************************************
.
Celkový čas: 2010-04-11 22:43:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-11 20:43
ComboFix2.txt 2010-04-09 16:01

Před spuštěním: Volných bajtů: 11 873 751 040
Po spuštění: Volných bajtů: 11 847 979 008

- - End Of File - - 8B1C933E4CC6E80680A77F4A31572CFA
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz