Prosím o kontrolu

[petr7003]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:33, on 9.9.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\ansyslmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Microsoft Office\Office\EXCEL.EXE
C:\Program Files\Bentley\AutoPIPE XM\autopipe.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\autocad 2004\acad.exe
C:\DOCUME~1\PETRNO~1\LOCALS~1\Temp\~e5d141.tmp
C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
C:\Program Files\Bentley\AutoPIPE XM\APIPVIEW.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVG7\avgregcl.exe /BOOT
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1029
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3a4f9191-65a8-11d5-85c1-0001023952c1} (TE) - http://www.skylinesoft.com/interactive/ ... all/TE.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0463301703
O16 - DPF: {B10CBD8D-F9B6-11CF-9B38-0080AD11B667} (Ikonic Button Control) - file:///C:/novak/Strojnicke_tabulky/script/ikcntrls.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file://C:\Program Files\Autocad_L\AcPreview.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Bentley License Client (IEGLicSrv) - Bentley Systems Inc. - C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 9162 bytes

[Reklama]

[jaro3]

Vítej na fóru PC-HELP!
Fix HJT:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O4 - Startup: PowerReg SchedulerV2.exe

Jaké jsou problémy?

[petr7003]

Vymazala se mi veškerá pošta a nejde stahovat pošta.
gfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:52:08, on 9.9.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\ansyslmd.exe
C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Outlook Express\msimn.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVG7\avgregcl.exe /BOOT
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1029
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3a4f9191-65a8-11d5-85c1-0001023952c1} (TE) - http://www.skylinesoft.com/interactive/ ... all/TE.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0463301703
O16 - DPF: {B10CBD8D-F9B6-11CF-9B38-0080AD11B667} (Ikonic Button Control) - file:///C:/novak/Strojnicke_tabulky/script/ikcntrls.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file://C:\Program Files\Autocad_L\AcPreview.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Bentley License Client (IEGLicSrv) - Bentley Systems Inc. - C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8542 bytes

[jaro3]

Zkusíme ComboFix,pak zkus v nastavení pošty , je-li vše O.K, případně donastav:
Stáhni si ComboFix (by sUBs)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[petr7003]

Výpis posílám v příloze.

[jaro3]

Ten vlož sem, zkopíruj a vlož.

[petr7003]

Jenže má cca460000 znaků a tady mi to veme 60000.

[jaro3]

S tím jsem se nesetkal, a to posílají logy z CF a HJT najednou.Normálně text zkopíruj myší a vlož sem.

[petr7003]

Včera jsem byl mimo, tak posílám log nyní (spustil jsem to ještě jednou a je to o dost menší)
omboFix 08-09-05.10 - Petr Novák 2008-09-11 8:08:08.9 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.616 [GMT 2:00]
Spusteny z: C:\Documents and Settings\Petr Novák\Plocha\ComboFix.exe

VAROVANI - NA TOMTO POCITACI NENI NAINSTALOVANA KONZOLA PRO ZOTAVENI !!
.

((((((((((((((((((((((((( Soubory vytvorene od 2008-08-11 do 2008-09-11 )))))))))))))))))))))))))))))))
.

2008-09-09 14:54 . 2008-09-09 14:54 <DIR> d-------- C:\Documents and Settings\Petr Novßk
2008-09-04 09:52 . 2008-09-04 11:10 <DIR> d-------- C:\Piskomil
2008-09-02 11:57 . 2008-09-02 11:57 648,704 --a------ C:\plot.doc
2008-09-01 14:33 . 2008-09-01 14:36 89 --a------ C:\WINDOWS\HEU.INI
2008-09-01 14:32 . 2008-09-01 14:32 <DIR> d-------- C:\LEDA
2008-08-28 07:38 . 2008-08-28 07:38 <DIR> d-------- C:\WINDOWS\system32\cs
2008-08-28 07:38 . 2008-08-28 07:38 <DIR> d-------- C:\WINDOWS\system32\bits
2008-08-28 07:38 . 2008-08-28 07:38 <DIR> d-------- C:\WINDOWS\l2schemas
2008-08-27 14:23 . 2008-08-01 04:25 1,473,810,432 --a------ C:\utdodi-PDM.avi
2008-08-19 09:56 . 2008-08-19 09:56 2,849 --a------ C:\012_BAL_C_OU08_T_DIAGRAM_R0_aaa Model (1).pdf
2008-08-19 09:55 . 2008-08-19 09:55 1,244 --a------ C:\pokus44.pc3
2008-08-19 08:40 . 2004-08-17 15:43 326,912 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-19 08:06 . 2008-08-21 12:21 178 --a------ C:\WINDOWS\wcx_ftp.ini
2008-08-14 12:18 . 2008-08-14 12:18 <DIR> d-------- C:\Program Files\RAR Password Cracker
2008-08-14 12:11 . 2008-08-14 12:14 979 --a------ C:\WINDOWS\ARCHPR.INI
2008-08-14 08:27 . 2008-08-14 08:27 <DIR> d-------- C:\Program Files\NavisWorks Licensing
2008-08-14 08:26 . 2008-09-08 15:19 <DIR> d-------- C:\Program Files\NavisWorks 5
2008-08-13 12:21 . 2008-08-13 12:21 <DIR> d-------- C:\Program Files\Share Rapid Uploader
2008-08-13 09:02 . 2008-04-11 21:06 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-12 11:39 . 2008-08-12 11:39 <DIR> d-------- C:\Program Files\VisualConnection
2008-08-12 11:39 . 2008-08-12 11:49 <DIR> d-------- C:\Documents and Settings\Petr Novák\Data aplikací\CTVoD
2008-08-11 11:03 . 2008-08-11 11:03 <DIR> d-------- C:\Videos
2008-08-11 11:03 . 2008-08-11 11:03 <DIR> d-------- C:\Documents and Settings\Petr Novák\Data aplikací\CoolFlvMan

.
(((((((((((((((((((((((((((((((((((((((( Find3M vypis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-11 06:07 --------- d-----w C:\Documents and Settings\Petr Novák\Data aplikací\uTorrent
2008-09-11 06:06 --------- d-----w C:\Documents and Settings\Petr Novák\Data aplikací\MegauploadToolbar
2008-09-11 05:56 --------- d-----w C:\Documents and Settings\Petr Novák\Data aplikací\AVG7
2008-09-09 07:34 --------- d-----w C:\Program Files\NoAdware5.0
2008-08-14 10:11 --------- d-----w C:\Program Files\ElcomSoft
2008-08-14 06:28 --------- d-----w C:\Documents and Settings\Petr Novák\Data aplikací\NavisWorks 5
2008-08-14 06:28 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NavisWorks 5
2008-08-13 10:36 --------- d-----w C:\Program Files\Cool CENZURA
2008-08-13 06:43 --------- d-----w C:\Program Files\conVERTER
2008-08-13 06:42 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-08-13 06:42 249,856 ------w C:\WINDOWS\Setup1.exe
2008-08-04 08:31 --------- d-----w C:\Program Files\FlashGet
2008-08-04 08:22 --------- d-----w C:\Documents and Settings\Petr Novák\Data aplikací\CoolYouTubeDownloader
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-15 12:18 --------- d-----w C:\Documents and Settings\Petr Novák\Data aplikací\Nokia
2008-07-15 12:18 --------- d-----w C:\Documents and Settings\Petr Novák\Data aplikací\Datalayer
2008-07-11 05:28 --------- d-----w C:\Program Files\RapidSpool
2008-07-07 20:29 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:42 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:49 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-17 07:54 55,456 ----a-w C:\Documents and Settings\Petr Novák\Data aplikací\GDIPFONTCACHEV1.DAT
2005-09-15 06:53 36,552 ----a-w C:\Documents and Settings\aaa\Data aplikací\GDIPFONTCACHEV1.DAT
2005-06-13 23:37 3,606 ----a-w C:\Program Files\ReadMe.txt
2005-06-13 23:25 241,664 ----a-w C:\Program Files\IMGTool.exe
.

((((((((((((((((((((((((((((( snapshot_2008-09-09_14.54.21.93 )))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spousteci body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznamka* prazdne zaznamy & legitimni vychozi udaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 1409024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-08 171448]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"µTorrent"="C:\Program Files\uTorrent\utorrent.exe" [2008-08-14 267056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2005-12-22 284207]
"AVG7_EMC"="C:\PROGRA~1\Grisoft\AVG7\avgemc.exe" [2005-12-22 174132]
"AVG7_RegCleaner"="C:\PROGRA~1\Grisoft\AVG7\avgregcl.exe" [2005-12-22 69683]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-03 339968]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\Smtray.exe" [2002-06-26 90112]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 81920]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-09-12 229952]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-04-26 237568]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-10-08 1838592]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-03-15 233472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2005-12-22 56878]

C:\Documents and Settings\aaa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
PowerReg SchedulerV2.exe [2004-12-09 256000]

C:\Documents and Settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe [2006-06-07 82026]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-10-08 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-04-30 18:08 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
"msacm.g723"= g723.acm
"vidc.I263"= I263_32.drv

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\ANSYS.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\ans_admin.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\ls970.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\ls970_DP.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\lsprepostd.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\mpitest.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\mpitestmpich.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\sxpost.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\tclsh.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\wish.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\DANSYS\\ANSYS.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\bin\\Intel\\DANSYSMPICH\\ANSYS.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\CommonFiles\\TCL\\bin\\Intel\\tclsh.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\CommonFiles\\TCL\\bin\\Intel\\wish.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\ac4\\bin\\catia\\Intel\\ac4catia.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\CommonFiles\\CATIAV5\\Intel\\code\\bin\\ac4catia5.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\ac4\\bin\\para\\Intel\\ac4para.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\ac4\\bin\\pro\\Intel\\ac4pro.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\ac4\\bin\\sat\\Intel\\ac4sat.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\ac4\\bin\\ug10\\Intel\\ansconug10.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\ac4\\bin\\ug20\\Intel\\ansconug20.exe"=
"C:\\Program Files\\Ansys Inc\\v100\\ANSYS\\ac4\\bin\\ug30\\Intel\\ansconug30.exe"=
"C:\\aa\\StrongDC.exe"=
"C:\\aa\\a\\CZDCPlusPlus-0666[M]\\CZDCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14134:TCP"= 14134:TCP:BitComet 14134 TCP
"14134:UDP"= 14134:UDP:BitComet 14134 UDP
"16330:TCP"= 16330:TCP:BitComet 16330 TCP
"16330:UDP"= 16330:UDP:BitComet 16330 UDP
"7046:TCP"= 7046:TCP:BitComet 7046 TCP
"7046:UDP"= 7046:UDP:BitComet 7046 UDP

R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager;C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe [2004-10-26 909312]
R2 IEGLicSrv;Bentley License Client;C:\Program Files\Common Files\Bentley Shared\IEG\IEGLCS\IEGLicSrv.exe [2006-08-30 36864]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-13 69120]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9bbe69a-62f5-11dd-9374-0011119f5cb9}]
\Shell\AutoRun\command - I:\wd_windows_tools\setup.exe
.
Obsah adresare 'Naplanovane ulohy'
.
.
------- Doplnkovy sken -------
.
FireFox -: Profile - C:\Documents and Settings\Petr Novák\Data aplikací\Mozilla\Firefox\Profiles\d0alyd9y.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://google.atcomet.com/b/
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-11 08:11:43
Windows 5.1.2600 Service Pack 3 NTFS

skenovani skrytych procesu ...

skenovani skrytych polozek 'Po spusteni' ...

skenovani skrytych souboru ...

sken byl uspesne dokoncen
skryte soubory: 0

**************************************************************************
.
--------------------- Knihovny navazane na bezici procesy ---------------------

PROCES: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Celkovy cas: 2008-09-11 8:13:21
ComboFix-quarantined-files.txt 2008-09-11 06:13:06
ComboFix2.txt 2008-09-09 12:54:45
ComboFix3.txt 2008-03-13 13:05:48
ComboFix4.txt 2008-03-13 12:24:14
ComboFix5.txt 2008-09-11 06:07:58

Pre-Run: Volných bajtů: 15,684,149,248
Post-Run: Volných bajtů: 15,676,846,080

187 --- E O F --- 2008-09-08 09:23:36