zone alarm - nefunguje a hlásí chyby

magiccc · Příspěvekod **magiccc** » 21 črc 2009 16:46

To asi můžeme.. nainstaluju si jiný. Jak to teda mám udělat?

Reklama

Damned · Příspěvekod **Damned** » 21 črc 2009 17:11

Stáhni si RSIT, klikni na "Continue" a nech ho provést sken.
Za chvíli se vygeneruje log se jménem log.txt (pokud nebude log vygenerován, najdeš jej v C:\rsit\log.txt); jeho obsah mi sem zkopíruj.
Zkopíruj sem (nebo přilož) i druhý log s názvem info.txt

magiccc · Příspěvekod **magiccc** » 21 črc 2009 21:16

Logfile of random's system information tool 1.06 (written by random/random)
Run by Petruška at 2009-07-21 21:16:04
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 16 GB (21%) free of 76 GB
Total RAM: 767 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:11, on 21.7.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\jajc\jajc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Documents and Settings\Petruška\Plocha\RSIT.exe
D:\Program Files\HJT\Petruška.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [JAJC] "C:\Program Files\jajc\jajc.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.brave.cz
O16 - DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} (WebGuard Control) - http://90.178.196.192:5841/WatSearCtrl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\Windows\system32\OOD2000.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

--
End of file - 5229 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-02-27 921600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"JAJC"=C:\Program Files\jajc\jajc.exe [2004-06-07 5337600]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe [2002-10-07 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorXP]
C:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Felix]
C:\Program Files\ScreenMates\Start FELIX21.EXE [1999-12-03 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe [2005-05-09 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2006-12-15 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2005-07-17 980752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Port pro program Symantec Fax Starter Edition.lnk]
C:\PROGRA~1\MICROS~3\Office\1029\OLFSNT40.EXE [1999-04-07 46080]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Windows\system32\ZoneLabs\vsmon.exe"="C:\Windows\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service"
"C:\Windows\system32\dpnsvr.exe"="C:\Windows\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-07-21 21:16:04 ----D---- C:\rsit
2009-07-19 11:46:58 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-18 20:37:55 ----SHD---- C:\Recycled
2009-07-18 20:23:04 ----D---- C:\WINDOWS\temp
2009-07-18 14:41:12 ----A---- C:\Boot.bak
2009-07-18 14:41:08 ----RASHD---- C:\cmdcons
2009-07-18 13:25:29 ----D---- C:\Documents and Settings\Petruška\Data aplikací\Malwarebytes
2009-07-18 13:25:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-07-16 09:01:32 ----HD---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-16 09:00:58 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-16 08:56:14 ----HD---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-05 14:53:35 ----D---- C:\Documents and Settings\Petruška\Data aplikací\Složka odesílání Share-to-Web
2009-06-29 15:08:14 ----D---- C:\Documents and Settings\Petruška\Data aplikací\Canon

======List of files/folders modified in the last 1 months======

2036-02-07 02:58:16 ----A---- C:\Program Files\Setup_MoorhuhnKartExtra-XS-V10.exe
2009-07-21 16:49:00 ----A---- C:\WINDOWS\Schedlgu.txt
2009-07-18 20:18:36 ----A---- C:\WINDOWS\system.ini
2009-07-18 14:41:14 ----RASH---- C:\boot.ini
2009-07-18 12:12:40 ----A---- C:\WINDOWS\win.ini
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-08-01 82380]
R1 CloneCD;CloneCD I/O Driver; C:\WINDOWS\system32\drivers\CloneCD.sys [2000-08-25 4840]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2005-07-17 366736]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 Cap7134;MuchTV Plus Capture; C:\WINDOWS\System32\DRIVERS\Cap7134.sys [2003-03-07 348160]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-07-16 379726]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-09-03 47360]
R3 PhTVTune;MuchTV Plus TVTuner; C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [2003-03-07 24000]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 ac97intc;Služba instalace zvukového ovladače Intel(r) (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE31bus.sys [2006-05-01 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE31mdfl.sys [2006-05-01 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE31mdm.sys [2006-05-01 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE31mgmt.sys [2006-05-01 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS); C:\WINDOWS\system32\DRIVERS\se31nd5.sys [2006-05-01 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE31obex.sys [2006-05-01 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM); C:\WINDOWS\system32\DRIVERS\se31unic.sys [2006-05-01 90800]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-02-27 507904]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S2 OOD2000;O&O Defrag 2000; C:\Windows\system32\OOD2000.exe [2001-04-06 238080]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe [2005-07-17 1672976]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-09-18 654848]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-04-07 65795]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

magiccc · Příspěvekod **magiccc** » 21 črc 2009 21:17

info.txt logfile of random's system information tool 1.06 2009-07-21 21:16:17

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{3420E724-6DDB-49C2-BA39-165F543C147C}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\4977c84bcdc298c444ccfbdcccb660d\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Setup-->MsiExec.exe /I{0901FCE8-5415-4499-BBC8-1AA106DD66E2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Aktualizace systému Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Archivátor WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Balíček ovladače systému Windows - Nokia Modem (02/23/2009 7.01.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_171C10620CF14FA76859E310DF8C6CF642D81C73\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (02/24/2009 4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_5929FEDBB724B17D4BCDD74361BD95262BE1608B\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.

-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Battle.net-->C:\WINDOWS\bnetunin.exe
BSPlayer-->"C:\Program Files\BSPlayer\uninstall.exe"
CloneCD-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Elaborate Bytes\CloneCD\Uninst.isu"
ConvertXtoDVD 2.0.9b-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
CursorXP-->C:\Program Files\CursorXP\CurXPUtil.exe -u
DC++ 0.674-->"C:\Program Files\DC++\uninstall.exe"
Diablo-->C:\WINDOWS\diabunin.exe
Důležitá aktualizace aplikace Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
DVD Shrink 3.2-->"C:\Documents and Settings\Petruška\Dokumenty\DVD Shrink\unins000.exe"
DVDFab Platinum 2.9.1.0-->"C:\Program Files\DVDFab Platinum\unins000.exe"
Free 3GP Video Converter version 2.4-->"C:\Program Files\DVDVideoSoft\Free 3GP Video Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Memories Disc-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{BC3EAA6A-FA0A-4E88-87DE-A34D0DFF3FDF}
hp psc 1100 series-->MsiExec.exe /X{01161F64-6897-4885-93A0-A9F7BE9A4253}
hp psc 1100 series-->rundll32 hpzcon07.dll,VendorJettison hp psc 1100 series
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Klient Správy přístupových práv v systému Windows (WRM)-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Microsoft .NET Framework 1.1 Czech Language Pack-->MsiExec.exe /X{5E65E94D-69F2-4850-9E93-6459C53A0F50}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000405-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Works 7.0-->MsiExec.exe /I{0225EA96-0CBF-4FDB-B303-5F42BBD417FB}
Moorfrosch XS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10F15459-C54E-41BA-AC83-F12ACAF24690}\Setup.exe" -l0x7
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst
MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe
Nero 7 Premium-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
NOD32 antivirus system-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe"
Nokia Connectivity Cable Driver-->MsiExec.exe /I{82427977-8776-4087-90CA-9F65174D3C4D}
Nokia PC Suite-->C:\Documents and Settings\All Users\Data aplikací\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_cze.exe
Nokia PC Suite-->MsiExec.exe /I{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}
Nokia Software Updater-->MsiExec.exe /X{9F59C3AE-81B0-4EF6-9762-D674BB079705}
O&O Defrag 2000 Freeware Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86E5246-AA7E-11D4-88C9-00105ADBE398}\Setup.exe"
OLYMPUS CAMEDIA Master 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\Setup.exe" CAMEDIA Master 4.2
Oprava hotfix aplikace Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Oprava hotfix programu Windows Media Player 9 [další informace viz KB885492]-->C:\WINDOWS\$NtUninstallKB885492$\spuninst\spuninst.exe
Oprava Hotfix systému Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
PC Connectivity Solution-->MsiExec.exe /I{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}
PCI Audio Driver-->cmuninst.exe
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
rajče beta48-->"C:\Program Files\rajce\unins000.exe"
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
SolveigMM AVI Trimmer-->"C:\Program Files\Solveig Multimedia\SolveigMM AVI Trimmer\Uninstall.exe" "C:\Program Files\Solveig Multimedia\SolveigMM AVI Trimmer\install.log" -u
SolveigMM WMP Trimmer Plugin-->"C:\Program Files\Solveig Multimedia\SolveigMM AVI Trimmer\SolveigMM WMP Trimmmer Plugin\Uninstall.exe" "C:\Program Files\Solveig Multimedia\SolveigMM AVI Trimmer\SolveigMM WMP Trimmmer Plugin\install.log" -u
Sony Ericsson PC Suite 1.20.224-->MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
SUPER © Version 2006.19 (FIX)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Transport Tycoon Deluxe-->"C:\TTDX\unins000.exe"
Uninstall 1.0.0.0-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp Toolbar for Firefox-->"C:\Documents and Settings\Petruška\Data aplikací\Mozilla\Firefox\Profiles\7wz42br1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Zpracování fotografií a obrázků HP 2.0 - All-in-One ovladač-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
Zpracování fotografií a obrázků HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
Zpracování fotografií a obrázku HP 2.0 - HP psc 1100-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot

=====HijackThis Backups=====

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2008-10-26]
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing) [2008-10-26]
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing) [2008-10-26]
O4 - HKLM\..\Run: [security] C:\WINDOWS\security.exe [2008-11-12]
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe [2009-07-18]
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2009-07-18]
R3 - URLSearchHook: (no name) - - (no file) [2009-07-18]
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2009-07-18]
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE [2009-07-18]
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto [2009-07-18]

======Security center information======

AV: Eset NOD32 antivirus system 2.51 (outdated)
FW: ZoneAlarm Firewall

======System event log======

Computer Name: PETRUŠKA
Event Code: 7036
Message: Stav služby O&O Defrag 2000 byl změněn na: Zastaveno

Record Number: 86714
Source Name: Service Control Manager
Time Written: 20090630095229.000000+120
Event Type: Informace
User:

Computer Name: PETRUŠKA
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno

Record Number: 86713
Source Name: Service Control Manager
Time Written: 20090630095051.000000+120
Event Type: Informace
User:

Computer Name: PETRUŠKA
Event Code: 7036
Message: Stav služby Správce vzdáleného přístupu byl změněn na: Spuštěno

Record Number: 86712
Source Name: Service Control Manager
Time Written: 20090630095046.000000+120
Event Type: Informace
User:

Computer Name: PETRUŠKA
Event Code: 7036
Message: Stav služby Služba brány aplikačního rozhraní byl změněn na: Spuštěno

Record Number: 86711
Source Name: Service Control Manager
Time Written: 20090630095046.000000+120
Event Type: Informace
User:

Computer Name: PETRUŠKA
Event Code: 7036
Message: Stav služby Služba rozpoznávání pomocí protokolu SSDP byl změněn na: Spuštěno

Record Number: 86710
Source Name: Service Control Manager
Time Written: 20090630095046.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: PETRUŠKA
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 9799
Source Name: SecurityCenter
Time Written: 20080717092248.000000+120
Event Type: Informace
User:

Computer Name: PETRUŠKA
Event Code: 1
Message:
Record Number: 9798
Source Name: Bonjour Service
Time Written: 20080717092203.000000+120
Event Type: Informace
User:

Computer Name: PETRUŠKA
Event Code: 1517
Message: Systém Windows uložil registr uživatele PETRUŠKA\Petruška, ale některá z aplikací nebo služeb během odhlášení registr nadále používala. Paměť používaná registrem uživatele nebyla uvolněna. Registr bude uvolněn, jakmile již nebude používán.

To je často způsobeno tím, že jsou služby spuštěny pomocí uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo síťové služby.

Record Number: 9797
Source Name: Userenv
Time Written: 20080717092001.000000+120
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: PETRUŠKA
Event Code: 0
Message:
Record Number: 9796
Source Name: ServiceLayer
Time Written: 20080717075434.000000+120
Event Type: Informace
User:

Computer Name: PETRUŠKA
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 9795
Source Name: SecurityCenter
Time Written: 20080717075418.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Common Files\Teleca Shared
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"DEFAULT_CA_NR"=CA6
"tvdumpflags"=8

-----------------EOF-----------------

Damned · Příspěvekod **Damned** » 21 črc 2009 22:14

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
*****************************************************************************************************************************************
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
C:\WINDOWS\System32\vsdatant.sys
C:\WINDOWS\System32\vsdata.dll
C:\Documents and Settings\Petruška\LOCALSETTINGS\Temp\vsinit.dll

Folder::
C:\WINDOWS\SYSTEM32\ZONELABS
C:\Program Files\Zone Labs

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\
authorizedapplications\list]
"C:\Windows\system32\ZoneLabs\vsmon.exe"=-

Driver::
vsmon;TrueVector Internet Monitor
vsmon
TrueVector
TrueVector Internet Monitor
TrueVector Service
vsdatant;vsdatant
vsdatant

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Podtržená část je jeden řádek- vlož v jednom řádku bez podtržení!!! Pod tím bude to C:\... bez mezery mezi řádky
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

To by mělo být vše od toho ZoneLabs.

magiccc · Příspěvekod **magiccc** » 22 črc 2009 02:00

ComboFix 09-07-21.01 - Petruška 22.07.2009 1:45.5.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.767.463 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petruška\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petruška\Plocha\CFScript.txt
AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý

FILE ::
"c:\documents and settings\Petruška\LOCALSETTINGS\Temp\vsinit.dll"
"c:\windows\System32\vsdata.dll"
"c:\windows\System32\vsdatant.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Zone Labs
c:\program files\Zone Labs\ZoneAlarm\alert.zap
c:\program files\Zone Labs\ZoneAlarm\cam.zap
c:\program files\Zone Labs\ZoneAlarm\email.zap
c:\program files\Zone Labs\ZoneAlarm\ErrorLog.txt
c:\program files\Zone Labs\ZoneAlarm\expert.dll
c:\program files\Zone Labs\ZoneAlarm\filter.zap
c:\program files\Zone Labs\ZoneAlarm\firewall.zap
c:\program files\Zone Labs\ZoneAlarm\framewrk.dll
c:\program files\Zone Labs\ZoneAlarm\idlock.zap
c:\program files\Zone Labs\ZoneAlarm\INSTALL.LOG
c:\program files\Zone Labs\ZoneAlarm\license.txt
c:\program files\Zone Labs\ZoneAlarm\privacy.zap
c:\program files\Zone Labs\ZoneAlarm\programs.zap
c:\program files\Zone Labs\ZoneAlarm\readme.html
c:\program files\Zone Labs\ZoneAlarm\repair\vsdb.dll
c:\program files\Zone Labs\ZoneAlarm\repair\vsinit.dll
c:\program files\Zone Labs\ZoneAlarm\repair\vsmon.exe
c:\program files\Zone Labs\ZoneAlarm\repair\vsruledb.dll
c:\program files\Zone Labs\ZoneAlarm\repair\vsutil.dll
c:\program files\Zone Labs\ZoneAlarm\scan.zap
c:\program files\Zone Labs\ZoneAlarm\scan.zmx
c:\program files\Zone Labs\ZoneAlarm\security.zap
c:\program files\Zone Labs\ZoneAlarm\zatutor.exe
c:\program files\Zone Labs\ZoneAlarm\zauninst.exe
c:\program files\Zone Labs\ZoneAlarm\zl_priv.htm
c:\program files\Zone Labs\ZoneAlarm\zlclient.exe
c:\program files\Zone Labs\ZoneAlarm\zonealarm.exe
c:\windows\System32\vsdata.dll
c:\windows\System32\vsdatant.sys
c:\windows\SYSTEM32\ZONELABS
c:\windows\SYSTEM32\ZONELABS\camupd.dll
c:\windows\SYSTEM32\ZONELABS\cerbprovider.pvx
c:\windows\SYSTEM32\ZONELABS\dbghelp.dll
c:\windows\SYSTEM32\ZONELABS\osfwrules.xml
c:\windows\SYSTEM32\ZONELABS\qrbase.dll
c:\windows\SYSTEM32\ZONELABS\qrsrecl.dll
c:\windows\SYSTEM32\ZONELABS\safePrograms.xml
c:\windows\SYSTEM32\ZONELABS\scheduler.dll
c:\windows\SYSTEM32\ZONELABS\spyware.dat
c:\windows\SYSTEM32\ZONELABS\srescan.dll
c:\windows\SYSTEM32\ZONELABS\ssleay32.dll
c:\windows\SYSTEM32\ZONELABS\vsavpro.dll
c:\windows\SYSTEM32\ZONELABS\vsdb.dll
c:\windows\SYSTEM32\ZONELABS\vsmon.exe
c:\windows\SYSTEM32\ZONELABS\vsruledb.dll
c:\windows\SYSTEM32\ZONELABS\vsvault.dll
c:\windows\SYSTEM32\ZONELABS\ZLCommDB.xml
c:\windows\SYSTEM32\ZONELABS\zlparser.dll
c:\windows\SYSTEM32\ZONELABS\zlquarantine.dll
c:\windows\SYSTEM32\ZONELABS\zlsre.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_VSDATANT
-------\Legacy_VSMON
-------\Service_vsdatant
-------\Service_vsmon

((((((((((((((((((((((((( Soubory vytvořené od 2009-06-21 do 2009-07-21 )))))))))))))))))))))))))))))))
.

2009-07-21 19:16 . 2009-07-21 19:16 -------- d-----w- C:\rsit
2009-07-17 07:52 . 2009-07-17 07:52 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2036-02-07 00:58 . 2004-01-10 08:31 26936078 ----a-w- c:\program files\Setup_MoorhuhnKartExtra-XS-V10.exe
2009-07-21 19:12 . 2009-07-21 19:12 10619993 ------w- c:\windows\Internet Logs\vsmon_2nd_2009_07_21_16_42_15_full.dmp.zip
2009-07-21 09:48 . 2009-07-21 09:48 46730 ------w- c:\windows\Internet Logs\GLB35_2nd_2009_07_21_09_59_06_small.dmp.zip
2009-07-21 07:59 . 2009-07-21 07:59 24039 ------w- c:\windows\Internet Logs\vsmon_2nd_2009_07_21_09_55_50_small.dmp.zip
2009-07-21 07:48 . 2009-07-21 07:48 26401 ------w- c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_44_23_small.dmp.zip
2009-07-20 20:44 . 2009-07-20 20:44 26342 ------w- c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_33_28_small.dmp.zip
2009-07-20 20:29 . 2009-07-20 20:29 25643 ------w- c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_28_49_small.dmp.zip
2009-07-20 20:24 . 2009-07-20 20:24 24407 ------w- c:\windows\Internet Logs\vsmon_2nd_2009_07_20_17_22_54_small.dmp.zip
2009-07-20 15:22 . 2009-07-20 15:22 32572 ------w- c:\windows\Internet Logs\zatutor_2nd_2009_07_20_14_22_40_small.dmp.zip
2009-07-20 12:17 . 2009-07-20 12:17 24081 ------w- c:\windows\Internet Logs\vsmon_2nd_2009_07_20_14_06_01_small.dmp.zip
2009-07-20 07:44 . 2009-07-20 07:44 45972 ------w- c:\windows\Internet Logs\GLBA5_2nd_2009_07_20_09_37_33_small.dmp.zip
2009-06-16 14:40 . 1979-12-31 22:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 1979-12-31 22:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-08 21:00 . 2009-06-08 21:00 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-08 20:52 . 2009-06-08 20:52 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-05 19:41 . 2009-06-05 19:41 -------- d-----w- c:\program files\MSECache
2009-06-03 19:11 . 2004-07-09 17:43 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:33 . 1979-12-31 22:00 346624 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:47 . 2005-06-17 22:25 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:47 . 2004-08-17 22:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2005-12-22 21:23 . 2004-07-05 15:24 606 ---ha-w- c:\program files\hpothb07.dat
2005-12-22 21:23 . 2004-07-05 15:24 1271 ---ha-w- c:\program files\hpothb07.tif
2004-07-05 15:30 . 2004-07-05 15:30 958 ---ha-w- c:\program files\Common Files\hpothb07.dat
2004-07-05 15:30 . 2004-07-05 15:30 1493 ---ha-w- c:\program files\Common Files\hpothb07.tif
2000-12-16 15:58 . 2004-02-01 15:00 398976 ----a-w- c:\program files\STAHUJ.EXE
2000-12-08 16:21 . 2004-02-01 14:59 420682 ----a-w- c:\program files\Postel.exe
1999-06-30 04:37 . 2004-02-01 15:00 191488 ----a-w- c:\program files\MAN_TEST.EXE
1999-04-07 18:39 . 1999-04-07 18:39 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
1998-12-09 03:53 . 1998-12-09 03:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
1998-12-09 03:53 . 1998-12-09 03:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
2009-06-13 17:56 . 2008-08-26 13:07 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2005-10-13 19:27 . 2005-10-13 19:27 422400 --sha-r- c:\windows\x2.64.exe
2005-05-13 15:12 . 2005-05-13 15:12 217073 --sha-r- c:\windows\meta4.exe
2005-10-24 09:13 . 2005-10-24 09:13 66560 --sha-r- c:\windows\MOTA113.exe
2005-06-26 13:32 . 2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 . 2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2005-10-07 17:14 . 2005-10-07 17:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
2005-02-28 11:16 . 2005-02-28 11:16 240128 --sha-r- c:\windows\system32\x.264.exe
2005-07-14 10:31 . 2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2006-04-27 08:24 . 2006-04-27 08:24 2945024 --sha-r- c:\windows\system32\Smab.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JAJC"="c:\program files\jajc\jajc.exe" [2004-06-07 5337600]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-02-27 921600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-07-28 49152]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Port pro program Symantec Fax Starter Edition.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Port pro program Symantec Fax Starter Edition.lnk
backup=c:\windows\pss\Port pro program Symantec Fax Starter Edition.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Windows\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [29.8.2007 3:04 116264]
R1 CloneCD;CloneCD I/O Driver;c:\windows\system32\drivers\CloneCD.sys [20.12.2003 18:01 4840]
R3 PhTVTune;MuchTV Plus TVTuner;c:\windows\system32\drivers\PhTVTune.sys [3.12.2003 18:13 24000]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [5.5.2007 17:52 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [5.5.2007 17:53 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [5.5.2007 17:53 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [5.5.2007 17:57 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);c:\windows\system32\drivers\se31nd5.sys [5.5.2007 18:00 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [5.5.2007 17:56 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);c:\windows\system32\drivers\se31unic.sys [5.5.2007 17:59 90800]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
mStart Page = hxxp://home.sweetim.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html
LSP: c:\windows\system32\imon.dll
DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} - hxxp://90.178.196.192:5841/WatSearCtrl.cab
FF - ProfilePath - c:\documents and settings\Petruška\Data aplikací\Mozilla\Firefox\Profiles\7wz42br1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-22 01:54
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(868)
c:\windows\system32\imon.dll

- - - - - - - > 'explorer.exe'(1964)
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\BONJOUR\MDNSRESPONDER.EXE
c:\program files\ESET\NOD32KRN.EXE
c:\program files\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE
c:\program files\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLRSSRV.EXE
c:\program files\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLUSBSRV.EXE
.
**************************************************************************
.
Celkový čas: 2009-07-21 1:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-07-21 23:58

Před spuštěním: Volných bajtů: 16 876 208 128
Po spuštění: Volných bajtů: 16 772 988 928

230 --- E O F --- 2009-07-17 08:09

magiccc · Příspěvekod **magiccc** » 22 črc 2009 02:11

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:38, on 22.7.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\jajc\jajc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\Program Files\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [JAJC] "C:\Program Files\jajc\jajc.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.brave.cz
O16 - DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} (WebGuard Control) - http://90.178.196.192:5841/WatSearCtrl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\Windows\system32\OOD2000.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 4869 bytes

Damned · Příspěvekod **Damned** » 22 črc 2009 02:40

Předpokládám, že se ty hlášky již neobjevují.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\Internet Logs\vsmon_2nd_2009_07_21_16_42_15_full.dmp.zip
c:\windows\Internet Logs\GLB35_2nd_2009_07_21_09_59_06_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_21_09_55_50_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_44_23_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_33_28_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_28_49_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_17_22_54_small.dmp.zip
c:\windows\Internet Logs\zatutor_2nd_2009_07_20_14_22_40_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_14_06_01_small.dmp.zip
c:\windows\Internet Logs\GLBA5_2nd_2009_07_20_09_37_33_small.dmp.zip

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Log z HJT je v pořádku.

magiccc · Příspěvekod **magiccc** » 22 črc 2009 19:01

ComboFix 09-07-21.01 - Petruška 22.07.2009 18:44.6.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.767.469 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petruška\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petruška\Plocha\CFScript.txt
AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Rezidentní štít AV je zapnutý

FILE ::
"c:\windows\Internet Logs\GLB35_2nd_2009_07_21_09_59_06_small.dmp.zip"
"c:\windows\Internet Logs\GLBA5_2nd_2009_07_20_09_37_33_small.dmp.zip"
"c:\windows\Internet Logs\vsmon_2nd_2009_07_20_14_06_01_small.dmp.zip"
"c:\windows\Internet Logs\vsmon_2nd_2009_07_20_17_22_54_small.dmp.zip"
"c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_28_49_small.dmp.zip"
"c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_33_28_small.dmp.zip"
"c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_44_23_small.dmp.zip"
"c:\windows\Internet Logs\vsmon_2nd_2009_07_21_09_55_50_small.dmp.zip"
"c:\windows\Internet Logs\vsmon_2nd_2009_07_21_16_42_15_full.dmp.zip"
"c:\windows\Internet Logs\zatutor_2nd_2009_07_20_14_22_40_small.dmp.zip"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Internet Logs\GLB35_2nd_2009_07_21_09_59_06_small.dmp.zip
c:\windows\Internet Logs\GLBA5_2nd_2009_07_20_09_37_33_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_14_06_01_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_17_22_54_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_28_49_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_33_28_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_20_22_44_23_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_21_09_55_50_small.dmp.zip
c:\windows\Internet Logs\vsmon_2nd_2009_07_21_16_42_15_full.dmp.zip
c:\windows\Internet Logs\zatutor_2nd_2009_07_20_14_22_40_small.dmp.zip

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-06-22 do 2009-07-22 )))))))))))))))))))))))))))))))
.

2009-07-22 00:37 . 2009-07-22 00:37 -------- d-----w- c:\program files\Zone Labs
2009-07-22 00:24 . 2009-07-22 00:24 -------- d-----w- c:\windows\system32\Zonelabs
2009-07-21 19:16 . 2009-07-21 19:16 -------- d-----w- C:\rsit
2009-07-17 07:52 . 2009-07-17 07:52 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2036-02-07 00:58 . 2004-01-10 08:31 26936078 ----a-w- c:\program files\Setup_MoorhuhnKartExtra-XS-V10.exe
2009-06-16 14:40 . 1979-12-31 22:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 1979-12-31 22:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-08 21:00 . 2009-06-08 21:00 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-08 20:52 . 2009-06-08 20:52 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-05 19:41 . 2009-06-05 19:41 -------- d-----w- c:\program files\MSECache
2009-06-03 19:11 . 2004-07-09 17:43 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:33 . 1979-12-31 22:00 346624 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:47 . 2005-06-17 22:25 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:47 . 2004-08-17 22:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2005-12-22 21:23 . 2004-07-05 15:24 606 ---ha-w- c:\program files\hpothb07.dat
2005-12-22 21:23 . 2004-07-05 15:24 1271 ---ha-w- c:\program files\hpothb07.tif
2004-07-05 15:30 . 2004-07-05 15:30 958 ---ha-w- c:\program files\Common Files\hpothb07.dat
2004-07-05 15:30 . 2004-07-05 15:30 1493 ---ha-w- c:\program files\Common Files\hpothb07.tif
2000-12-16 15:58 . 2004-02-01 15:00 398976 ----a-w- c:\program files\STAHUJ.EXE
2000-12-08 16:21 . 2004-02-01 14:59 420682 ----a-w- c:\program files\Postel.exe
1999-06-30 04:37 . 2004-02-01 15:00 191488 ----a-w- c:\program files\MAN_TEST.EXE
1999-04-07 18:39 . 1999-04-07 18:39 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
1998-12-09 03:53 . 1998-12-09 03:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
1998-12-09 03:53 . 1998-12-09 03:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
2009-06-13 17:56 . 2008-08-26 13:07 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2005-10-13 19:27 . 2005-10-13 19:27 422400 --sha-r- c:\windows\x2.64.exe
2005-05-13 15:12 . 2005-05-13 15:12 217073 --sha-r- c:\windows\meta4.exe
2005-10-24 09:13 . 2005-10-24 09:13 66560 --sha-r- c:\windows\MOTA113.exe
2005-06-26 13:32 . 2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 . 2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2005-10-07 17:14 . 2005-10-07 17:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
2005-02-28 11:16 . 2005-02-28 11:16 240128 --sha-r- c:\windows\system32\x.264.exe
2005-07-14 10:31 . 2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2006-04-27 08:24 . 2006-04-27 08:24 2945024 --sha-r- c:\windows\system32\Smab.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-21_23.55.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-22 00:24 . 2009-02-15 22:10 38280 c:\windows\system32\Zonelabs\FeatureMap.dll
+ 2009-07-22 00:24 . 2009-02-15 22:10 98184 c:\windows\system32\Zonelabs\fbl.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JAJC"="c:\program files\jajc\jajc.exe" [2004-06-07 5337600]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-02-27 921600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-07-28 49152]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Port pro program Symantec Fax Starter Edition.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Port pro program Symantec Fax Starter Edition.lnk
backup=c:\windows\pss\Port pro program Symantec Fax Starter Edition.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Windows\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [29.8.2007 3:04 116264]
R1 CloneCD;CloneCD I/O Driver;c:\windows\system32\drivers\CloneCD.sys [20.12.2003 18:01 4840]
R3 PhTVTune;MuchTV Plus TVTuner;c:\windows\system32\drivers\PhTVTune.sys [3.12.2003 18:13 24000]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [5.5.2007 17:52 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [5.5.2007 17:53 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [5.5.2007 17:53 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [5.5.2007 17:57 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);c:\windows\system32\drivers\se31nd5.sys [5.5.2007 18:00 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [5.5.2007 17:56 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);c:\windows\system32\drivers\se31unic.sys [5.5.2007 17:59 90800]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
mStart Page = hxxp://home.sweetim.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html
LSP: c:\windows\system32\imon.dll
DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} - hxxp://90.178.196.192:5841/WatSearCtrl.cab
FF - ProfilePath - c:\documents and settings\Petruška\Data aplikací\Mozilla\Firefox\Profiles\7wz42br1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-22 18:49
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(868)
c:\windows\system32\imon.dll
.
Celkový čas: 2009-07-22 18:52
ComboFix-quarantined-files.txt 2009-07-22 16:52
ComboFix2.txt 2009-07-21 23:59

Před spuštěním: Volných bajtů: 16 783 441 920
Po spuštění: Volných bajtů: 16 753 328 128

166 --- E O F --- 2009-07-17 08:09

Damned · Příspěvekod **Damned** » 22 črc 2009 19:20

Co ty hlášky?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\Smab.dll
c:\windows\system32\Zonelabs\fbl.dll
c:\windows\system32\Zonelabs\FeatureMap.dll

Folder::
c:\program files\Zone Labs
c:\windows\system32\Zonelabs

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

magiccc · Příspěvekod **magiccc** » 22 črc 2009 23:17

Omlouvám se. Hlášky už jsou fuč...

ComboFix 09-07-21.01 - Petruška 22.07.2009 23:07.7.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.767.455 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petruška\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petruška\Plocha\CFScript.txt
AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Rezidentní štít AV je zapnutý

FILE ::
"c:\windows\system32\Smab.dll"
"c:\windows\system32\Zonelabs\fbl.dll"
"c:\windows\system32\Zonelabs\FeatureMap.dll"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Zone Labs
c:\program files\Zone Labs\ZoneAlarm\ErrorLog.txt
c:\program files\Zone Labs\ZoneAlarm\INSTALL.LOG
c:\windows\system32\Smab.dll
c:\windows\system32\Zonelabs
c:\windows\system32\Zonelabs\fbl.dll
c:\windows\system32\Zonelabs\FeatureMap.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-06-22 do 2009-07-22 )))))))))))))))))))))))))))))))
.

2009-07-21 19:16 . 2009-07-21 19:16 -------- d-----w- C:\rsit
2009-07-17 07:52 . 2009-07-17 07:52 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2036-02-07 00:58 . 2004-01-10 08:31 26936078 ----a-w- c:\program files\Setup_MoorhuhnKartExtra-XS-V10.exe
2009-06-16 14:40 . 1979-12-31 22:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 1979-12-31 22:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-08 21:00 . 2009-06-08 21:00 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-08 20:52 . 2009-06-08 20:52 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-05 19:41 . 2009-06-05 19:41 -------- d-----w- c:\program files\MSECache
2009-06-03 19:11 . 2004-07-09 17:43 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:33 . 1979-12-31 22:00 346624 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:47 . 2005-06-17 22:25 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:47 . 2004-08-17 22:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2005-12-22 21:23 . 2004-07-05 15:24 606 ---ha-w- c:\program files\hpothb07.dat
2005-12-22 21:23 . 2004-07-05 15:24 1271 ---ha-w- c:\program files\hpothb07.tif
2004-07-05 15:30 . 2004-07-05 15:30 958 ---ha-w- c:\program files\Common Files\hpothb07.dat
2004-07-05 15:30 . 2004-07-05 15:30 1493 ---ha-w- c:\program files\Common Files\hpothb07.tif
2000-12-16 15:58 . 2004-02-01 15:00 398976 ----a-w- c:\program files\STAHUJ.EXE
2000-12-08 16:21 . 2004-02-01 14:59 420682 ----a-w- c:\program files\Postel.exe
1999-06-30 04:37 . 2004-02-01 15:00 191488 ----a-w- c:\program files\MAN_TEST.EXE
1999-04-07 18:39 . 1999-04-07 18:39 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
1998-12-09 03:53 . 1998-12-09 03:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
1998-12-09 03:53 . 1998-12-09 03:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
1998-12-09 03:53 . 1998-12-09 03:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
2009-06-13 17:56 . 2008-08-26 13:07 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2005-10-13 19:27 . 2005-10-13 19:27 422400 --sha-r- c:\windows\x2.64.exe
2005-05-13 15:12 . 2005-05-13 15:12 217073 --sha-r- c:\windows\meta4.exe
2005-10-24 09:13 . 2005-10-24 09:13 66560 --sha-r- c:\windows\MOTA113.exe
2005-06-26 13:32 . 2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 . 2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2005-10-07 17:14 . 2005-10-07 17:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2004-01-24 22:00 . 2004-01-24 22:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
2005-02-28 11:16 . 2005-02-28 11:16 240128 --sha-r- c:\windows\system32\x.264.exe
2005-07-14 10:31 . 2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JAJC"="c:\program files\jajc\jajc.exe" [2004-06-07 5337600]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-02-27 921600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-07-28 49152]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Port pro program Symantec Fax Starter Edition.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Port pro program Symantec Fax Starter Edition.lnk
backup=c:\windows\pss\Port pro program Symantec Fax Starter Edition.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Windows\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [29.8.2007 3:04 116264]
R1 CloneCD;CloneCD I/O Driver;c:\windows\system32\drivers\CloneCD.sys [20.12.2003 18:01 4840]
R3 PhTVTune;MuchTV Plus TVTuner;c:\windows\system32\drivers\PhTVTune.sys [3.12.2003 18:13 24000]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [5.5.2007 17:52 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [5.5.2007 17:53 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [5.5.2007 17:53 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [5.5.2007 17:57 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);c:\windows\system32\drivers\se31nd5.sys [5.5.2007 18:00 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [5.5.2007 17:56 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);c:\windows\system32\drivers\se31unic.sys [5.5.2007 17:59 90800]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
mStart Page = hxxp://home.sweetim.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Download with Go!Zilla - file://c:\program files\Go!Zilla\download-with-gozilla.html
LSP: c:\windows\system32\imon.dll
DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} - hxxp://90.178.196.192:5841/WatSearCtrl.cab
FF - ProfilePath - c:\documents and settings\Petruška\Data aplikací\Mozilla\Firefox\Profiles\7wz42br1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-22 23:12
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(868)
c:\windows\system32\imon.dll
.
Celkový čas: 2009-07-22 23:15
ComboFix-quarantined-files.txt 2009-07-22 21:15
ComboFix2.txt 2009-07-22 16:52
ComboFix3.txt 2009-07-21 23:59

Před spuštěním: Volných bajtů: 16 766 926 848
Po spuštění: Volných bajtů: 16 741 564 416

149 --- E O F --- 2009-07-17 08:09

Damned · Příspěvekod **Damned** » 23 črc 2009 01:19

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Rezidentní štít AV je zapnutý

To mě tedy zajímé, co tam běží. Po ComboFixu tam už nevidím nic.

Spusť ještě ten RST a dej sem z něho log.

Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

zone alarm - nefunguje a hlásí chyby Vyřešeno

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Re: zone alarm - nefunguje a hlásí chyby

Kdo je online