zpomalený počítač

[pokornasek.pepan]

dobrý den,řeším zpomalený chod počítače a sekající se internet,sekne se stránka internetu nebo občas nelze vyhledávat.

porsím o kontrolu logu,díky:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Windows at 2012-09-15 18:55:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 73 GB (76%) free of 95 GB
Total RAM: 895 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:55:58, on 15.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apvfb.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\Windows\Dokumenty\RSIT.exe
C:\Program Files\trend micro\Windows.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 6752 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-05 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2010-10-07 1961240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2010-10-07 187672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-08-23 229376]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-06-02 176128]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-03 16841216]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-08-03 1826816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2006-09-14 157592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2007-08-03 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^desktop.ini]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\desktop.ini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Windows^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-07-27 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2012-09-15 10:28:11 ----D---- C:\WINDOWS\TempD37D7160-5EA4-22C3-A534-7FBB31B65B82-Signatures
2012-09-15 08:51:30 ----D---- C:\WINDOWS\TempAE8727A5-54BD-FB43-AE18-AC11508B4C6B-Signatures
2012-09-13 23:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-09-13 23:06:30 ----D---- C:\WINDOWS\Temp49A661F1-4407-8357-9104-757616FCE313-Signatures
2012-09-13 20:20:36 ----D---- C:\WINDOWS\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures
2012-09-09 08:51:47 ----D---- C:\WINDOWS\TempFC1D113A-FD5E-6B46-6895-B28CD0DCCD52-Signatures
2012-09-08 08:49:03 ----D---- C:\WINDOWS\Temp1B9329B1-4623-9710-B4B6-59D57AD6500B-Signatures
2012-09-07 17:00:21 ----D---- C:\WINDOWS\TempBDE3C51C-082B-CE8F-3F12-2F23BF15EC3B-Signatures
2012-09-03 21:47:08 ----D---- C:\WINDOWS\Temp6D4CF59A-6909-64AA-2BDB-49BC8F35BECA-Signatures
2012-09-02 22:22:05 ----D---- C:\WINDOWS\TempAC9689BE-F9D1-3BDE-B522-A3E77B90F539-Signatures
2012-09-02 08:58:22 ----D---- C:\WINDOWS\TempEDF61082-4940-4173-E299-AA79482FC13C-Signatures
2012-09-01 09:19:50 ----D---- C:\WINDOWS\Temp2A75668A-AC54-BAE5-591C-B2CE237C4CB2-Signatures
2012-08-30 20:46:12 ----D---- C:\WINDOWS\Temp29939DBD-3C47-19AB-5451-9E02DA628CAA-Signatures
2012-08-26 23:12:16 ----D---- C:\WINDOWS\Temp135738F2-EDE5-C843-8BB6-81B6F42EDE0A-Signatures
2012-08-26 10:00:21 ----D---- C:\WINDOWS\Temp303BEE2D-378F-7FED-EC62-028E35DF2AC8-Signatures
2012-08-25 08:39:44 ----D---- C:\WINDOWS\TempC33D67EA-AD71-E431-8C42-7D631F079832-Signatures
2012-08-24 17:19:48 ----D---- C:\WINDOWS\TempBB49B7D5-55E5-21BE-1A35-8476840C89B9-Signatures
2012-08-23 16:49:36 ----D---- C:\WINDOWS\TempB3F9039C-6EFB-BE1C-6D5C-91B62E47BFEF-Signatures
2012-08-20 17:28:18 ----D---- C:\WINDOWS\Temp0B37D507-2A18-B9C5-E16A-8CC8DFE14BF7-Signatures
2012-08-19 20:47:22 ----D---- C:\WINDOWS\Temp1390303C-E625-269C-40FD-F6E37E0BBDA6-Signatures
2012-08-19 08:13:02 ----D---- C:\WINDOWS\TempA7AC0E21-312A-4888-900E-D3C6715A7587-Signatures
2012-08-18 22:51:20 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2012-08-18 22:51:11 ----HDC---- C:\WINDOWS\$NtUninstallwinusb0100$
2012-08-18 22:50:03 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\pt-PT
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\pt-BR
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\nl-NL
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\it-IT
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\fr-FR
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\es-ES
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\de-DE
2012-08-18 22:45:47 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2012-08-18 18:08:50 ----D---- C:\WINDOWS\TempC5C37D11-73E7-33CF-B64A-F192DF491169-Signatures
2012-08-17 16:04:14 ----D---- C:\WINDOWS\Temp5E9BD89B-03A6-C6D0-04AC-5E36947C2DF6-Signatures
2012-08-16 06:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-16 06:08:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-16 06:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-16 06:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-16 06:05:07 ----D---- C:\WINDOWS\Temp8426C4AF-EFCF-DCB9-5B63-CE4D2842255E-Signatures

======List of files/folders modified in the last 1 months======

2012-09-15 18:55:54 ----D---- C:\Program Files\trend micro
2012-09-15 15:18:25 ----D---- C:\WINDOWS\Prefetch
2012-09-15 14:21:13 ----D---- C:\WINDOWS\Tasks
2012-09-15 14:18:15 ----D---- C:\WINDOWS\Temp
2012-09-15 14:16:59 ----A---- C:\WINDOWS\win.ini
2012-09-15 14:16:55 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-15 14:15:08 ----D---- C:\WINDOWS
2012-09-15 14:15:04 ----SHD---- C:\System Volume Information
2012-09-15 14:15:04 ----D---- C:\WINDOWS\system32\Restore
2012-09-15 10:29:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-15 10:28:23 ----SHD---- C:\WINDOWS\Installer
2012-09-15 10:24:45 ----D---- C:\WINDOWS\Debug
2012-09-13 23:09:03 ----D---- C:\WINDOWS\inf
2012-09-13 23:08:51 ----D---- C:\WINDOWS\$hf_mig$
2012-09-13 23:06:53 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-08 16:16:03 ----D---- C:\WINDOWS\Minidump
2012-09-02 22:11:32 ----D---- C:\WINDOWS\system32\drivers
2012-08-19 20:46:26 ----D---- C:\WINDOWS\Network Diagnostic
2012-08-18 22:53:39 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-18 22:52:43 ----D---- C:\WINDOWS\system32
2012-08-18 22:49:46 ----D---- C:\WINDOWS\system32\en-US
2012-08-18 22:49:45 ----D---- C:\WINDOWS\system32\drivers\UMDF
2012-08-18 22:45:52 ----D---- C:\WINDOWS\system32\dllcache
2012-08-16 06:25:04 ----D---- C:\Program Files\Internet Explorer
2012-08-16 06:03:35 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-17 611064]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslc1c3ecef;MpKslc1c3ecef; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\MpKslc1c3ecef.sys []
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2006-01-10 31846]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 HOSTNT;HOSTNT; C:\WINDOWS\system32\drivers\HOSTNT.sys [2012-01-03 4032]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2006-05-26 111104]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-07-27 2371584]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-01-23 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-05 4611072]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-10-03 102656]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-03-30 12033024]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
S2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
S3 ahf0jlce;ahf0jlce; C:\WINDOWS\system32\drivers\ahf0jlce.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver; C:\WINDOWS\System32\Drivers\FTD2XX.sys [2004-10-15 29292]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2006-05-18 47249]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2009-10-22 72520]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;WinUSB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-07-27 483328]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2006-09-22 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-05 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Zdravím!
Poprosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[pokornasek.pepan]

ComboFix 12-09-14.03 - Windows 15.09.2012 19:18:25.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.895.509 [GMT 2:00]
Spuštěný z: c:\documents and settings\Windows\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Windows\WINDOWS
C:\install.exe
c:\windows\IsUn0413.exe
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-15 do 2012-09-15 )))))))))))))))))))))))))))))))
.
.
2012-09-15 16:37 . 2012-09-15 16:37 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\offreg.dll
2012-09-15 16:37 . 2012-09-15 16:37 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\MpKslc1c3ecef.sys
2012-09-15 08:28 . 2012-09-15 08:28 -------- d-----w- c:\windows\TempD37D7160-5EA4-22C3-A534-7FBB31B65B82-Signatures
2012-09-15 06:57 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\mpengine.dll
2012-09-15 06:51 . 2012-09-15 06:51 -------- d-----w- c:\windows\TempAE8727A5-54BD-FB43-AE18-AC11508B4C6B-Signatures
2012-09-13 21:06 . 2012-09-13 21:06 -------- d-----w- c:\windows\Temp49A661F1-4407-8357-9104-757616FCE313-Signatures
2012-09-13 18:20 . 2012-09-13 18:21 -------- d-----w- c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures
2012-09-09 06:51 . 2012-09-09 06:51 -------- d-----w- c:\windows\TempFC1D113A-FD5E-6B46-6895-B28CD0DCCD52-Signatures
2012-09-08 06:49 . 2012-09-08 06:49 -------- d-----w- c:\windows\Temp1B9329B1-4623-9710-B4B6-59D57AD6500B-Signatures
2012-09-07 15:00 . 2012-09-07 15:00 -------- d-----w- c:\windows\TempBDE3C51C-082B-CE8F-3F12-2F23BF15EC3B-Signatures
2012-09-03 19:47 . 2012-09-03 19:47 -------- d-----w- c:\windows\Temp6D4CF59A-6909-64AA-2BDB-49BC8F35BECA-Signatures
2012-09-02 20:22 . 2012-09-02 20:22 -------- d-----w- c:\windows\TempAC9689BE-F9D1-3BDE-B522-A3E77B90F539-Signatures
2012-09-02 06:58 . 2012-09-02 06:58 -------- d-----w- c:\windows\TempEDF61082-4940-4173-E299-AA79482FC13C-Signatures
2012-09-01 07:19 . 2012-09-01 07:20 -------- d-----w- c:\windows\Temp2A75668A-AC54-BAE5-591C-B2CE237C4CB2-Signatures
2012-08-30 18:46 . 2012-08-30 18:46 -------- d-----w- c:\windows\Temp29939DBD-3C47-19AB-5451-9E02DA628CAA-Signatures
2012-08-26 21:12 . 2012-08-26 21:12 -------- d-----w- c:\windows\Temp135738F2-EDE5-C843-8BB6-81B6F42EDE0A-Signatures
2012-08-26 08:00 . 2012-08-26 08:00 -------- d-----w- c:\windows\Temp303BEE2D-378F-7FED-EC62-028E35DF2AC8-Signatures
2012-08-25 06:39 . 2012-08-25 06:39 -------- d-----w- c:\windows\TempC33D67EA-AD71-E431-8C42-7D631F079832-Signatures
2012-08-24 15:19 . 2012-08-24 15:19 -------- d-----w- c:\windows\TempBB49B7D5-55E5-21BE-1A35-8476840C89B9-Signatures
2012-08-23 14:49 . 2012-08-23 14:49 -------- d-----w- c:\windows\TempB3F9039C-6EFB-BE1C-6D5C-91B62E47BFEF-Signatures
2012-08-20 15:28 . 2012-08-20 15:28 -------- d-----w- c:\windows\Temp0B37D507-2A18-B9C5-E16A-8CC8DFE14BF7-Signatures
2012-08-19 18:47 . 2012-08-19 18:47 -------- d-----w- c:\windows\Temp1390303C-E625-269C-40FD-F6E37E0BBDA6-Signatures
2012-08-19 06:13 . 2012-08-19 06:13 -------- d-----w- c:\windows\TempA7AC0E21-312A-4888-900E-D3C6715A7587-Signatures
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\pt-PT
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\pt-BR
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\nl-NL
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\it-IT
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\fr-FR
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\es-ES
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\de-DE
2012-08-18 20:45 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-08-18 20:45 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2012-08-18 16:08 . 2012-08-18 16:09 -------- d-----w- c:\windows\TempC5C37D11-73E7-33CF-B64A-F192DF491169-Signatures
2012-08-17 14:04 . 2012-08-17 14:04 -------- d-----w- c:\windows\Temp5E9BD89B-03A6-C6D0-04AC-5E36947C2DF6-Signatures
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-23 07:15 . 2012-02-17 15:39 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-06 13:58 . 2012-02-17 16:02 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2012-02-17 16:01 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2012-02-17 16:02 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2012-02-17 16:02 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2012-02-17 16:02 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2012-02-17 16:02 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2012-02-17 16:02 385024 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-11-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2010-10-07 187672]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-08-23 229376]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-06-02 176128]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 16841216]
"SkyTel"="SkyTel.EXE" [2007-08-03 1826816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2012-2-17 2760704]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2012-2-17 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^desktop.ini]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\desktop.ini
backup=c:\windows\pss\desktop.iniCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Windows^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-09-14 20:09 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2007-08-03 11:22 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.2.2012 18:01 611064]
R1 MpKslc1c3ecef;MpKslc1c3ecef;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\MpKslc1c3ecef.sys [15.9.2012 18:37 29904]
R2 HOSTNT;HOSTNT;c:\windows\system32\drivers\hostnt.sys [17.2.2012 18:01 4032]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [17.2.2012 18:01 36608]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [17.2.2012 18:01 24786]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [17.2.2012 18:01 29292]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLC1C3ECEF
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2012-02-17 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-15 19:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1120)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-09-15 19:24:36
ComboFix-quarantined-files.txt 2012-09-15 17:24
.
Před spuštěním: Volných bajtů: 76 174 540 800
Po spuštění: Volných bajtů: 76 407 050 240
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 32A3FC073EB2CCFB1CF3A2386BA9FBA0

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files\Seznam.cz

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"=-
[-HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]

DirLook::
c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[pokornasek.pepan]

provedeno,nový log zde :

ComboFix 12-09-14.03 - Windows 15.09.2012 19:54:40.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.895.444 [GMT 2:00]
Spuštěný z: c:\documents and settings\Windows\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Windows\Plocha\CFScript.txt..txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Seznam.cz
c:\program files\Seznam.cz\core.3.dll
c:\program files\Seznam.cz\email.3.dll
c:\program files\Seznam.cz\listicka-uninstall.exe
c:\program files\Seznam.cz\listicka.dll
c:\program files\Seznam.cz\pkg\szn-packager.sup
c:\program files\Seznam.cz\pkg\szn-packager.uninstall.bat
c:\program files\Seznam.cz\pkg\szn-software-core-3.sup
c:\program files\Seznam.cz\pkg\szn-software-core-3.uninstall.bat
c:\program files\Seznam.cz\pkg\szn-software-email-3.sup
c:\program files\Seznam.cz\pkg\szn-software-email-3.uninstall.bat
c:\program files\Seznam.cz\pkg\szn-software-listicka.fin
c:\program files\Seznam.cz\pkg\szn-software-listicka.uninstall.bat
c:\program files\Seznam.cz\pkg\szn-software-srank.sup
c:\program files\Seznam.cz\pkg\szn-software-srank.uninstall.bat
c:\program files\Seznam.cz\pomocnikListicky.exe
c:\program files\Seznam.cz\sznpkg.exe
c:\program files\Seznam.cz\sznpkg.log
c:\program files\Seznam.cz\toolbar\toolbar.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-15 do 2012-09-15 )))))))))))))))))))))))))))))))
.
.
2012-09-15 18:02 . 2012-09-15 18:02 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\offreg.dll
2012-09-15 18:02 . 2012-09-15 18:02 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\MpKslf710d960.sys
2012-09-15 16:37 . 2012-09-15 16:37 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\MpKslc1c3ecef.sys
2012-09-15 08:28 . 2012-09-15 08:28 -------- d-----w- c:\windows\TempD37D7160-5EA4-22C3-A534-7FBB31B65B82-Signatures
2012-09-15 06:57 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\mpengine.dll
2012-09-15 06:51 . 2012-09-15 06:51 -------- d-----w- c:\windows\TempAE8727A5-54BD-FB43-AE18-AC11508B4C6B-Signatures
2012-09-13 21:06 . 2012-09-13 21:06 -------- d-----w- c:\windows\Temp49A661F1-4407-8357-9104-757616FCE313-Signatures
2012-09-13 18:20 . 2012-09-13 18:21 -------- d-----w- c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures
2012-09-09 06:51 . 2012-09-09 06:51 -------- d-----w- c:\windows\TempFC1D113A-FD5E-6B46-6895-B28CD0DCCD52-Signatures
2012-09-08 06:49 . 2012-09-08 06:49 -------- d-----w- c:\windows\Temp1B9329B1-4623-9710-B4B6-59D57AD6500B-Signatures
2012-09-07 15:00 . 2012-09-07 15:00 -------- d-----w- c:\windows\TempBDE3C51C-082B-CE8F-3F12-2F23BF15EC3B-Signatures
2012-09-03 19:47 . 2012-09-03 19:47 -------- d-----w- c:\windows\Temp6D4CF59A-6909-64AA-2BDB-49BC8F35BECA-Signatures
2012-09-02 20:22 . 2012-09-02 20:22 -------- d-----w- c:\windows\TempAC9689BE-F9D1-3BDE-B522-A3E77B90F539-Signatures
2012-09-02 06:58 . 2012-09-02 06:58 -------- d-----w- c:\windows\TempEDF61082-4940-4173-E299-AA79482FC13C-Signatures
2012-09-01 07:19 . 2012-09-01 07:20 -------- d-----w- c:\windows\Temp2A75668A-AC54-BAE5-591C-B2CE237C4CB2-Signatures
2012-08-30 18:46 . 2012-08-30 18:46 -------- d-----w- c:\windows\Temp29939DBD-3C47-19AB-5451-9E02DA628CAA-Signatures
2012-08-26 21:12 . 2012-08-26 21:12 -------- d-----w- c:\windows\Temp135738F2-EDE5-C843-8BB6-81B6F42EDE0A-Signatures
2012-08-26 08:00 . 2012-08-26 08:00 -------- d-----w- c:\windows\Temp303BEE2D-378F-7FED-EC62-028E35DF2AC8-Signatures
2012-08-25 06:39 . 2012-08-25 06:39 -------- d-----w- c:\windows\TempC33D67EA-AD71-E431-8C42-7D631F079832-Signatures
2012-08-24 15:19 . 2012-08-24 15:19 -------- d-----w- c:\windows\TempBB49B7D5-55E5-21BE-1A35-8476840C89B9-Signatures
2012-08-23 14:49 . 2012-08-23 14:49 -------- d-----w- c:\windows\TempB3F9039C-6EFB-BE1C-6D5C-91B62E47BFEF-Signatures
2012-08-20 15:28 . 2012-08-20 15:28 -------- d-----w- c:\windows\Temp0B37D507-2A18-B9C5-E16A-8CC8DFE14BF7-Signatures
2012-08-19 18:47 . 2012-08-19 18:47 -------- d-----w- c:\windows\Temp1390303C-E625-269C-40FD-F6E37E0BBDA6-Signatures
2012-08-19 06:13 . 2012-08-19 06:13 -------- d-----w- c:\windows\TempA7AC0E21-312A-4888-900E-D3C6715A7587-Signatures
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\pt-PT
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\pt-BR
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\nl-NL
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\it-IT
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\fr-FR
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\es-ES
2012-08-18 20:49 . 2012-08-18 20:49 -------- d-----w- c:\windows\system32\de-DE
2012-08-18 20:45 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-08-18 20:45 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2012-08-18 16:08 . 2012-08-18 16:09 -------- d-----w- c:\windows\TempC5C37D11-73E7-33CF-B64A-F192DF491169-Signatures
2012-08-17 14:04 . 2012-08-17 14:04 -------- d-----w- c:\windows\Temp5E9BD89B-03A6-C6D0-04AC-5E36947C2DF6-Signatures
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-23 07:15 . 2012-02-17 15:39 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-06 13:58 . 2012-02-17 16:02 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2012-02-17 16:01 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2012-02-17 16:02 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2012-02-17 16:02 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2012-02-17 16:02 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2012-02-17 16:02 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2012-02-17 16:02 385024 ----a-w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures ----
.
2012-09-13 18:21 . 2012-09-09 18:05 1208376 ----a-w- c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures\mpavdlta.vdm
2012-09-13 18:21 . 2012-09-09 18:05 706104 ----a-w- c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures\mpasdlta.vdm
2012-09-13 18:20 . 2012-08-29 15:28 45552176 ----a-w- c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures\mpavbase.vdm
2012-09-13 18:20 . 2012-08-29 15:27 14834224 ----a-w- c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures\mpasbase.vdm
2012-09-13 18:20 . 2012-08-23 07:15 7022536 ----a-w- c:\windows\Temp989533DB-9EA7-6EB3-D0D7-64F792B2EE3E-Signatures\mpengine.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-11-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2012-09-15_17.22.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-09-15 18:01 . 2012-09-15 18:01 16384 c:\windows\temp\Perflib_Perfdata_7bc.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-08-23 229376]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-06-02 176128]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 16841216]
"SkyTel"="SkyTel.EXE" [2007-08-03 1826816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2012-2-17 2760704]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2012-2-17 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^desktop.ini]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\desktop.ini
backup=c:\windows\pss\desktop.iniCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Windows^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-09-14 20:09 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2007-08-03 11:22 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.2.2012 18:01 611064]
R1 MpKslf710d960;MpKslf710d960;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A9054D9-E255-4DF6-9437-82F63533DF99}\MpKslf710d960.sys [15.9.2012 20:02 29904]
R2 HOSTNT;HOSTNT;c:\windows\system32\drivers\hostnt.sys [17.2.2012 18:01 4032]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [17.2.2012 18:01 36608]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [17.2.2012 18:01 24786]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [17.2.2012 18:01 29292]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLF710D960
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2012-02-17 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-szn-software-listicka - c:\program files\Seznam.cz\listicka-uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-15 20:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1124)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2836)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\windows\RTHDCPL.EXE
c:\program files\Apoint2K\Apntex.exe
c:\program files\Apoint2K\HidFind.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\Apoint2K\Apvfb.exe
c:\program files\ATK Hotkey\WDC.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
.
**************************************************************************
.
Celkový čas: 2012-09-15 20:07:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-15 18:07
ComboFix2.txt 2012-09-15 17:24
.
Před spuštěním: Volných bajtů: 76 414 853 120
Po spuštění: Volných bajtů: 76 413 022 208
.
- - End Of File - - 06DF6C5BE0C6ABD045BAE896E381AF17

[Rudy]

Vše smazáno. Nastala nějaká změna?

[pokornasek.pepan]

počítač ok,ale pořád zamrzá internet... chci otevřít prohlížeč,nahoře na okně mi napíše neodpovídá a cca po 1min se normálně načte.

[Rudy]

Zkuste použít WinsockFix: http://www.softpedia.com/get/Tweak/Netw ... kFix.shtml . Utilita reinstaluje TCP/IP protokol. Pokud máte síť. adresu zadanou ručně, budete ji muset po restartu PC znovu zadat.

[motji]

Jak to tu vypadá?