PC pri pripojeni na internet spamuje

[aloux]

Dobry den,
pocitac pri pripojeni na internet zacne vyvijet nejake sitove aktivity, coz je videt i na sitove karte fyzicky i pohledem do vlastnosti sitovych pripojeni. Ze se jedna o problem upozornil i poskytovatel pripojeni k internetu, ze PC je pravdepodobne zavirovane. Antiviry AVG, FsecureOnlineScanner, Avast nic nenasly. ComboFix oddelal nejake DLL, problem nicmene pretrvava. Navic kdyz pripojim dane PC v siti, uplne odrizne konektivitu pro ostatni PC, zacne jim vypadavat ping, az se uplne odpoji. V priloze posilam logy

logy.rar

(11.27 KiB) Staženo 38 x

logy.rar

(11.27 KiB) Staženo 38 x

pozadovaneho SW RSIT

[aloux]

prikladam log z ComboFixu

[aloux]

ComboFix 10-03-03.07 - Mirek 2010-03-05 12:28:12.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.447.169 [GMT 1:00]
Spuštěný z: c:\documents and settings\Mirek\Plocha\ComboFix2.exe
Použité ovládací přepínače :: c:\documents and settings\Mirek\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

file zipped: c:\windows\system32\drivers\roorkhs.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\roorkhs.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ROORKHS
-------\Legacy_SETUPNTGLM7X
-------\Service_jmfjcfv
-------\Service_roorkhs
-------\Service_SetupNTGLM7X


((((((((((((((((((((((((( Soubory vytvořené od 2010-02-05 do 2010-03-05 )))))))))))))))))))))))))))))))
.

2010-03-05 10:16 . 2010-03-05 11:19 -------- d-----r- c:\documents and settings\LocalService\Dokumenty
2010-03-05 06:47 . 2010-03-05 06:47 -------- d-----w- c:\program files\trend micro
2010-03-05 06:47 . 2010-03-05 06:47 -------- d-----w- C:\rsit
2010-03-04 07:18 . 2010-03-04 07:18 390144 ----a-w- c:\windows\system32\CF20172.exe
2010-03-03 19:05 . 2008-05-29 08:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2010-03-03 19:05 . 2010-03-03 19:05 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-03-03 19:05 . 2010-03-03 19:11 -------- d-----w- c:\program files\TuneUp Utilities 2008
2010-03-03 19:03 . 2010-03-03 19:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-03 18:48 . 2010-03-03 18:48 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-03-03 18:01 . 2010-03-03 18:02 -------- dc-h--w- c:\windows\ie8
2010-03-02 08:29 . 2010-03-02 08:29 -------- d-----w- c:\program files\FreeCommander
2010-03-02 08:23 . 2010-03-03 17:40 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-02 08:23 . 2010-03-03 17:40 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-02 08:23 . 2010-03-02 08:23 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-02 08:23 . 2010-03-03 17:40 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-02 08:22 . 2010-03-05 06:34 -------- d-----w- c:\windows\system32\drivers\Avg
2010-02-27 21:19 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-27 21:19 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-27 21:19 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-27 21:19 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-27 21:19 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-27 21:19 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-27 21:19 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-27 21:18 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-27 21:18 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-03 14:01 . 2010-03-03 19:00 -------- d-----w- c:\program files\Free Window Registry Repair

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 08:11 . 2010-03-04 08:11 -------- d-----w- c:\program files\IObit
2010-03-03 19:00 . 2008-07-07 21:40 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-03 18:54 . 2001-10-25 12:00 47206 ----a-w- c:\windows\system32\perfc005.dat
2010-03-03 18:54 . 2001-10-25 12:00 312970 ----a-w- c:\windows\system32\perfh005.dat
2010-03-03 18:34 . 2006-12-19 17:04 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2010-03-03 18:34 . 2006-12-19 17:04 2740 ----a-w- c:\windows\PCHEALTH\HELPCTR\PackageStore\SkuStore.bin
2010-03-01 00:14 . 2007-01-17 17:36 -------- d-----w- c:\program files\Alwil Software
2010-02-27 21:35 . 2007-03-24 19:24 -------- d-----w- c:\program files\ESET
2010-02-01 13:53 . 2009-11-01 18:11 -------- d-----w- c:\program files\rajce
2010-01-28 04:01 . 2006-12-19 17:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-31 16:50 . 2001-10-25 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-24 15:17 . 2009-03-31 19:56 5 ----a-w- c:\windows\system32\SySMP3OC.dat
2009-12-21 19:08 . 2004-08-23 17:14 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2006-12-19 17:01 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2001-10-25 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2001-10-25 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2001-10-24 11:46 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2006-12-20 13:07 . 2006-12-20 13:04 6064640 ----a-w- c:\program files\icq5_1_setup.exe
2006-12-20 12:53 . 2006-12-20 12:50 6469352 ----a-w- c:\program files\avgas-setup-7.5.0.50.exe
2006-12-20 12:47 . 2006-12-20 12:38 17674296 ----a-w- c:\program files\avg75free_432a861.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-09-18 1119488]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-18 11:27 1119488 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-09-18 1119488]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-09-18 1119488]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-02-08 2343632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2005-10-17 7307264]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2005-10-17 86016]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-12-14 221184]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 90112]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-03 17:40 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2004-01-14 01:10 409600 ----a-w- c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2004-12-14 17:57 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2004-12-14 17:51 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2005-10-17 02:31 1519616 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-02-27 162512]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-03-02 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-03-02 360584]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-03 285392]
S2 aswFsBlk;aswFsBlk;aswFsBlk.sys --> aswFsBlk.sys [?]
S2 srservice Mobile Device;Služba obnovení systému srservice Mobile Device; [x]
S3 AESKXN;AESKXN;c:\docume~1\Mirek\LOCALS~1\Temp\AESKXN.exe --> c:\docume~1\Mirek\LOCALS~1\Temp\AESKXN.exe [?]
S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\drivers\aexpamdrv.sys [2004-12-27 20512]
S3 esihdrv;esihdrv;\??\c:\docume~1\Mirek\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Mirek\LOCALS~1\Temp\esihdrv.sys [?]
S3 QEHUWITE;QEHUWITE;c:\docume~1\Mirek\LOCALS~1\Temp\QEHUWITE.exe --> c:\docume~1\Mirek\LOCALS~1\Temp\QEHUWITE.exe [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-03-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]

2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2010-03-05 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-01 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: &Download by Enterra Download Manager - c:\program files\Enterra\Download Manager\edm.dll/3000
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
IE: {{141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz
IE: {{1AB6CC97-17C1-4207-BC51-5C9D435A338E} - res://c:\program files\Enterra\Download Manager\edm.dll/3002
IE: {{2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz
IE: {{2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz
IE: {{2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz
IE: {{2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz
IE: {{309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz
IE: {{49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/
IE: {{8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz
IE: {{8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz
IE: {{A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz
IE: {{BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz
IE: {{DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/
IE: {{FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/
FF - ProfilePath - c:\documents and settings\Mirek\Data aplikací\Mozilla\Firefox\Profiles\ag3cl6hn.default\
FF - prefs.js: browser.search.selectedEngine - BS.Player Search
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-05 12:51
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2044)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\SOUNDMAN.EXE
.
**************************************************************************
.
Celkový čas: 2010-03-05 12:58:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-05 11:58
ComboFix2.txt 2010-03-04 16:29
ComboFix3.txt 2010-03-04 14:01

Před spuštěním: Volných bajtů: 15,039,008,768
Po spuštění: Volných bajtů: 14,920,941,568

- - End Of File - - 002B6D15EEDFF3C6BA0D67C4B6AA8A8B

[aloux]

Ten RootkitRevealer vzdy Provedl neplatou operaci a byl ukoncen, kdyz jsem chtel ulozit ten Log. Zadny jiny soft jsem v prubehu cisteni neinstaloval. Je tam funkcni AVG. Avast tam byl, nejde odinstalovat ani pomoci Pridat/Odebrat programy, ani pomoci oprava intsalace/ odebrat.

[aloux]

Kazdopadne spamovani ustalo. Dekuji moc za pomoc