velmi velké množství odelsané nevyžádané pošty

[Tom-Ice]

Z techni ckého oddělení mě upozornili na velmi velké množství nevyžádané pošty které jim zahlcuje linku.
Odchází z některého ze 4 pc případně ntb co se tady připojují prosím o radu
přikládám 1 z nich



Logfile of random's system information tool 1.06 (written by random/random)
Run by PC at 2010-04-27 23:07:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 14 GB (3%) free of 477 GB
Total RAM: 1918 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:07:35, on 27.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\MRP\Tiskový manažer\W_mrpprn.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\MP4 Player\mp4Player.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\MRP\MRPKS\MRPKS.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\219TQ0LP\RSIT[1].exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\PC\LOCALS~1\Temp\init.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [] C:\Documents and Settings\PC\.exe /i
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [W_MRPPRN] C:\Program Files\MRP\Tiskový manažer\W_mrpprn.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MP4 Player] "C:\Program Files\MP4 Player\mp4Player.exe" hmw
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3910399733
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 10262 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{9E6CF8B6-76A5-49F3-B5B4-9AE1DEB951C2}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-03-30 1234384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-19 1615200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-02-23 1664256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-02-23 1664256]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-03-30 1234384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-01-02 30192]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-19 2064736]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-03-31 2176512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""=C:\Documents and Settings\PC\.exe /i []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"W_MRPPRN"=C:\Program Files\MRP\Tiskový manažer\W_mrpprn.exe [2005-03-18 1138688]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-12-12 323392]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"MP4 Player"=C:\Program Files\MP4 Player\mp4Player.exe [2008-11-06 772096]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-03-31 3037696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2009-02-27 542096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Rychlý začátek s aplikací HP Photosmart Premier.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\PC\Nabídka Start\Programy\Po spuštění
Spamihilator.lnk - C:\Program Files\Spamihilator\spamihilator.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-03-26 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt]
crypts.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\torrent\BitTorrent\bittorrent.exe"="C:\torrent\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\WWWCukrarna\files\Casino\ParadiseCasino - Czech\casino.exe"="C:\WWWCukrarna\files\Casino\ParadiseCasino - Czech\casino.exe:*:Enabled:casino"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\WINDOWS\system32\WgaTray.exe"="C:\WINDOWS\system32\WgaTray.exe:*:Enabled:ENABLE"
"C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe"="C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe:*:Enabled:ENABLE"
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:ENABLE"
"C:\WINDOWS\system32\cmd.exe"="C:\WINDOWS\system32\cmd.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\ntvdm.exe"="C:\WINDOWS\system32\ntvdm.exe:*:Enabled:ENABLE"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:ENABLE"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Enabled:ENABLE"
"C:\Program Files\MRP\MRPKS\MRPKS.exe"="C:\Program Files\MRP\MRPKS\MRPKS.exe:*:Enabled:ENABLE"
"C:\WINDOWS\System32\logon.scr"="C:\WINDOWS\System32\logon.scr:*:Enabled:ENABLE"
"C:\WINDOWS\RTHDCPL.EXE"="C:\WINDOWS\RTHDCPL.EXE:*:Enabled:ENABLE"
"C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe:*:Enabled:ENABLE"
"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ENABLE"
"C:\Program Files\MRP\Tiskový manažer\W_mrpprn.exe"="C:\Program Files\MRP\Tiskový manažer\W_mrpprn.exe:*:Enabled:ENABLE"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:ENABLE"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:ENABLE"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:ENABLE"
"C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe:*:Enabled:ENABLE"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:ENABLE"
"C:\Program Files\Total Commander\TOTALCMD.EXE"="C:\Program Files\Total Commander\TOTALCMD.EXE:*:Enabled:ENABLE"
"C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe"="C:\Program Files\HP\Digital Imaging\bin\HPQPSXP.exe:*:Enabled:ENABLE"
"C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\mspaint.exe"="C:\WINDOWS\system32\mspaint.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ENABLE"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ENABLE"
"C:\Documents and Settings\PC\Local Settings\Temp\init.exe"="C:\Documents and Settings\PC\Local Settings\Temp\init.exe:*:Enabled:ENABLE"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\MRPPRN\LOGA\Casino\ParadiseCasino - Czech\casino.exe"="C:\MRPPRN\LOGA\Casino\ParadiseCasino - Czech\casino.exe:*:Enabled:casino"
"C:\Program Files\Spamihilator\spamihilator.exe"="C:\Program Files\Spamihilator\spamihilator.exe:*:Enabled:Spamihilator"
"C:\Program Files\Spamihilator\cdcc.exe"="C:\Program Files\Spamihilator\cdcc.exe:*:Enabled:Spamihilator DCC Filter Configuration"
"C:\Program Files\Spamihilator\dccproc.exe"="C:\Program Files\Spamihilator\dccproc.exe:*:Enabled:Spamihilator DCC Filter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37cfaba0-121a-11de-a16c-001fc6b58c42}]
shell\AutoRun\command - F:\wd_windows_tools\setup.exe


======List of files/folders created in the last 1 months======

2010-04-27 23:07:09 ----D---- C:\rsit
2010-04-27 23:07:09 ----D---- C:\Program Files\trend micro
2010-04-19 01:16:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spamihilator
2010-04-19 01:15:11 ----D---- C:\Documents and Settings\PC\Data aplikací\Spamihilator
2010-04-19 01:14:58 ----D---- C:\Program Files\Spamihilator
2010-04-14 23:32:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 23:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 23:30:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 23:30:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 23:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 23:29:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-07 15:58:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP Product Assistant
2010-03-31 12:35:49 ----D---- C:\Program Files\Crawler
2010-03-31 12:35:45 ----D---- C:\Documents and Settings\PC\Data aplikací\Spyware Terminator
2010-03-31 12:35:42 ----D---- C:\Program Files\Spyware Terminator
2010-03-31 12:35:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator

======List of files/folders modified in the last 1 months======

2010-04-27 23:07:21 ----D---- C:\WINDOWS\Temp
2010-04-27 23:07:09 ----RD---- C:\Program Files
2010-04-27 23:07:09 ----D---- C:\WINDOWS\Prefetch
2010-04-27 23:00:09 ----D---- C:\Documents and Settings\PC\Data aplikací\DNA
2010-04-27 22:30:17 ----A---- C:\WINDOWS\wincmd.ini
2010-04-27 12:39:25 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-27 12:39:18 ----D---- C:\WINDOWS\system32
2010-04-27 12:39:07 ----D---- C:\Program Files\DNA
2010-04-27 11:29:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-26 23:54:35 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-23 17:14:08 ----D---- C:\WINDOWS
2010-04-22 22:56:04 ----D---- C:\Documents and Settings\PC\Data aplikací\XnView
2010-04-19 23:35:52 ----D---- C:\DOKUMENTY
2010-04-19 23:03:52 ----D---- C:\MRP
2010-04-19 16:20:04 ----D---- C:\WINDOWS\system32\drivers
2010-04-19 01:15:10 ----SHD---- C:\WINDOWS\Installer
2010-04-19 01:15:05 ----HD---- C:\Config.Msi
2010-04-19 01:15:04 ----D---- C:\WINDOWS\WinSxS
2010-04-18 16:20:57 ----D---- C:\TOM
2010-04-16 19:41:01 ----HD---- C:\WINDOWS\inf
2010-04-14 23:32:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 23:32:13 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 23:32:12 ----A---- C:\WINDOWS\imsins.BAK
2010-04-14 17:32:24 ----D---- C:\DOCH
2010-04-14 12:10:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-05 21:12:11 ----D---- C:\FullDisc
2010-04-01 01:23:10 ----D---- C:\Program Files\Internet Explorer
2010-03-28 10:57:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-26 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-26 29512]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-19 242896]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-02 1975296]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-03-26 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-23 4402176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-15 83200]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 acpi32;acpi32; \??\C:\WINDOWS\system32\drivers\acpi32.sys []
S2 ati64si;ati64si; \??\C:\WINDOWS\system32\drivers\ati64si.sys []
S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []
S2 ksi32sk;ksi32sk; \??\C:\WINDOWS\system32\drivers\ksi32sk.sys []
S2 netsik;netsik; \??\C:\WINDOWS\system32\drivers\netsik.sys []
S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []
S2 securentm;securentm; \??\C:\WINDOWS\system32\drivers\securentm.sys []
S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-03-26 30104]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-03-05 47360]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-02 446464]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-26 308064]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-03-26 2325816]
R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-03-26 5888008]
R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2008-06-13 2723840]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-03-31 488960]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-02-23 369920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-01-02 30192]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobrý večer

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[Tom-Ice]

dle pokynu .. snad se to povedlo spravne

[Tom-Ice]

Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1918.1240 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\PC\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\PC\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\windows\Sysvxd.exe
c:\windows\wiaservim.log

c:\windows\system32\grpconv.exe chyběl.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\grpconv.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_acpi32
-------\Service_ati64si
-------\Service_fips32cup
-------\Service_ksi32sk
-------\Service_netsik
-------\Service_port135sik
-------\Service_securentm
-------\Service_systemntmi


((((((((((((((((((((((((( Soubory vytvořené od 2010-03-27 do 2010-04-27 )))))))))))))))))))))))))))))))
.

2010-04-27 22:43 . 2008-04-14 03:22 39424 -c--a-w- c:\windows\system32\dllcache\grpconv.exe
2010-04-27 22:43 . 2008-04-14 03:22 39424 ----a-w- c:\windows\system32\grpconv.exe
2010-04-27 21:07 . 2010-04-27 21:07 -------- d-----w- C:\rsit
2010-04-27 21:07 . 2010-04-27 21:07 -------- d-----w- c:\program files\trend micro
2010-04-18 23:14 . 2010-04-18 23:15 -------- d-----w- c:\program files\Spamihilator
2010-03-31 10:35 . 2010-04-02 08:01 -------- d-----w- c:\program files\Crawler
2010-03-31 10:35 . 2010-03-31 10:35 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-03-31 10:35 . 2010-04-21 11:18 -------- d-----w- c:\program files\Spyware Terminator

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-27 22:52 . 2010-03-23 23:06 838144 ----a-w- c:\windows\system32\drivers\muxbfaqt.sys
2010-04-27 22:49 . 2009-02-07 14:36 -------- d-----w- c:\program files\DNA
2010-04-19 14:19 . 2009-05-22 13:32 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-28 08:57 . 2004-08-18 12:00 82642 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 08:57 . 2004-08-18 12:00 437336 ----a-w- c:\windows\system32\perfh005.dat
2010-03-26 09:43 . 2009-05-22 13:32 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-26 09:43 . 2009-02-06 10:34 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-26 09:42 . 2010-03-26 09:42 25096 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2010-03-26 09:42 . 2009-05-22 13:32 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-26 09:42 . 2009-05-22 13:32 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-03-26 09:42 . 2009-05-22 13:32 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2010-03-26 09:42 . 2009-05-22 13:32 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2010-03-26 09:42 . 2009-05-22 13:32 -------- d-----w- c:\program files\AVG
2010-03-21 15:27 . 2010-03-21 15:26 -------- d---a-w- c:\program files\Furnish Pro
2010-03-10 06:17 . 2004-08-18 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-04 10:33 . 2009-02-06 10:42 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-25 06:18 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-18 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:08 . 2004-08-18 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:08 . 2004-08-17 15:45 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:03 . 2010-03-19 13:34 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:35 . 2004-08-18 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-18 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-01-02 08:37 . 2009-04-30 08:58 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-02-23 13:04 1664256 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"W_MRPPRN"="c:\program files\MRP\Tiskový manažer\W_mrpprn.exe" [2005-03-18 1138688]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-12-12 323392]
"MP4 Player"="c:\program files\MP4 Player\mp4Player.exe" [2008-11-06 772096]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-31 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 83608]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-01-02 30192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-03-31 2176512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2010-4-19 1512448]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-26 09:42 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Rychlý začátek s aplikací HP Photosmart Premier.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlý začátek s aplikací HP Photosmart Premier.lnk
backup=c:\windows\pss\Rychlý začátek s aplikací HP Photosmart Premier.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\WWWCukrarna\\files\\Casino\\ParadiseCasino - Czech\\casino.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\WgaTray.exe"=
"c:\\Program Files\\Firebird\\Firebird_2_1\\bin\\fbserver.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\EXCEL.EXE"=
"c:\\WINDOWS\\system32\\cmd.exe"=
"c:\\WINDOWS\\system32\\ntvdm.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MRP\\MRPKS\\MRPKS.exe"=
"c:\\WINDOWS\\System32\\logon.scr"=
"c:\\WINDOWS\\RTHDCPL.EXE"=
"c:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"=
"c:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe"=
"c:\\Program Files\\MRP\\Tiskový manažer\\W_mrpprn.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSTE08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Total Commander\\TOTALCMD.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\HPQPSXP.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqimzone.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\WINDOWS\\system32\\mspaint.exe"=
"c:\\Program Files\\Spamihilator\\spamihilator.exe"=
"c:\\Program Files\\Spamihilator\\cdcc.exe"=
"c:\\Program Files\\Spamihilator\\dccproc.exe"=

R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [16.4.2007 17:33 119808]
R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [26.3.2010 11:42 25096]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [22.5.2009 15:32 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [22.5.2009 15:32 216200]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [22.5.2009 15:32 242896]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [31.3.2010 12:35 142592]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [26.3.2010 11:42 308064]
R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [26.3.2010 11:42 2325816]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [26.3.2010 11:42 5888008]
R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [9.2.2009 12:07 2723840]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [22.5.2009 15:32 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [26.3.2010 11:42 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [26.3.2010 11:42 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [26.3.2010 11:42 26120]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [26.3.2010 11:42 369920]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [22.5.2009 15:32 30104]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [30.4.2009 10:57 30192]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - muxbfaqt
.
Obsah adresáře 'Naplánované úlohy'

2010-04-27 c:\windows\Tasks\User_Feed_Synchronization-{9E6CF8B6-76A5-49F3-B5B4-9AE1DEB951C2}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\lx8mgoj4.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.bsplayer-search.com/startpage
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

ActiveSetup-ccc-core-static - msiexec
AddRemove-ParadiseCasino - c:\casino\PARADI~1\UNWISE.EXE
AddRemove-ParadiseCasino - Czech - c:\casino\PARADI~1\UNWISE.EXE
AddRemove-ParadisePoker - c:\progra~1\PARADI~1\UNWISE.EXE
AddRemove-Pixie_is1 - c:\program files\Pixie\unins000.exe
AddRemove-PokerStars - c:\program files\PokerStars\PokerStarsUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-28 00:49
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\muxbfaqt]

.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(996)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3352)
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2010-04-28 00:53:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-27 22:53

Před spuštěním: Volných bajtů: 14 768 066 560
Po spuštění: Volných bajtů: 21 544 189 952

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - C3ADD41EDF9DC9E3AEEB68EB27D33010

[motji]

Nevím, jestli tento pc je hlavní viník, ale určitě měl na tom podíl

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

KillAll::

Collect::
c:\windows\system32\drivers\muxbfaqt.sys

Driver::
muxbfaqt

Registry::
[-HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

Firefox::
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\lx8mgoj4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bsplayer-search.com/startpage

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci



doporučuji odinstalovat
C:\Program Files\DNA\btdna.exe


Stahněte SAS http://portable.superantispyware.com/sassaferun.php
-proveďte aktualizaci a dejte uplný sken.
-Co najde, smažte,a napište co našel.
(tato verze se neinstaluje, je v angličtině. Pokud potřebujete uplný návod, klikněte mi v podpisu na SAS)

[Tom-Ice]

uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

to sem zatim provedl ale nic na mě nevypadlo .. jak dloho to trva než to vyhodí přijde mě že PC nic nezpracováva tak nevím zda sem neudělal nějakou chybu a mám to zkusit znovu.

[Tom-Ice]

btdna.exe - odinstalovat tu možnost sem bohužel nikde nenašedyž ho chci odstranit tak mě to hodí hlášku že je chráněný a nebo že je právě používán a že odstranit nejde

[motji]

Vytvořil jste textový soubor s tím skriptem? Když ho vytvoříte, pak ho přetáhnete nad ikonu combofixu a tím se combofix spustí. Provedl jste to tak?

[Tom-Ice]

ja myslím že ano

[Tom-Ice]

před chvílí právě skončil
Stahněte SAS http://portable.superantispyware.com/sassaferun.php
-proveďte aktualizaci a dejte uplný sken.
-Co najde, smažte,a napište co našel.
(tato verze se neinstaluje, je v angličtině. Pokud potřebujete uplný návod, klikněte mi v podpisu na SAS)
z tímto výsledkem

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/28/2010 at 09:45 AM

Application Version : 4.33.1000

Core Rules Database Version : 4861
Trace Rules Database Version: 0

Scan type : Complete Scan
Total Scan Time : 00:30:50

Memory items scanned : 607
Memory threats detected : 0
Registry items scanned : 5560
Registry threats detected : 0
File items scanned : 22566
File threats detected : 32

Adware.Tracking Cookie
C:\Documents and Settings\PC\Cookies\pc@adultfriendfinder[1].txt
C:\Documents and Settings\PC\Cookies\pc@www.googleadservices[1].txt
C:\Documents and Settings\PC\Cookies\pc@ad2.billboard[8].txt
C:\Documents and Settings\PC\Cookies\pc@ad2.billboard[6].txt
C:\Documents and Settings\PC\Cookies\pc@ad2.billboard[4].txt
C:\Documents and Settings\PC\Cookies\pc@pornhub[2].txt
C:\Documents and Settings\PC\Cookies\pc@toplist[4].txt
C:\Documents and Settings\PC\Cookies\pc@www.pornorama[1].txt
C:\Documents and Settings\PC\Cookies\pc@toplist[7].txt
C:\Documents and Settings\PC\Cookies\pc@toplist[5].txt
C:\Documents and Settings\PC\Cookies\pc@toplist[2].txt
C:\Documents and Settings\PC\Cookies\pc@toplist[8].txt
C:\Documents and Settings\PC\Cookies\pc@ads.adeffect[1].txt
C:\Documents and Settings\PC\Cookies\pc@ad2.billboard[1].txt
C:\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[1].txt
C:\Documents and Settings\PC\Cookies\pc@ad.zanox[2].txt
C:\Documents and Settings\PC\Cookies\pc@ad2.billboard[2].txt
C:\Documents and Settings\PC\Cookies\pc@ad2.billboard[3].txt
C:\Documents and Settings\PC\Cookies\pc@ad2.billboard[5].txt
C:\Documents and Settings\PC\Cookies\pc@ads.mojasvadba[1].txt
C:\Documents and Settings\PC\Cookies\pc@content.yieldmanager[1].txt
C:\Documents and Settings\PC\Cookies\pc@roitracking[1].txt
C:\Documents and Settings\PC\Cookies\pc@nissaneurope.112.2o7[1].txt
C:\Documents and Settings\PC\Cookies\pc@toplist[1].txt
C:\Documents and Settings\PC\Cookies\pc@toplist[6].txt
C:\Documents and Settings\PC\Cookies\pc@tradedoubler[2].txt
C:\Documents and Settings\PC\Cookies\pc@video.pornorama[2].txt
C:\Documents and Settings\PC\Cookies\pc@xxxvidea[2].txt
C:\Documents and Settings\PC\Cookies\pc@zbox.zanox[2].txt

Adware.Casino Games (Golden Palace Casino)
C:\MRPPRN\LOGA\CASINO\PARADISECASINO\CASINO.EXE
C:\WWWCUKRARNA\FILES\CASINO\PARADISECASINO - CZECH\CASINO.EXE

Trojan.RootKit/Gen
C:\WINDOWS\SYSTEM32\DRIVERS\MUXBFAQT.SYS

[Tom-Ice]

takže to smazat a zvolit možnost další ?
Asi ano že

[Tom-Ice]

no ono to vlastně ano možnost delete nenabízí .. jen další

[motji]

Smažte to.
Ten skript se určitě neprovedl, zkuste to prosím zopakovat. Spustil se Vám po skriptu combofix?

[Tom-Ice]

dobře zkusím znova combi se asi nespustil naběhlo je malé okénko se zeleným pruhem který když přišel až po konec zmizel
zkouším znova
zkopíruju Váš kod ulžím na plochu a přetáhnu na combi ... a uvidíme

[Tom-Ice]

když to přetáhnu tak to hodí odkaz .. vydavatele se nepodařilo ověřit . opravdu chce spustit tento odkaz název Cobi fix .. vydavatel neznámý ... zvolim spustit naběhne malý zelený rámeček s nápisem cobi fix a přibývají zelené okénkam které když přijdou po konec zmizí a dál se nic neděje