Správce systému zakázal upravy registru a správce uloh

[Mongo]

dobry den, potreboval bych poradit jak zprovoznit spravce uloh a upravy registru. spravce uloh jsem zkousel pres registry, ale ty nejdou spustit, pak jsem zkousel gpedit, ale ten nemam bo co, pres sreng jsem taky zkousel, nefunguje. diky za rady
Log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrátor at 2010-09-03 17:04:17
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 6 GB (28%) free of 20 GB
Total RAM: 1535 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:04:21, on 3.9.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrátor\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Administrátor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 6441 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-03 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-16 8491008]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2010-05-27 323976]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2010-08-29 225280]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26297128]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe:*:Enabled:ipsec"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Documents and Settings\Administrátor\Plocha\HIDEIT.EXE"="C:\Documents and Settings\Administrátor\Plocha\HIDEIT.EXE:*:Enabled:ipsec"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ipsec"
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"="C:\Program Files\Common Files\Java\Java Update\jusched.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\RUNDLL32.EXE"="C:\WINDOWS\system32\RUNDLL32.EXE:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe:*:Enabled:ipsec"
"C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe:*:Enabled:ipsec"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\calc.exe"="C:\WINDOWS\system32\calc.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\NeroCheck.exe"="C:\WINDOWS\system32\NeroCheck.exe:*:Enabled:ipsec"
"D:\Programmi\LocMt2\loc.bin"="D:\Programmi\LocMt2\loc.bin:*:Enabled:ipsec"
"C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe"="C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe:*:Enabled:ipsec"
"C:\Program Files\Kantaris\Kantaris.exe"="C:\Program Files\Kantaris\Kantaris.exe:*:Enabled:ipsec"
"C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ipsec"
"C:\Program Files\Java\jre6\bin\javaws.exe"="C:\Program Files\Java\jre6\bin\javaws.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyaujln.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winyaujln.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\beet.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\beet.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winoebg.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winoebg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tlifig.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tlifig.exe:*:Enabled:ipsec"
"M:\Stranglehold\setup.EXE"="M:\Stranglehold\Setup.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jspm.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jspm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wltr.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wltr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintxxo.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintxxo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bgkj.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bgkj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjltvs.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjltvs.exe:*:Enabled:ipsec"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kaau.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kaau.exe:*:Enabled:ipsec"
"M:\eyqgjt.pif"="M:\eyqgjt.pif:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rghq.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rghq.exe:*:Enabled:ipsec"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"="C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wqnmgy.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wqnmgy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hgqqkx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hgqqkx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upyanr.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upyanr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingfefly.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingfefly.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlbiap.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlbiap.exe:*:Enabled:ipsec"
"D:\Games\Heroes of the Pacific\sr7stop10.exe"="D:\Games\Heroes of the Pacific\sr7stop10.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvgcihk.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvgcihk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ghers.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ghers.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ttjjn.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ttjjn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\htuqyf.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\htuqyf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnbmlx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winnbmlx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qklaq.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qklaq.exe:*:Enabled:ipsec"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-02 08:22:43 ----D---- C:\Program Files\MSXML 4.0
2010-09-02 06:48:07 ----D---- C:\ERGOM
2010-09-02 06:47:58 ----D---- C:\Program Files\LAN Consult
2010-09-02 06:47:48 ----D---- C:\Program Files\Evidence Médií
2010-09-01 10:56:36 ----D---- C:\Program Files\DirectX
2010-09-01 10:56:08 ----A---- C:\WINDOWS\system32\mfc70.dll
2010-09-01 10:56:08 ----A---- C:\WINDOWS\system32\eax.dll
2010-09-01 10:56:08 ----A---- C:\WINDOWS\system32\Cc3250mt.dll
2010-09-01 10:56:08 ----A---- C:\WINDOWS\system32\Borlndmm.dll
2010-09-01 10:56:08 ----A---- C:\WINDOWS\system32\ATL80.dll
2010-09-01 10:56:08 ----A---- C:\WINDOWS\system32\atl71.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\mfcm80u.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\mfcm80.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\mfc80u.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\mfc80ENU.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\mfc80.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\MFC71u.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\mfc71.dll
2010-09-01 10:56:07 ----A---- C:\WINDOWS\system32\mfc70u.dll
2010-09-01 10:56:06 ----A---- C:\WINDOWS\system32\msvcm80.dll
2010-09-01 10:56:06 ----A---- C:\WINDOWS\system32\msvci70.dll
2010-09-01 10:56:05 ----A---- C:\WINDOWS\system32\Msvcp70.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\Vb5db.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\OpenALwEAX.exe
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\msxml4r.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\msxml4a.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\msxml3a.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\msvcr71d.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\msvcr70d.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\Msvcr70.dll
2010-09-01 10:56:04 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-09-01 10:56:02 ----A---- C:\WINDOWS\system32\vcomp.dll
2010-09-01 10:56:01 ----A---- C:\WINDOWS\system32\xmltok.dll
2010-09-01 10:56:01 ----A---- C:\WINDOWS\system32\xmlparse.dll
2010-09-01 10:56:01 ----A---- C:\WINDOWS\system32\xmlinst.exe
2010-09-01 10:56:01 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-09-01 10:56:01 ----A---- C:\WINDOWS\system32\vp6vfw.dll
2010-09-01 10:56:01 ----A---- C:\WINDOWS\system32\vp6install.exe
2010-08-31 21:00:35 ----A---- C:\WINDOWS\system32\drivers\cpuz134_x32.sys
2010-08-31 21:00:34 ----D---- C:\Program Files\CPUID
2010-08-30 02:39:07 ----D---- C:\Program Files\WSDReader
2010-08-30 02:39:02 ----D---- C:\Fakturace6_0
2010-08-30 02:38:40 ----D---- C:\Cromelin
2010-08-15 23:09:52 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-15 23:09:30 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-15 21:47:52 ----D---- C:\Documents and Settings\Administrátor\Data aplikací\Keepsoft
2010-08-15 21:47:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Keepsoft
2010-08-15 21:47:01 ----D---- C:\Program Files\Keepsoft
2010-08-15 21:18:33 ----D---- C:\Program Files\Winamp
2010-08-15 21:18:33 ----D---- C:\Documents and Settings\Administrátor\Data aplikací\Winamp
2010-08-15 19:10:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\SlySoft
2010-08-15 19:09:57 ----D---- C:\Program Files\SlySoft
2010-08-14 15:23:09 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-08-14 15:23:09 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-08-14 15:23:08 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-08-14 15:23:07 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-08-14 15:23:07 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-08-14 15:23:06 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-08-14 15:23:05 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-08-14 15:23:05 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-08-14 15:23:05 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-08-14 15:23:04 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-08-14 15:23:04 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-08-14 15:23:03 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-08-14 15:23:03 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-08-14 15:23:03 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-08-14 15:23:03 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-08-14 15:23:02 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-08-14 15:23:02 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-08-14 15:23:02 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-08-14 15:23:02 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-08-14 15:23:01 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-08-14 15:23:01 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-08-14 15:23:01 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-08-14 15:23:01 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-08-14 15:23:00 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-08-14 15:23:00 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-08-14 15:23:00 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-08-14 15:22:59 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-08-14 15:22:59 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-08-14 15:22:58 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-08-14 15:22:58 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-08-14 15:22:57 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-08-14 15:22:57 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-08-14 15:22:57 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-08-14 15:22:57 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-08-14 15:22:56 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-08-14 15:22:56 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-08-14 15:22:55 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-08-14 15:22:55 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-08-14 15:22:54 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-08-14 15:22:54 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-08-14 15:22:54 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-08-14 15:22:53 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-08-14 15:22:53 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-08-14 15:22:52 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-08-14 15:22:52 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-08-14 15:22:51 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-08-14 15:22:51 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-08-14 15:22:51 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-08-14 15:22:51 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-08-14 15:22:45 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-08-14 15:22:39 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-08-14 15:22:39 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-08-14 15:22:34 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-08-14 15:22:33 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-08-14 15:22:32 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-08-14 15:22:32 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-08-14 10:49:39 ----D---- C:\Program Files\Defense Grid - The Awakening
2010-08-09 07:18:49 ----D---- C:\Program Files\Moai
2010-08-06 01:59:06 ----D---- C:\Documents and Settings\Administrátor\Data aplikací\Western Digital
2010-08-06 01:59:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Western Digital
2010-08-06 01:58:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-08-06 01:58:49 ----A---- C:\WINDOWS\system32\drivers\wdcsam.sys
2010-08-06 01:58:26 ----D---- C:\Program Files\Western Digital

======List of files/folders modified in the last 1 months======

2010-09-03 17:04:22 ----D---- C:\WINDOWS\Prefetch
2010-09-03 17:04:20 ----D---- C:\Program Files\trend micro
2010-09-03 16:54:38 ----D---- C:\WINDOWS\Temp
2010-09-03 16:17:47 ----D---- C:\Documents and Settings\Administrátor\Data aplikací\Skype
2010-09-03 16:16:08 ----D---- C:\WINDOWS\system32\drivers
2010-09-03 16:16:03 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-03 16:15:09 ----D---- C:\WINDOWS
2010-09-03 16:14:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-03 06:17:34 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-02 08:22:49 ----SHD---- C:\WINDOWS\Installer
2010-09-02 08:22:49 ----SHD---- C:\Config.Msi
2010-09-02 08:22:48 ----D---- C:\WINDOWS\WinSxS
2010-09-02 08:22:43 ----D---- C:\WINDOWS\system32
2010-09-02 06:47:58 ----RD---- C:\Program Files
2010-09-01 11:43:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-31 21:35:31 ----D---- C:\Program Files\Mozilla Firefox
2010-08-29 23:05:40 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-08-29 22:36:11 ----D---- C:\Program Files\Opera
2010-08-29 19:08:19 ----D---- C:\WINDOWS\Logs
2010-08-29 19:00:50 ----D---- C:\WINDOWS\system32\DirectX
2010-08-29 19:00:49 ----HD---- C:\WINDOWS\inf
2010-08-15 23:09:30 ----D---- C:\Program Files\Common Files
2010-08-15 21:12:02 ----D---- C:\Documents and Settings\Administrátor\Data aplikací\vlc
2010-08-14 16:56:46 ----D---- C:\Program Files\Wisdom-soft ScreenHunter 5 Free
2010-08-14 15:41:48 ----RSD---- C:\WINDOWS\assembly
2010-08-06 21:18:35 ----D---- C:\Program Files\Ahead

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-09-02 82816]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2005-08-13 61312]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-09-13 11136]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 cpuz134;cpuz134; \??\C:\WINDOWS\system32\drivers\cpuz134_x32.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-01-16 12970]
R3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\ognpj.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-11-22 3804416]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2009-12-19 104512]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-16 6853088]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-06-30 33664]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-06-30 12928]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2007-05-10 10343552]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-09-13 10752]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
S1 seneka;seneka; C:\WINDOWS\system32\drivers\senekahtaxtnsb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-09-13 258560]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-03 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-16 155716]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[earl]

Zdravim,

CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!

Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.

Budte prihlasen na pc s administratorskymi pravy.

V operacnich systemech Windows Vista a Windows 7 je nutno spoustet aplikaci jako spravce (kliknutim pravym tlacitkem mysi na ikonu ComboFixu a klepnutim levym na volbu "Spustit jako spravce")

stahnete a ulozte nejlepe na plochu ComboFix

v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.

hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:



pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120



odklepnout OK

Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

[Mongo]

Log z ComboFix:

ComboFix 10-09-04.06 - Administrátor 03.09.2010 17:44:43.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.1535.1061 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrátor\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Firefox\extensions\{ADF46B89-B103-4486-A510-3206F2CC3D7B}
c:\program files\Mozilla Firefox\extensions\{ADF46B89-B103-4486-A510-3206F2CC3D7B}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{ADF46B89-B103-4486-A510-3206F2CC3D7B}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{ADF46B89-B103-4486-A510-3206F2CC3D7B}\install.rdf
c:\windows\system32\drivers\seneka.sys
c:\windows\system32\senekaiwoomdxl.dat
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ABP470N5
-------\Legacy_seneka
-------\Service_abp470n5
-------\Service_seneka


((((((((((((((((((((((((( Soubory vytvořené od 2010-08-03 do 2010-09-03 )))))))))))))))))))))))))))))))
.

2010-09-02 06:22 . 2010-09-02 06:22 -------- d-----w- c:\program files\MSXML 4.0
2010-09-02 04:48 . 2010-09-02 04:48 -------- d-----w- C:\ERGOM
2010-09-02 04:47 . 2010-09-02 04:47 -------- d-----w- c:\program files\LAN Consult
2010-09-02 04:47 . 2010-09-02 04:47 -------- d-----w- c:\program files\Evidence Médií
2010-08-31 19:00 . 2010-07-09 11:18 20328 ----a-w- c:\windows\system32\drivers\cpuz134_x32.sys
2010-08-31 19:00 . 2010-08-31 19:00 -------- d-----w- c:\program files\CPUID
2010-08-30 00:39 . 2010-08-30 00:39 -------- d-----w- c:\program files\WSDReader
2010-08-30 00:39 . 2010-08-31 18:02 -------- d-----w- C:\Fakturace6_0
2010-08-30 00:38 . 2010-09-03 05:14 -------- d-----w- C:\Cromelin
2010-08-15 21:09 . 2010-08-15 21:09 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-15 21:09 . 2010-08-15 21:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-15 19:47 . 2010-08-15 19:47 -------- d-----w- c:\program files\Keepsoft
2010-08-15 19:18 . 2010-08-15 19:19 -------- d-----w- c:\program files\Winamp
2010-08-15 17:09 . 2010-08-15 17:21 -------- d-----w- c:\program files\SlySoft
2010-08-14 13:22 . 2008-05-30 12:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-08-14 08:49 . 2010-08-14 08:49 -------- d-----w- c:\program files\Defense Grid - The Awakening
2010-08-09 05:18 . 2010-08-09 05:18 -------- d-----w- c:\program files\Moai
2010-08-05 23:58 . 2010-08-05 23:58 -------- dc----w- c:\windows\system32\DRVSTORE
2010-08-05 23:58 . 2009-02-13 09:02 11520 ----a-w- c:\windows\system32\drivers\wdcsam.sys
2010-08-05 23:58 . 2010-08-05 23:58 -------- d-----w- c:\program files\Western Digital

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-03 15:04 . 2010-06-15 22:21 -------- d-----w- c:\program files\trend micro
2010-09-02 04:43 . 2010-06-15 19:51 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2010-09-01 09:44 . 2010-09-01 08:56 -------- d-----w- c:\program files\DirectX
2010-08-29 21:05 . 2010-07-15 04:15 225280 ----a-w- c:\windows\system32\NeroCheck.exe
2010-08-29 20:36 . 2010-06-27 19:39 -------- d-----w- c:\program files\Opera
2010-08-14 14:56 . 2010-06-16 08:47 -------- d-----w- c:\program files\Wisdom-soft ScreenHunter 5 Free
2010-08-06 19:18 . 2010-07-15 04:15 -------- d-----w- c:\program files\Ahead
2010-08-03 19:43 . 2010-06-15 21:08 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-03 19:43 . 2004-08-18 12:00 522206 ----a-w- c:\windows\system32\perfh005.dat
2010-08-03 19:43 . 2004-08-18 12:00 127162 ----a-w- c:\windows\system32\perfc005.dat
2010-08-03 19:43 . 2010-08-03 19:43 0 ----a-w- c:\windows\system32\REN381.tmp
2010-08-03 19:43 . 2010-08-03 19:43 0 ----a-w- c:\windows\system32\REN380.tmp
2010-08-03 19:43 . 2010-08-03 19:43 0 ----a-w- c:\windows\system32\REN37F.tmp
2010-08-03 10:40 . 2010-06-16 08:48 -------- d-----w- c:\program files\Winamp Detect
2010-08-03 10:38 . 2010-06-16 02:06 -------- d-----w- c:\program files\RegCleaner
2010-08-03 10:38 . 2010-06-15 21:09 -------- d-----w- c:\program files\The KMPlayer
2010-08-03 10:38 . 2010-07-17 17:47 -------- d-----w- c:\program files\Xvid
2010-07-30 21:11 . 2010-06-20 11:27 -------- d-----w- c:\program files\MAtisDemo
2010-07-30 21:11 . 2010-07-29 06:55 -------- d---a-w- c:\program files\Furnish Pro
2010-07-19 12:05 . 2010-07-19 12:05 -------- d-----w- c:\program files\CiTrusSoft
2010-07-19 12:01 . 2010-06-15 21:18 -------- d-----w- c:\program files\Google
2010-07-19 11:46 . 2010-07-19 11:42 -------- d-----w- c:\program files\NeoTracePro
2010-07-19 03:05 . 2010-07-19 03:05 -------- d-----w- c:\program files\ALNO
2010-07-15 05:08 . 2010-07-15 05:08 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-15 04:15 . 2010-07-15 04:15 -------- d-----w- c:\program files\Common Files\Ahead
2010-06-22 03:40 . 2010-06-22 03:40 0 ----a-w- c:\windows\system32\RENC2.tmp
2010-06-22 03:40 . 2010-06-22 03:40 0 ----a-w- c:\windows\system32\RENC1.tmp
2010-06-22 03:40 . 2010-06-22 03:40 0 ----a-w- c:\windows\system32\RENC0.tmp
2010-06-22 03:30 . 2010-06-22 03:30 0 ----a-w- c:\windows\system32\REN5F.tmp
2010-06-22 03:30 . 2010-06-22 03:30 0 ----a-w- c:\windows\system32\REN5E.tmp
2010-06-16 14:07 . 2010-06-16 14:07 0 ----a-w- c:\windows\system32\REN33.tmp
2010-06-16 14:07 . 2010-06-16 14:07 0 ----a-w- c:\windows\system32\REN32.tmp
2010-06-16 14:05 . 2010-06-15 19:42 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-06-16 14:05 . 2010-06-15 19:42 2378 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-06-16 14:04 . 2010-06-15 19:42 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-06-15 20:52 . 2010-06-15 20:52 0 ----a-w- c:\windows\nsreg.dat
2010-06-15 19:40 . 2010-06-15 19:40 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-14 14:30 . 2010-06-15 19:40 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
1999-04-23 22:22 . 1999-04-23 22:22 12 --sha-w- c:\windows\system\WININETICMP32.drv
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26297128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2010-05-26 323976]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2010-08-29 225280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\SbPFCl.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Documents and Settings\\Administrátor\\Plocha\\HIDEIT.EXE"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=
"c:\\Program Files\\Avira\\AntiVir Desktop\\avgnt.exe"=
"c:\\Program Files\\BillP Studios\\WinPatrol\\winpatrol.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\calc.exe"=
"c:\\WINDOWS\\system32\\NeroCheck.exe"=
"d:\\Programmi\\LocMt2\\loc.bin"=
"c:\\Program Files\\Ahead\\Nero StartSmart\\NeroStartSmart.exe"=
"c:\\Program Files\\Kantaris\\Kantaris.exe"=
"c:\\Program Files\\SlySoft\\AnyDVD\\AnyDVDtray.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaws.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Western Digital\\WD SmartWare\\WD Drive Manager\\WDDMStatus.exe"=
"d:\\Games\\Heroes of the Pacific\\sr7stop10.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [15.6.2010 23:23 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [16.6.2010 0:24 135336]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [31.8.2010 21:00 20328]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [21.1.2010 16:24 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [15.6.2010 23:23 65576]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6.8.2010 1:58 11520]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: &NeoTrace It!
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrátor\Data aplikací\Mozilla\Firefox\Profiles\0jlkta4w.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-%Product_Name% 4.8.9F - c:\documents and settings\Administrátor\Plocha\Aplikace MB\Fakturky 4.8F\uninststall\uninstall.exe
AddRemove-Stranglehold - d:\games\Stghld\UNWISE.EXE
AddRemove-{CA9A3609-3ECC-4574-8824-A8161A71A603} - c:\windows\system32\CanonMP Uninstaller Information\{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe
AddRemove-Winamp Detect - c:\program files\Winamp Detect\UninstWaDetect.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-03 17:59
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2772)
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
.
**************************************************************************
.
Celkový čas: 2010-09-03 18:06:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-03 16:06

Před spuštěním: 5 884 932 096
Po spuštění: 5 815 218 176

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 4842D055DEE7AF367BADEF4D627ED724

[Mongo]

problem byl vyresen pomoci programu WinXP Manager. tam jsem povolil spousteni pripony .REG a potom mi sel spustit regedit, a v regeditu jsem zmenil DisableTaskMgr. dekuji za pomoc

[earl]

ComboFix byl spusten vcera,dejte log z dnesni verze.V logu je videt nesrovnalosti k odstraneni.

[Mongo]

Combofix byl spusten dneska, v PC mam spatny cas a datum, znamy rikal ze mam vybitou baterku na zakladni desce a proto se neaktualizuje cas.

[earl]

Stahnete si OTM , spustte (pokud mate vistu spuste run as administrator) a
do leveho policka se zlutym hornim okrajem Paste Instructions for Items to be Moved zkopirujte toto:

Kód: Vybrat vše

:processes
explorer.exe
:files
c:\windows\system32\REN381.tmp
c:\windows\system32\REN380.tmp
c:\windows\system32\REN37F.tmp
c:\windows\system32\RENC2.tmp
c:\windows\system32\RENC1.tmp
c:\windows\system32\RENC0.tmp
c:\windows\system32\REN5F.tmp
c:\windows\system32\REN5E.tmp
c:\windows\system32\REN33.tmp
c:\windows\system32\REN32.tmp
:services
:reg
:commands
[emptytemp]
[resethosts]
[start explorer]
[reboot]

Kliknete na MoveIt, v okne se zelenym hornim okrajem Results se objevi vysledek,obsah okna zkopirujte sem. Kdyby OTMoveIt vyzadoval restart - povolit. Nasledujici log najdete v C:\_OTMoveIt\MovedFiles\xxxxx.log (x je zastupny znak) ktery otevrete v poznamkovem bloku.

[Mongo]

po restartu na me vybaflo toto, tak doufam ze je to ono:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\windows\system32\REN381.tmp moved successfully.
c:\windows\system32\REN380.tmp moved successfully.
c:\windows\system32\REN37F.tmp moved successfully.
c:\windows\system32\RENC2.tmp moved successfully.
c:\windows\system32\RENC1.tmp moved successfully.
c:\windows\system32\RENC0.tmp moved successfully.
c:\windows\system32\REN5F.tmp moved successfully.
c:\windows\system32\REN5E.tmp moved successfully.
c:\windows\system32\REN33.tmp moved successfully.
c:\windows\system32\REN32.tmp moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrátor
->Temp folder emptied: 16630 bytes
->Temporary Internet Files folder emptied: 82322 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35863295 bytes
->Opera cache emptied: 12296269 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Metin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 32409260 bytes
->Opera cache emptied: 15442813 bytes
->Flash cache emptied: 2344 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Video avi

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 582088 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 17132 bytes

Total Files Cleaned = 94,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.15.0 log created on 09032010_192831

Files moved on Reboot...
File C:\Documents and Settings\Administrátor\Local Settings\Temp\Perflib_Perfdata_990.dat not found!

Registry entries deleted on Reboot...

[earl]

Ok,jak se chova pc ted?

[Mongo]

rekl bych v poradku, dokonce se mi zda ze je trosku rychlejsi, mozna protoze sem udelal sken programem Advanced System Care. jinak se zda byt vse v pohode . kazdopadne diky moc za pomoc

[earl]

Start - spustit - napiste ComboFix /Uninstall - a klepnout na OK,

pokud to takto nepujde,tak přejmenovat ComboFix.exe na Uninstall.exe a spustit ho.

Stahnete OTC

spustte a klepnete na CleanUp.



Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.

A nemate zac.

[Mongo]

a prosím vás, jeste bych se chtel zeptat mam antivir avira, a ten mi neustale hlasi javu jako vir konkretne : C:\Program Files\Java\jre6\bin\javaw.exe je to normalni? mam moznost pouze remove nebo details, kdyz "removuju" tak se mi java smaze a nebude fungovat, kdyz dam deails, tam muzu zvolit z moznosti - Ignore, Repair, Delete, Move to quarantine, Rename, Always ignore. Ignore nefunguje, porad pise ze je to vir, repair to same, delete nemuzu(smaze se), karantena taky pak nebude fungovat soubor, rename to same, always ignore - taky porad pise ze je to vir ( pak se mi to same stava se soubory nero.exe, cpuz.exe a AnyDVD.exe .....zkusim pres noc dat sken antivirem a rano uvidime

[earl]

Dle meho nazoru se jedna o falesny poplach.

Aktualizujte databazi Aviry a pokud to bude hlasit vir porad u zminenych souboru,otestujte je po jednom na VIRUSTOTALu.

Odkazy na vysledky mi dejte sem.

[Mongo]

áách ano , já uplne zapomnel na aktualizace....problem vyresen...dekuji moc

[earl]

Nemate vubec zac