Prosim o kontrolu logu - Zasekane PC

[Drusik]

Dobry den prosim o kontrolu logu na mem druhem PC.Je sice starsi ale ne zase tolik dost se seka.Prikladam log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jarda at 2010-10-26 16:45:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (42%) free of 30 GB
Total RAM: 1023 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:49, on 26.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jarda\Plocha\Čištení PC\RSIT.exe
C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} (Ovi maps browser plugin) - http://static.s2g.gate5.de/ovi_maps/Ovi ... .12.12.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/5 ... oader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

--
End of file - 8801 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-01-19 1654272]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]
"Launch LGDCore"=C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe [2006-07-23 1126400]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-03-25 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\adobeupdi.exe"="C:\WINDOWS\adobeupdi.exe:*:Enabled:adobeupdi"
"C:\WINDOWS\adobeupdm.exe"="C:\WINDOWS\adobeupdm.exe:*:Enabled:adobeupdm"
"C:\Program Files\Loki\Loki.exe"="C:\Program Files\Loki\Loki.exe:*:Enabled:Loki"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
"C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Documents and Settings\Jarda\Plocha\Honza MATURITA\Return to Castle Wolfenstein\WolfMP.exe"="C:\Documents and Settings\Jarda\Plocha\Honza MATURITA\Return to Castle Wolfenstein\WolfMP.exe:*:Disabled:WolfMP"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 3 months======

2010-10-26 16:45:40 ----D---- C:\Program Files\trend micro
2010-10-26 16:45:39 ----D---- C:\rsit
2010-10-26 16:38:18 ----D---- C:\Program Files\HD Tune
2010-10-26 14:37:23 ----D---- C:\Program Files\Defraggler
2010-10-26 14:29:09 ----D---- C:\Program Files\CCleaner
2010-10-20 14:30:22 ----A---- C:\WINDOWS\system32\javaws.exe
2010-10-20 14:30:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-10-20 14:30:22 ----A---- C:\WINDOWS\system32\java.exe
2010-09-26 17:03:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
2010-09-26 17:01:35 ----D---- C:\Program Files\Games
2010-09-23 17:45:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Western Digital
2010-09-23 17:45:40 ----A---- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
2010-09-23 17:45:29 ----A---- C:\WINDOWS\system32\drivers\wdcsam.sys
2010-09-23 17:44:43 ----D---- C:\Program Files\Western Digital
2010-09-17 14:42:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-09-14 15:55:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
2010-09-06 18:56:58 ----D---- C:\Program Files\Common Files\PCSuite
2010-09-05 18:46:46 ----D---- C:\Program Files\Any Audio Converter
2010-09-05 18:24:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-09-05 18:24:07 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-09-05 09:45:58 ----A---- C:\WINDOWS\ModemLog_Nokia N85 USB Modem.txt
2010-08-08 09:26:56 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2010-07-28 12:00:28 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2010-07-28 12:00:27 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-07-28 12:00:27 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2010-07-28 12:00:26 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-07-28 12:00:25 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-07-28 12:00:23 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-07-28 12:00:23 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-07-28 12:00:23 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-07-28 11:58:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2010-07-28 11:12:50 ----AC---- C:\WINDOWS\system32\ptpusb.dll
2010-07-28 11:12:49 ----AC---- C:\WINDOWS\system32\ptpusd.dll

======List of files/folders modified in the last 3 months======

2010-10-26 16:45:49 ----D---- C:\WINDOWS\Prefetch
2010-10-26 16:45:40 ----RD---- C:\Program Files
2010-10-26 14:40:36 ----D---- C:\WINDOWS\Temp
2010-10-26 14:36:28 ----D---- C:\Program Files\Google
2010-10-26 14:36:15 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-10-26 14:31:21 ----D---- C:\WINDOWS
2010-10-26 14:30:56 ----D---- C:\WINDOWS\Minidump
2010-10-26 14:30:56 ----D---- C:\WINDOWS\Debug
2010-10-25 19:42:54 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-10-25 16:18:43 ----D---- C:\Program Files\Spyware Terminator
2010-10-24 20:47:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-24 10:34:58 ----SHD---- C:\WINDOWS\Installer
2010-10-24 10:34:58 ----HD---- C:\Config.Msi
2010-10-24 10:30:48 ----D---- C:\WINDOWS\system32
2010-10-24 09:43:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-10-23 18:55:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-20 14:30:19 ----D---- C:\Program Files\Java
2010-10-16 22:56:53 ----HD---- C:\WINDOWS\inf
2010-10-16 22:56:46 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-16 22:56:33 ----D---- C:\WINDOWS\system32\drivers
2010-10-16 22:56:23 ----D---- C:\WINDOWS\WinSxS
2010-10-16 22:55:43 ----D---- C:\Program Files\Internet Explorer
2010-10-16 22:55:31 ----D---- C:\WINDOWS\ie8updates
2010-10-16 22:47:08 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-11 17:34:33 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-10-10 10:18:04 ----D---- C:\Documents and Settings\Jarda\Data aplikací\PC Suite
2010-10-06 12:49:45 ----RSD---- C:\WINDOWS\assembly
2010-10-06 12:47:46 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-06 12:39:01 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-23 17:45:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-18 12:23:38 ----A---- C:\WINDOWS\system32\mfc42u.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc42.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc40u.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc40.dll
2010-09-17 15:42:35 ----D---- C:\Program Files\Alwil Software
2010-09-15 04:50:37 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-09-10 07:52:35 ----A---- C:\WINDOWS\system32\wininet.dll
2010-09-10 07:52:35 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-09-10 07:52:34 ----N---- C:\WINDOWS\system32\occache.dll
2010-09-10 07:52:34 ----N---- C:\WINDOWS\system32\mstime.dll
2010-09-10 07:52:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-09-10 07:52:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-09-10 07:52:31 ----N---- C:\WINDOWS\system32\jsproxy.dll
2010-09-10 07:52:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-09-10 07:52:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-09-10 07:52:31 ----A---- C:\WINDOWS\system32\licmgr10.dll
2010-09-10 07:52:31 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-09-10 07:52:30 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-09-10 07:52:30 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-09-10 07:52:26 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2010-09-07 19:06:23 ----D---- C:\WINDOWS\network diagnostic
2010-09-07 17:11:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-09-06 18:58:12 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Nokia
2010-09-06 18:57:24 ----D---- C:\Program Files\DIFX
2010-09-06 18:56:58 ----D---- C:\Program Files\Common Files
2010-09-06 18:56:46 ----D---- C:\Program Files\Nokia
2010-09-06 18:56:46 ----D---- C:\Program Files\Common Files\Nokia
2010-09-06 18:55:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-09-05 18:25:28 ----D---- C:\WINDOWS\Globalization
2010-09-05 18:25:11 ----RSD---- C:\WINDOWS\Fonts
2010-09-01 13:52:28 ----A---- C:\WINDOWS\system32\atmfd.dll
2010-08-27 10:03:42 ----A---- C:\WINDOWS\system32\t2embed.dll
2010-08-27 07:54:10 ----A---- C:\WINDOWS\system32\srvsvc.dll
2010-08-27 03:43:50 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2010-08-26 14:22:32 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2010-08-25 23:36:02 ----A---- C:\WINDOWS\system32\wmp.dll
2010-08-23 18:12:35 ----A---- C:\WINDOWS\system32\comctl32.dll
2010-08-22 18:09:24 ----D---- C:\WINDOWS\system32\Adobe
2010-08-18 18:39:18 ----D---- C:\Program Files\Common Files\Java
2010-08-17 15:17:06 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-08-16 10:45:05 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2010-08-13 16:11:58 ----D---- C:\Program Files\Movie Maker
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-06 717296]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-06-13 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-06-13 25888]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2003-08-04 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-08-04 11392]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2003-11-10 174464]
S3 agv7qed0;agv7qed0; C:\WINDOWS\system32\drivers\agv7qed0.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 ivusb;Initio Driver for USB Default Controller; C:\WINDOWS\system32\DRIVERS\ivusb.sys [2010-03-10 24216]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-07-29 110592]
R2 WDFME;WD File Management Engine; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-07-29 952832]
R2 WDSC;WD File Management Shadow Engine; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-07-29 483840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

HJT najdeš zde :

C:\Program Files\trend micro\Jarda.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

NMIndexingService

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !


Pak použij Mbam z mého podpisu a dej mi sem z něj log dříve než něco smažeš.

[Drusik]

Omlouvam se zpozdeni ale driv sem se k tomu nedostal tady je log z MBAmu:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4971

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28.10.2010 12:24:49
mbam-log-2010-10-28 (12-24-49).txt

Typ skenu: Rychlý sken
Skenované objekty: 138717
Uplynulý čas: 7 minuta(y), 58 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Roli]

To co Mbam našel nech smazat.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

[Drusik]

tady je log:

ComboFix 10-10-28.03 - Jarda 29.10.2010 10:32:57.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.736 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jarda\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-28 do 2010-10-29 )))))))))))))))))))))))))))))))
.

2010-10-28 09:23 . 2010-10-28 09:23 -------- d-----w- c:\documents and settings\Jarda\Data aplikací\Malwarebytes
2010-10-28 09:23 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-28 09:23 . 2010-10-28 09:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-28 09:23 . 2010-10-28 09:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-10-28 09:23 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-26 14:45 . 2010-10-28 09:18 -------- d-----w- c:\program files\trend micro
2010-10-26 14:45 . 2010-10-26 14:45 -------- d-----w- C:\rsit
2010-10-26 14:38 . 2010-10-26 14:38 -------- d-----w- c:\program files\HD Tune
2010-10-26 12:37 . 2010-10-26 12:37 -------- d-----w- c:\program files\Defraggler
2010-10-26 12:29 . 2010-10-26 12:29 -------- d-----w- c:\program files\CCleaner
2010-10-24 08:14 . 2010-10-24 08:14 -------- d-sh--w- c:\documents and settings\Jarda\Phone Browser
2010-10-16 19:09 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-16 19:09 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2006-03-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2006-03-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 02:50 . 2010-04-26 13:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 00:29 . 2009-01-21 07:43 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 05:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-07 15:12 . 2010-09-17 12:43 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2009-07-10 20:08 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2009-07-10 20:08 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2009-07-10 20:08 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2009-07-10 20:08 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2009-07-10 20:08 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2009-07-10 20:08 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2009-07-10 20:08 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2009-07-10 20:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2006-03-02 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2006-03-02 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2006-03-02 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2006-03-02 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2006-03-02 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2006-03-02 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2006-05-18 450560]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
"nwiz"="nwiz.exe" [2007-04-19 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-19 86016]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-7-29 4456448]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.7.2009 22:08 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.7.2009 22:08 17744]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [29.7.2010 15:26 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [29.7.2010 15:25 952832]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [29.7.2010 15:24 483840]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [10.3.2010 8:18 24216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [28.7.2010 12:00 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [28.7.2010 12:00 8320]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [23.9.2010 17:45 11520]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.1.2009 22:24 717296]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMaps_4.0.12.12.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-29 10:36
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-10-29 10:38:19
ComboFix-quarantined-files.txt 2010-10-29 08:38

Před spuštěním: Volných bajtů: 16 228 634 624
Po spuštění: Volných bajtů: 18 417 819 648

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - E77EF8017FCE017B70991A2A84F406BD

[Roli]

Něco smazáno zbytek v pořádku.


Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

[Drusik]

PC bezi vpohode plynule Dekuji

[Roli]

Není zač.