Malwarebytes našel toto. Nevím jestli to mohu smazat?

[ralcar]

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verze databáze: 5110

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

14.11.2010 2:12:55
mbam-log-2010-11-14 (02-12-55).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 226972
Uplynulý čas: 1 hodina(y), 2 minuta(y), 18 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 6

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\System Volume Information\_restore{5E6A668C-2444-4852-ABA3-3E1EC2DDB279}\RP696\A0143530.exe (Malware.Tool) -> No action taken.
C:\System Volume Information\_restore{5E6A668C-2444-4852-ABA3-3E1EC2DDB279}\RP742\A0148283.exe (RiskWare.Tool.CK) -> No action taken.
C:\System Volume Information\_restore{5E6A668C-2444-4852-ABA3-3E1EC2DDB279}\RP745\A0148638.exe (RiskWare.Tool.CK) -> No action taken.
C:\System Volume Information\_restore{5E6A668C-2444-4852-ABA3-3E1EC2DDB279}\RP747\A0149003.exe (RiskWare.Tool.CK) -> No action taken.
C:\System Volume Information\_restore{5E6A668C-2444-4852-ABA3-3E1EC2DDB279}\RP747\A0149168.exe (RiskWare.Tool.CK) -> No action taken.
C:\System Volume Information\_restore{5E6A668C-2444-4852-ABA3-3E1EC2DDB279}\RP748\A0149323.exe (RiskWare.Tool.CK) -> No action taken.

Log z Combo fix
ComboFix 10-11-12.06 - Radim 14.11.2010 3:05.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2558.1971 [GMT 1:00]
Spuštěný z: c:\documents and settings\Radim\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\All Users\Data aplikací\page
c:\documents and settings\All Users\Data aplikací\page\page.ico
c:\documents and settings\All Users\Data aplikací\page\page.URL
c:\documents and settings\Radim\Local Settings\Temporary Internet Files\dxva_sig.txt
c:\windows\system32\drivers\sluotl.sys
c:\windows\system32\vbzlib1.dll

----- BITS: Možné infikované stránky -----

hxxp://au.download.windowsupdatej+|Cv+@J:NGD_DQ{zcxLJS@A[DOv"vWU Client DownloadS-1-5-18`HT4?? 6VwoQZCDHM6VwoQZCDHMXuncxLJS@GD_DQ{zGD_DQ{zGD_DQ{z+@J:Nj+|Cvte.com
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ncgxu


((((((((((((((((((((((((( Soubory vytvořené od 2010-10-14 do 2010-11-14 )))))))))))))))))))))))))))))))
.

2010-11-13 23:00 . 2010-11-13 23:00 -------- d-----w- c:\documents and settings\Radim\Data aplikací\Malwarebytes
2010-11-13 22:59 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-13 22:59 . 2010-11-13 22:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-13 22:59 . 2010-11-13 22:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-11-13 22:59 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-13 07:15 . 2010-11-13 07:15 -------- d-----w- c:\windows\system32\wbem\Repository
2010-11-12 19:00 . 2010-11-13 07:15 -------- d-----w- c:\program files\Utajeny svet umeni 2
2010-11-10 01:57 . 2009-12-30 10:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-11-10 01:57 . 2010-11-13 07:11 -------- d-----w- c:\program files\VS Revo Group
2010-11-03 16:13 . 2010-11-03 16:13 -------- d-----w- c:\documents and settings\Radim\Data aplikací\SUPERAntiSpyware.com
2010-11-03 16:13 . 2010-11-03 16:13 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-11-03 16:05 . 2010-11-03 16:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2010-10-25 13:00 . 2010-10-25 13:00 -------- d-----w- C:\Testy
2010-10-24 19:38 . 2008-10-27 08:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2010-10-24 19:02 . 2010-10-24 19:21 -------- d-----w- c:\documents and settings\Radim\Local Settings\Data aplikací\ApplicationHistory
2010-10-24 18:12 . 2010-10-24 18:12 -------- d-----w- c:\windows\Logs
2010-10-24 17:54 . 2010-10-24 18:11 -------- d-----w- C:\Directx
2010-10-24 16:29 . 2010-10-24 16:29 -------- d-----w- c:\documents and settings\Radim\Local Settings\Data aplikací\PackageAware

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-02 04:06 . 2010-08-25 15:22 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-10-02 04:06 . 2010-08-25 15:22 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2010-10-02 04:06 . 2010-08-25 15:22 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-10-02 04:06 . 2010-08-25 15:22 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-09-21 11:36 . 2008-04-14 12:00 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-09-18 10:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-11 16:30 . 2010-09-11 16:30 673280 ----a-w- c:\windows\is-PI55A.exe
2010-09-10 05:52 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-07 15:12 . 2010-07-12 01:44 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-07-12 01:44 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-07-12 01:44 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-07-12 01:44 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-07-12 01:44 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-07-12 01:44 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-07-12 01:44 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-07-12 01:44 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-07-12 01:44 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2008-04-14 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2008-04-14 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2008-04-14 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2008-04-14 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-17 13:02 . 2010-10-11 09:15 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2010-08-17 13:02 . 2009-12-31 18:05 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-08-16 08:45 . 2008-04-14 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

------- Sigcheck -------

[-] 2010-09-21 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys

[-] 2009-10-16 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-25 737369]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-10-02 04:06 87424 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2010-01-27 10:22 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDCPL"=RTHDCPL.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Aplikace\\Balicky\\asa\\win32\\dbeng7.exe"=
"c:\\Aplikace\\Balicky\\j2re1.4.2_03\\bin\\java.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12.7.2010 2:44 165584]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.7.2010 2:44 17744]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [27.1.2010 11:22 12856]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [3.1.2010 20:52 27632]
S1 sp_rsdrv2;Spyware Terminator Driver 2;\??\c:\windows\system32\drivers\sp_rsdrv2.sys --> c:\windows\system32\drivers\sp_rsdrv2.sys [?]
S3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [21.3.2010 2:49 41120]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [9.6.2010 13:11 13224]
S3 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31.12.2009 19:13 135664]
S3 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [3.1.2010 20:52 90112]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [21.9.2010 15:01 14424]
S3 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [1.9.2010 3:27 583640]
S3 Ptserli;PCTEL Serial Device Driver for INTEL;c:\windows\system32\drivers\ptserli.sys [31.12.2009 18:34 128286]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10.11.2010 2:57 27064]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [3.1.2010 20:52 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [3.1.2010 20:52 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [3.1.2010 20:52 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [3.1.2010 20:52 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [3.1.2010 20:52 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [3.1.2010 20:52 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [3.1.2010 20:52 115752]
S4 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [3.10.2010 17:39 374152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2010-11-14 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-03-30 19:55]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: WikiKomentáře Google...
FF - ProfilePath - c:\documents and settings\Radim\Data aplikací\Mozilla\Firefox\Profiles\79rxv5ay.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&q=
FF - component: c:\documents and settings\Radim\Data aplikací\Mozilla\Firefox\Profiles\79rxv5ay.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-299502267-362288127-1177238915-1004\Software\SecuROM\License information*]
"datasecu"=hex:5d,c4,fe,92,b8,4b,5d,bb,fa,2e,16,f1,cd,56,85,7b,40,73,24,23,6c,
1a,f8,1d,ca,27,64,16,49,de,1b,55,77,82,c2,28,3f,d0,58,ee,b8,2b,1a,11,f9,c1,\
"rkeysecu"=hex:86,82,86,c2,a9,cd,c7,db,05,03,86,b9,5c,6e,38,0b

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1072)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll

- - - - - - - > 'explorer.exe'(1236)
c:\windows\system32\webcheck.dll
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\program files\Common Files\Microsoft Shared\Web Components\10\1029\OWCI10.DLL
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
c:\program files\Common Files\Microsoft Shared\Web Components\11\1029\OWCI11.DLL
c:\windows\system32\msls31.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-11-14 03:13:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-14 02:13

Před spuštěním: Volných bajtů: 16 441 176 064
Po spuštění: Volných bajtů: 16 703 119 360

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - CAB5C58AADC785705E7D8130BD22410B

[Rudy]

To, co MBAM našel, jsou riskwary v záloze systému. Smažte. Dále CF našel a smazal také několik položek. Zbytek logu CF vypadá čistý.

[ralcar]

Díky.

[Rudy]

Nemáte zač!

[ralcar]

Dobrý den Rudy.
Dost se mi zahřívá noťas i když nepracuji. Pravidelně ho luxuji. Přikládám seznam procesů

D.jpg

(124.08 KiB) Staženo 67 x

[Rudy]

Zdravím!
Všechny procesy jsou legitimní. Navíc kromě taskmgr (odebírá 1% syst. prostředků) jsou ostatní nečinné. Skutečností je, že NTB se zahřívají trochu více, než stolní PC. Nainstalujte Speedfan: http://www.stahuj.centrum.cz/utility_a_ ... /speedfan/ a v průběhu chodu sledujte teplotu.