Re: Další FB vir
Napsal: 25 črc 2011 20:34
Tak jsem aplikoval ten AVGRemover, tenhle log je ale ještě před jeho aplikací:
ComboFix 11-07-25.02 - Petra 25.07.2011 21:23:28.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1396 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petra\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petra\Plocha\CFScript.txt
AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-25 do 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-25 19:17 . 2011-07-25 19:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\ATI
2011-07-25 19:15 . 2011-07-25 19:15 -------- d-----w- c:\program files\AMD APP
2011-07-25 19:14 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-07-25 19:12 . 2011-07-25 19:12 -------- d-----w- C:\ATI
2011-07-25 18:40 . 2011-07-25 18:40 -------- d-----w- c:\documents and settings\Petra\Local Settings\Data aplikací\ATI
2011-07-25 18:40 . 2011-07-25 18:40 -------- d-----w- c:\documents and settings\Petra\Data aplikací\ATI
2011-07-25 18:36 . 2011-07-25 18:36 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-07-25 18:35 . 2011-07-25 18:35 -------- d-----w- c:\program files\ATI
2011-07-25 18:34 . 2011-07-25 19:15 -------- d-----w- c:\program files\ATI Technologies
2011-07-25 17:57 . 2011-07-25 17:57 0 ----a-w- c:\windows\ativpsrm.bin
2011-07-25 17:56 . 2011-05-25 04:15 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-07-25 17:56 . 2011-05-25 02:56 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-25 17:55 . 2010-07-21 11:30 101904 ----a-r- c:\windows\system32\drivers\AtihdXP3.sys
2011-07-25 17:00 . 2011-07-25 17:01 -------- d-----w- c:\program files\trend micro
2011-07-25 17:00 . 2011-07-25 17:01 -------- d-----w- C:\rsit
2011-07-25 13:55 . 2011-07-25 13:55 -------- d-----w- c:\program files\ESET
2011-07-25 12:43 . 2011-07-25 12:43 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-07-25 11:58 . 2011-07-25 11:58 -------- d-----w- c:\windows\system32\wbem\Framework
2011-07-24 20:28 . 2011-07-24 21:41 -------- d-----w- c:\documents and settings\Petra\Data aplikací\TeamViewer
2011-07-24 20:28 . 2011-07-24 20:28 -------- d-----w- c:\program files\TeamViewer
2011-07-22 14:50 . 2011-07-22 14:50 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\Data aplikací\DSS
2011-07-22 14:50 . 2011-07-22 14:50 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Codemasters
2011-07-22 14:43 . 2011-07-22 14:43 -------- d-----w- c:\windows\system32\xlive
2011-07-22 14:43 . 2011-07-22 14:43 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-07-22 14:42 . 2010-09-22 11:12 19087360 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-07-22 14:42 . 2011-03-19 13:16 1417216 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-07-22 14:42 . 2011-07-22 14:42 -------- d-----w- c:\program files\BRS
2011-07-21 16:35 . 2011-05-25 07:25 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-07-21 16:35 . 2011-05-25 07:25 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-07-21 16:10 . 2011-07-21 16:10 -------- d-----w- c:\documents and settings\UpdatusUser
2011-07-21 16:10 . 2011-07-21 16:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NVIDIA
2011-07-21 16:08 . 2011-04-08 05:14 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-07-21 16:08 . 2011-04-08 05:14 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-07-21 14:28 . 2011-07-25 10:35 -------- d-----w- c:\windows\system32\drivers\AVG
2011-07-19 18:24 . 2011-07-19 18:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Trymedia
2011-07-11 21:48 . 2011-07-11 21:48 12800 ----a-w- c:\program files\Mozilla Firefox\plugins\npwachk.dll
2011-07-09 12:46 . 2011-07-09 12:46 -------- d-----w- c:\documents and settings\Petra\Data aplikací\OpenOffice.org
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 14:42 . 2011-04-25 13:41 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-22 14:42 . 2011-04-25 13:41 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-07-20 13:20 . 2011-06-05 08:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-11 12:17 . 2011-04-09 11:51 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-07-07 15:39 . 2011-04-09 11:51 6367848 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-07-06 11:27 . 2011-04-09 11:51 60008 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-07-05 14:08 . 2011-04-09 11:51 20053608 ----a-w- c:\windows\RTHDCPL.EXE
2011-06-30 14:15 . 2011-04-09 11:51 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2011-06-17 16:11 . 2011-06-17 16:55 663424 ----a-w- c:\windows\system32\ezGOSvcApp.exe
2011-06-06 11:35 . 2004-08-18 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-28 15:21 . 2011-05-28 15:16 21840 ----atw- c:\windows\system32\SIntfNT.dll
2011-05-28 15:21 . 2011-05-28 15:16 17212 ----atw- c:\windows\system32\SIntf32.dll
2011-05-28 15:21 . 2011-05-28 15:16 12067 ----atw- c:\windows\system32\SIntf16.dll
2011-05-28 15:12 . 2011-05-28 15:12 94208 ----a-w- c:\windows\DIIUnin.exe
2011-05-28 15:12 . 2011-05-28 15:12 2829 ----a-w- c:\windows\DIIUnin.pif
2011-05-25 07:26 . 2011-04-07 20:15 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 07:26 . 2011-04-07 20:15 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 07:26 . 2011-04-07 20:15 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:26 . 2011-04-07 20:15 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:26 . 2011-04-07 20:15 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 07:26 . 2011-04-07 20:15 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-25 07:25 . 2011-04-09 12:00 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2011-04-09 12:00 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2011-04-09 12:00 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2011-04-09 12:00 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2011-04-09 12:00 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2011-04-09 12:00 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2011-04-09 12:00 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2011-04-09 12:00 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-25 04:21 . 2011-04-09 14:54 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-05-25 03:53 . 2010-08-26 02:12 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 03:53 . 2010-08-26 02:11 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 03:47 . 2010-08-26 02:01 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:42 . 2010-08-26 02:10 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 03:14 . 2008-04-14 03:21 4059328 ----a-w- c:\windows\system32\ati3duag.dll
2011-05-25 03:05 . 2010-08-26 01:30 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-05-25 02:58 . 2010-08-26 01:21 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:55 . 2008-04-14 03:21 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-05-25 02:54 . 2008-04-14 03:21 3152384 ----a-w- c:\windows\system32\ativvaxx.dll
2011-05-25 02:39 . 2010-08-26 01:39 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 02:39 . 2010-08-26 01:39 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 02:39 . 2010-08-26 01:38 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-05-25 02:39 . 2010-08-26 01:38 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:38 . 2010-08-26 01:22 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38 . 2010-08-26 01:22 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:38 . 2010-08-26 01:38 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-05-25 02:37 . 2010-08-26 01:37 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-05-25 02:36 . 2010-08-26 01:35 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-05-25 02:34 . 2010-08-26 01:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 02:31 . 2010-08-26 01:30 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-05-25 02:27 . 2010-08-26 01:29 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:27 . 2010-08-26 01:28 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-05-25 02:22 . 2008-04-14 03:21 856064 ----a-w- c:\windows\system32\ati2cqag.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-02 15:32 . 2011-04-09 11:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-08-18 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 04:30 . 2011-04-29 17:22 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2011-07-05 20053608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 98304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"d:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\Launcher.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"d:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"d:\\Program Files\\Codemasters\\DiRT 3\\dirt3_game.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22.2.2011 8:13 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16.3.2011 16:03 32592]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [17.6.2009 14:01 20744]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2.6.2011 18:04 13496]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.1.2011 6:41 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5.4.2011 0:59 297168]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [9.4.2011 20:06 218688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [21.7.2011 18:10 2214504]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [25.7.2011 19:55 101904]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14.4.2011 21:28 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10.2.2011 7:53 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10.2.2011 7:53 27216]
S2 713xTVCard;SAA7135 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 12:00 277504]
S2 avgfws;AVG Firewall;"d:\program files\AVG\AVG10\avgfws.exe" --> d:\program files\AVG\AVG10\avgfws.exe [?]
S2 AVGIDSAgent;AVGIDSAgent;"d:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" --> d:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?]
S2 avgwd;AVG WatchDog;"d:\program files\AVG\AVG10\avgwdsvc.exe" --> d:\program files\AVG\AVG10\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.4.2011 13:51 1691480]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;d:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe --> d:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [17.6.2009 14:02 29192]
S3 CFcatchme;CFcatchme;\??\c:\combofix\CFcatchme.sys --> c:\combofix\CFcatchme.sys [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 14:01 25480]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [26.4.2011 18:37 152064]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: Interfaces\{29CBF4D9-3275-4E5A-AEF6-996C387710D2}: NameServer = 62.84.128.6,62.84.132.6
FF - ProfilePath - c:\documents and settings\Petra\Data aplikací\Mozilla\Firefox\Profiles\z57hpwvq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.ogame.cz
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 21:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1364)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1600)
d:\program files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
d:\program files\Graphisoft\ArchiCAD 13\GSShellX32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\progra~1\Bandoo\Bandoo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-25 21:30:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-25 19:30
ComboFix2.txt 2011-07-25 19:08
ComboFix3.txt 2011-07-25 18:15
.
Před spuštěním: Volných bajtů: 29 225 443 328
Po spuštění: Volných bajtů: 29 212 188 672
.
- - End Of File - - 0F9254A7D15B879EA6457E21D1BE1804
ComboFix 11-07-25.02 - Petra 25.07.2011 21:23:28.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1396 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petra\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petra\Plocha\CFScript.txt
AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-25 do 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-25 19:17 . 2011-07-25 19:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\ATI
2011-07-25 19:15 . 2011-07-25 19:15 -------- d-----w- c:\program files\AMD APP
2011-07-25 19:14 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-07-25 19:12 . 2011-07-25 19:12 -------- d-----w- C:\ATI
2011-07-25 18:40 . 2011-07-25 18:40 -------- d-----w- c:\documents and settings\Petra\Local Settings\Data aplikací\ATI
2011-07-25 18:40 . 2011-07-25 18:40 -------- d-----w- c:\documents and settings\Petra\Data aplikací\ATI
2011-07-25 18:36 . 2011-07-25 18:36 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-07-25 18:35 . 2011-07-25 18:35 -------- d-----w- c:\program files\ATI
2011-07-25 18:34 . 2011-07-25 19:15 -------- d-----w- c:\program files\ATI Technologies
2011-07-25 17:57 . 2011-07-25 17:57 0 ----a-w- c:\windows\ativpsrm.bin
2011-07-25 17:56 . 2011-05-25 04:15 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-07-25 17:56 . 2011-05-25 02:56 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-25 17:55 . 2010-07-21 11:30 101904 ----a-r- c:\windows\system32\drivers\AtihdXP3.sys
2011-07-25 17:00 . 2011-07-25 17:01 -------- d-----w- c:\program files\trend micro
2011-07-25 17:00 . 2011-07-25 17:01 -------- d-----w- C:\rsit
2011-07-25 13:55 . 2011-07-25 13:55 -------- d-----w- c:\program files\ESET
2011-07-25 12:43 . 2011-07-25 12:43 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-07-25 11:58 . 2011-07-25 11:58 -------- d-----w- c:\windows\system32\wbem\Framework
2011-07-24 20:28 . 2011-07-24 21:41 -------- d-----w- c:\documents and settings\Petra\Data aplikací\TeamViewer
2011-07-24 20:28 . 2011-07-24 20:28 -------- d-----w- c:\program files\TeamViewer
2011-07-22 14:50 . 2011-07-22 14:50 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\Data aplikací\DSS
2011-07-22 14:50 . 2011-07-22 14:50 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Codemasters
2011-07-22 14:43 . 2011-07-22 14:43 -------- d-----w- c:\windows\system32\xlive
2011-07-22 14:43 . 2011-07-22 14:43 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-07-22 14:42 . 2010-09-22 11:12 19087360 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-07-22 14:42 . 2011-03-19 13:16 1417216 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-07-22 14:42 . 2011-07-22 14:42 -------- d-----w- c:\program files\BRS
2011-07-21 16:35 . 2011-05-25 07:25 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-07-21 16:35 . 2011-05-25 07:25 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-07-21 16:10 . 2011-07-21 16:10 -------- d-----w- c:\documents and settings\UpdatusUser
2011-07-21 16:10 . 2011-07-21 16:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NVIDIA
2011-07-21 16:08 . 2011-04-08 05:14 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-07-21 16:08 . 2011-04-08 05:14 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-07-21 14:28 . 2011-07-25 10:35 -------- d-----w- c:\windows\system32\drivers\AVG
2011-07-19 18:24 . 2011-07-19 18:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Trymedia
2011-07-11 21:48 . 2011-07-11 21:48 12800 ----a-w- c:\program files\Mozilla Firefox\plugins\npwachk.dll
2011-07-09 12:46 . 2011-07-09 12:46 -------- d-----w- c:\documents and settings\Petra\Data aplikací\OpenOffice.org
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 14:42 . 2011-04-25 13:41 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-22 14:42 . 2011-04-25 13:41 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-07-20 13:20 . 2011-06-05 08:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-11 12:17 . 2011-04-09 11:51 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-07-07 15:39 . 2011-04-09 11:51 6367848 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-07-06 11:27 . 2011-04-09 11:51 60008 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-07-05 14:08 . 2011-04-09 11:51 20053608 ----a-w- c:\windows\RTHDCPL.EXE
2011-06-30 14:15 . 2011-04-09 11:51 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2011-06-17 16:11 . 2011-06-17 16:55 663424 ----a-w- c:\windows\system32\ezGOSvcApp.exe
2011-06-06 11:35 . 2004-08-18 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-28 15:21 . 2011-05-28 15:16 21840 ----atw- c:\windows\system32\SIntfNT.dll
2011-05-28 15:21 . 2011-05-28 15:16 17212 ----atw- c:\windows\system32\SIntf32.dll
2011-05-28 15:21 . 2011-05-28 15:16 12067 ----atw- c:\windows\system32\SIntf16.dll
2011-05-28 15:12 . 2011-05-28 15:12 94208 ----a-w- c:\windows\DIIUnin.exe
2011-05-28 15:12 . 2011-05-28 15:12 2829 ----a-w- c:\windows\DIIUnin.pif
2011-05-25 07:26 . 2011-04-07 20:15 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 07:26 . 2011-04-07 20:15 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 07:26 . 2011-04-07 20:15 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:26 . 2011-04-07 20:15 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:26 . 2011-04-07 20:15 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 07:26 . 2011-04-07 20:15 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-25 07:25 . 2011-04-09 12:00 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2011-04-09 12:00 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2011-04-09 12:00 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2011-04-09 12:00 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2011-04-09 12:00 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2011-04-09 12:00 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2011-04-09 12:00 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2011-04-09 12:00 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-25 04:21 . 2011-04-09 14:54 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-05-25 03:53 . 2010-08-26 02:12 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 03:53 . 2010-08-26 02:11 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 03:47 . 2010-08-26 02:01 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:42 . 2010-08-26 02:10 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 03:14 . 2008-04-14 03:21 4059328 ----a-w- c:\windows\system32\ati3duag.dll
2011-05-25 03:05 . 2010-08-26 01:30 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-05-25 02:58 . 2010-08-26 01:21 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:55 . 2008-04-14 03:21 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-05-25 02:54 . 2008-04-14 03:21 3152384 ----a-w- c:\windows\system32\ativvaxx.dll
2011-05-25 02:39 . 2010-08-26 01:39 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 02:39 . 2010-08-26 01:39 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 02:39 . 2010-08-26 01:38 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-05-25 02:39 . 2010-08-26 01:38 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:38 . 2010-08-26 01:22 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38 . 2010-08-26 01:22 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:38 . 2010-08-26 01:38 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-05-25 02:37 . 2010-08-26 01:37 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-05-25 02:36 . 2010-08-26 01:35 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-05-25 02:34 . 2010-08-26 01:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 02:31 . 2010-08-26 01:30 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-05-25 02:27 . 2010-08-26 01:29 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:27 . 2010-08-26 01:28 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-05-25 02:22 . 2008-04-14 03:21 856064 ----a-w- c:\windows\system32\ati2cqag.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-02 15:32 . 2011-04-09 11:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-08-18 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 04:30 . 2011-04-29 17:22 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2011-07-05 20053608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 98304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"d:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\Launcher.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"d:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"d:\\Program Files\\Codemasters\\DiRT 3\\dirt3_game.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22.2.2011 8:13 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16.3.2011 16:03 32592]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [17.6.2009 14:01 20744]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2.6.2011 18:04 13496]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.1.2011 6:41 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5.4.2011 0:59 297168]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [9.4.2011 20:06 218688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [21.7.2011 18:10 2214504]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [25.7.2011 19:55 101904]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14.4.2011 21:28 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10.2.2011 7:53 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10.2.2011 7:53 27216]
S2 713xTVCard;SAA7135 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 12:00 277504]
S2 avgfws;AVG Firewall;"d:\program files\AVG\AVG10\avgfws.exe" --> d:\program files\AVG\AVG10\avgfws.exe [?]
S2 AVGIDSAgent;AVGIDSAgent;"d:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" --> d:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?]
S2 avgwd;AVG WatchDog;"d:\program files\AVG\AVG10\avgwdsvc.exe" --> d:\program files\AVG\AVG10\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.4.2011 13:51 1691480]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;d:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe --> d:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [17.6.2009 14:02 29192]
S3 CFcatchme;CFcatchme;\??\c:\combofix\CFcatchme.sys --> c:\combofix\CFcatchme.sys [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 14:01 25480]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [26.4.2011 18:37 152064]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: Interfaces\{29CBF4D9-3275-4E5A-AEF6-996C387710D2}: NameServer = 62.84.128.6,62.84.132.6
FF - ProfilePath - c:\documents and settings\Petra\Data aplikací\Mozilla\Firefox\Profiles\z57hpwvq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.ogame.cz
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 21:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1364)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1600)
d:\program files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
d:\program files\Graphisoft\ArchiCAD 13\GSShellX32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\progra~1\Bandoo\Bandoo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-25 21:30:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-25 19:30
ComboFix2.txt 2011-07-25 19:08
ComboFix3.txt 2011-07-25 18:15
.
Před spuštěním: Volných bajtů: 29 225 443 328
Po spuštění: Volných bajtů: 29 212 188 672
.
- - End Of File - - 0F9254A7D15B879EA6457E21D1BE1804
je to na klid... Jenom nevím.... zrovna jsem měnil grafickou kartu.. Netuším, jestli to na to mělo vliv 
Odinstalujte Combofix
tímto to asi považuji za 
Ještě zkusím nainstalovat antivir a kdyby náhodou byl problém, tak se asi ještě ozvu. Ale doufám, že už je to OK 
