VIRY.CZ

OK. Nastala nějaká změna?

Nastalo zlepšení o málo, nicméně výkon, který tu před pár dny byl stále není.
Tady je ten log:

All processes killed
========== FILES ==========
C:\Program Files\Google\Google Toolbar\Component folder moved successfully.
C:\Program Files\Google\Google Toolbar folder moved successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Google\Common\Google Updater folder moved successfully.
C:\Program Files\Google\Update\Install folder moved successfully.
C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.2.2427.2330 folder moved successfully.
C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24} folder moved successfully.
C:\Program Files\Google\Update\Download\{D520FFB9-61BB-4D5E-8A4C-D2FFE0CA67BA} folder moved successfully.
C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79 folder moved successfully.
C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully.
C:\Program Files\Google\Update\Download folder moved successfully.
C:\Program Files\Google\Update\1.3.21.79 folder moved successfully.
C:\Program Files\Google\Update folder moved successfully.
C:\WINDOWS\tasks\ASC5_AutoUpdate.job moved successfully.
C:\WINDOWS\tasks\DriverEasy Scheduled Scan.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\UpdateCheck.job moved successfully.
c:\program files\common files\Spigot\wtxpcom\components folder moved successfully.
c:\program files\common files\Spigot\wtxpcom folder moved successfully.
c:\program files\common files\Spigot\Search Settings\Res folder moved successfully.
c:\program files\common files\Spigot\Search Settings\Lang folder moved successfully.
c:\program files\common files\Spigot\Search Settings folder moved successfully.
c:\program files\common files\Spigot folder moved successfully.
File/Folder C:\WINDOWS\System32\Drivers\ati3tyxx.sys not found.
========== SERVICES/DRIVERS ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service ati3tyxx stopped successfully!
Service ati3tyxx deleted successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 2836 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Recepty doma

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41044 bytes

User: user
->Temp folder emptied: 1595620 bytes
->Temporary Internet Files folder emptied: 14327737 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 39936048 bytes
->Google Chrome cache emptied: 94819469 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 61635 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65371 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 101888 bytes

Total Files Cleaned = 144.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Recepty doma

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 01232012_195655

Dejte log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Dobře, zítra provedu...

OK.

Tak nakonec mi to nedalo...

Počítač už je rychlejší, ale pořád to není ono. Nicméně nárůst je větší než v předchozím kroku.
Během skenu ohlásil: Program PEV.exe přestal pracovat.

log:

ComboFix 12-01-23.02 - user 23.01.2012 21:15:59.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1503 [GMT 1:00]
Spuštěný z: c:\documents and settings\user\Dokumenty\Downloads\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-23 do 2012-01-23 )))))))))))))))))))))))))))))))
.
.
2012-01-23 18:56 . 2012-01-23 18:56 -------- d-----w- C:\_OTM
2012-01-16 20:17 . 2012-01-16 20:18 -------- d-----w- c:\program files\Common Files\Nokia
2012-01-16 20:16 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-01-16 20:16 . 2012-01-16 20:16 -------- d-----w- c:\program files\PC Connectivity Solution
2012-01-16 20:15 . 2011-11-01 09:07 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2012-01-16 20:15 . 2011-11-01 09:07 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-01-16 20:15 . 2011-11-01 09:07 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-01-16 20:15 . 2011-11-01 09:07 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2012-01-16 20:15 . 2011-11-01 09:07 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-01-16 20:15 . 2011-11-01 09:07 605696 ----a-w- c:\windows\system32\nmwcdcocls.dll
2012-01-16 20:15 . 2011-11-01 09:07 123904 ----a-w- c:\windows\system32\ccdcmbwu.dll
2012-01-16 20:15 . 2012-01-16 20:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-15 19:25 . 2011-12-15 19:25 220256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2011-12-15 19:24 . 2011-12-15 19:24 220256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2011-12-15 19:23 . 2011-12-15 19:23 416 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2011-11-25 21:57 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2004-08-18 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-22 13:57 . 2011-11-22 13:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-20 06:12 . 2004-08-18 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-04 19:13 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:29 . 2004-08-18 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 2004-08-18 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-02 19:29 . 2011-10-28 09:22 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-11-02 19:29 . 2011-11-19 10:38 28992 ----a-w- c:\windows\system32\uxtuneup.dll
2011-11-01 16:07 . 2004-08-18 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-11-01 09:07 . 2009-02-28 15:00 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2011-10-28 05:32 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2004-08-18 12:00 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-12 06:10 . 2011-08-24 07:53 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2011-05-25 491040]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-01-10 1083264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"Logitech Utility"="Logi_MwX.Exe" [2003-03-04 19968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-01-12 4453208]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-05-14 98304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-12-14 110592]
DSLMON.lnk - c:\program files\ADSL\ADSL USB MODEM\dslmon.exe [2008-6-8 929889]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk /p \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^LUMIX Simple Viewer.lnk]
backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^RAID Manager.lnk]
backup=c:\windows\pss\RAID Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-07-05 08:08 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-09-28 08:42 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- c:\program files\TO2SSM\McciTrayApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateStar]
2010-09-01 15:03 4739312 ----a-w- c:\documents and settings\user\Data aplikací\UpdateStar\UpdateStar.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Game Fire"=c:\program files\Smart PC Utilities\Game Fire\GFTray.exe /START
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Zástupce stránky vlastností sběrnice High Definition Audio"=HDAShCut.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Games\\World_of_Tanks\\WOTLauncher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\edousek3\\counter-strike\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [15.9.2007 9:33 25105]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R1 HMFAxCore55688327e8f59cf41f6f99d9c88a251d;HMFAxCore55688327e8f59cf41f6f99d9c88a251d;c:\windows\system32\drivers\HMFAxCore55688327e8f59cf41f6f99d9c88a251d.sys [8.8.2010 11:02 22304]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [17.12.2011 11:43 497496]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [28.9.2011 9:54 821592]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2.11.2011 20:29 1479488]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [28.9.2011 9:54 30368]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [13.10.2011 16:33 10064]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [28.9.2011 9:54 16208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 KMDevmonSrvdmadmin;Multi-Function Station Device Monitor KMDevmonSrvdmadmin; [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [28.6.2011 18:15 2255464]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.7.2011 13:21 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver;c:\windows\system32\drivers\KMdgiusb.sys --> c:\windows\system32\drivers\KMdgiusb.sys [?]
S3 EagleXNt;EagleXNt; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 20:37 4640000]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [4.7.2009 10:55 10406016]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 13:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [28.9.2011 9:54 246816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\user\Data aplikací\Mozilla\Firefox\Profiles\ewt9enb1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - wazzub.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p=
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-ati3tyxx.sys
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_A0AC09CE5247ECEF.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-23 21:42
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2432)
c:\program files\MouseWare\System\LgWndHk.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-01-23 21:51:25
ComboFix-quarantined-files.txt 2012-01-23 20:51
ComboFix2.txt 2012-01-22 14:31
ComboFix3.txt 2011-08-30 17:59
ComboFix4.txt 2011-08-27 11:01
ComboFix5.txt 2012-01-23 20:11
.
Před spuštěním: Volných bajtů: 56 178 765 824
Po spuštění: Volných bajtů: 56 152 838 144
.
- - End Of File - - 97F9E7B6E2D6A35FB56FCFAD6A435C52

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Firefox::
FF - ProfilePath - c:\documents and settings\user\Data aplikací\Mozilla\Firefox\Profiles\ewt9enb1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - wazzub.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =382950&p=

Uložte na plochu jako CFScript.txt . Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

log:

ComboFix 12-01-23.02 - user 24.01.2012 18:55:40.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1458 [GMT 1:00]
Spuštěný z: c:\documents and settings\user\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\user\Plocha\CFScript.txt
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-24 do 2012-01-24 )))))))))))))))))))))))))))))))
.
.
2012-01-24 17:47 . 2012-01-24 17:48 -------- d-----w- C:\32788R22FWJFW
2012-01-23 18:56 . 2012-01-23 18:56 -------- d-----w- C:\_OTM
2012-01-16 20:17 . 2012-01-16 20:18 -------- d-----w- c:\program files\Common Files\Nokia
2012-01-16 20:16 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-01-16 20:16 . 2012-01-16 20:16 -------- d-----w- c:\program files\PC Connectivity Solution
2012-01-16 20:15 . 2011-11-01 09:07 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2012-01-16 20:15 . 2011-11-01 09:07 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-01-16 20:15 . 2011-11-01 09:07 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-01-16 20:15 . 2011-11-01 09:07 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2012-01-16 20:15 . 2011-11-01 09:07 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-01-16 20:15 . 2011-11-01 09:07 605696 ----a-w- c:\windows\system32\nmwcdcocls.dll
2012-01-16 20:15 . 2011-11-01 09:07 123904 ----a-w- c:\windows\system32\ccdcmbwu.dll
2012-01-16 20:15 . 2012-01-16 20:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-15 19:25 . 2011-12-15 19:25 220256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2011-12-15 19:24 . 2011-12-15 19:24 220256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2011-12-15 19:23 . 2011-12-15 19:23 416 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2011-11-25 21:57 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2004-08-18 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-22 13:57 . 2011-11-22 13:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-20 06:12 . 2004-08-18 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2004-08-18 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2004-08-18 12:00 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-04 19:13 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:29 . 2004-08-18 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 2004-08-18 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-02 19:29 . 2011-10-28 09:22 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-11-02 19:29 . 2011-11-19 10:38 28992 ----a-w- c:\windows\system32\uxtuneup.dll
2011-11-01 16:07 . 2004-08-18 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-11-01 09:07 . 2009-02-28 15:00 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2011-10-28 05:32 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-08-12 06:10 . 2011-08-24 07:53 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-23_20.42.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-24 16:01 . 2012-01-24 16:01 16384 c:\windows\Temp\Perflib_Perfdata_4a4.dat
+ 2008-12-16 12:32 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll
- 2008-12-16 12:32 . 2009-08-25 09:19 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2008-12-05 06:57 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2011-05-25 491040]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-01-10 1083264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"Logitech Utility"="Logi_MwX.Exe" [2003-03-04 19968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-01-12 4453208]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-05-14 98304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-12-14 110592]
DSLMON.lnk - c:\program files\ADSL\ADSL USB MODEM\dslmon.exe [2008-6-8 929889]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk /p \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^LUMIX Simple Viewer.lnk]
backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^RAID Manager.lnk]
backup=c:\windows\pss\RAID Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-07-05 08:08 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-09-28 08:42 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- c:\program files\TO2SSM\McciTrayApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateStar]
2010-09-01 15:03 4739312 ----a-w- c:\documents and settings\user\Data aplikací\UpdateStar\UpdateStar.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Game Fire"=c:\program files\Smart PC Utilities\Game Fire\GFTray.exe /START
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Zástupce stránky vlastností sběrnice High Definition Audio"=HDAShCut.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Games\\World_of_Tanks\\WOTLauncher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\edousek3\\counter-strike\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [15.9.2007 9:33 25105]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R1 HMFAxCore55688327e8f59cf41f6f99d9c88a251d;HMFAxCore55688327e8f59cf41f6f99d9c88a251d;c:\windows\system32\drivers\HMFAxCore55688327e8f59cf41f6f99d9c88a251d.sys [8.8.2010 11:02 22304]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [17.12.2011 11:43 497496]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [28.9.2011 9:54 821592]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2.11.2011 20:29 1479488]
R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [28.9.2011 9:54 246816]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [28.9.2011 9:54 30368]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [13.10.2011 16:33 10064]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [28.9.2011 9:54 16208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 KMDevmonSrvdmadmin;Multi-Function Station Device Monitor KMDevmonSrvdmadmin; [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [28.6.2011 18:15 2255464]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.7.2011 13:21 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver;c:\windows\system32\drivers\KMdgiusb.sys --> c:\windows\system32\drivers\KMdgiusb.sys [?]
S3 EagleXNt;EagleXNt; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 20:37 4640000]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [4.7.2009 10:55 10406016]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 13:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\user\Data aplikací\Mozilla\Firefox\Profiles\ewt9enb1.default\
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-24 19:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(18648)
c:\program files\MouseWare\System\LgWndHk.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-01-24 19:48:13
ComboFix-quarantined-files.txt 2012-01-24 18:48
ComboFix2.txt 2012-01-23 20:51
ComboFix3.txt 2012-01-22 14:31
ComboFix4.txt 2011-08-30 17:59
ComboFix5.txt 2012-01-24 17:49
.
Před spuštěním: Volných bajtů: 56 065 900 544
Po spuštění: Volných bajtů: 56 075 145 216
.
- - End Of File - - E03DDEDEA787A4A8EF3538C2489FCCEB

Smazáno, log již vypadá OK. Nastala nějaká změna?

Ne, stále stejné...

Otevřte ovl.panely>systém>hardware>správce zařízení>řadiče IDE/ATA>prim. a sek. kanál IDE. Klikněte pravým myšítkem na jednotlivé kanály>upřesnit nastavení. Zjistěte, zda je zaonut režim DMA. Pokud tomu tak není, zapněte, nastvení uložte a restartujte PC.

Bylo zapnuto...

Co jste instaloval těsně před tím, než se problém objevil?

Uklízel jsem v počítači prach a počítač se přemístil
Je to v hardware?

Tohle by s tím nemělo mít nic společného za předpokladu, že jste něco nepoškodil. Mne spíš zajímá, co jste instaloval těsně před tím, než se problém objevil.