VIRY.CZ

windows instaler se objeví jen při restartu počítače jinak se nezobrazuje

Mam windows xp profesional ne vistu

To nevadí navod na combofix je všeobecný takže prosím spusťte combofix

ComboFix 09-12-31.06 - Z 01.01.2010 1:11.2.2 - x86
Spuštěný z: c:\documents and settings\Z\Plocha\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-01 do 2010-01-01 )))))))))))))))))))))))))))))))
.

2009-12-31 21:07 . 2009-12-31 21:07 -------- dc----w- c:\program files\Perfect Uninstaller
2009-12-31 20:33 . 2009-12-31 20:43 -------- d-----w- C:\rsit
2009-12-31 17:00 . 2009-12-17 23:14 30536 -c--a-w- c:\windows\system32\TURegOpt.exe
2009-12-31 17:00 . 2009-12-17 23:08 30024 -c--a-w- c:\windows\system32\uxtuneup.dll
2009-12-31 16:59 . 2009-12-31 17:00 -------- dc----w- c:\program files\TuneUp Utilities 2010
2009-12-31 13:43 . 2009-12-31 13:50 -------- dc----w- c:\program files\Your Uninstaller
2009-12-31 13:36 . 2010-01-01 00:19 -------- dc----w- c:\program files\ICQ6.5
2009-12-31 01:13 . 2009-12-31 01:13 -------- dc----w- c:\program files\Microsoft.NET
2009-12-31 01:10 . 2009-12-31 01:10 -------- dc----w- c:\program files\Microsoft Visual Studio 8
2009-12-30 23:53 . 2009-12-30 23:53 -------- dc----w- c:\program files\NeroInstall.bak
2009-12-30 22:46 . 2009-12-30 22:46 -------- dc----w- c:\windows\system32\wbem\Repository
2009-12-27 23:41 . 2009-12-27 23:41 -------- d-----r- C:\MSOCache
2009-12-27 19:06 . 2009-12-27 19:26 603904 -c--a-w- c:\windows\system32\TUProgSt.exe
2009-12-27 18:57 . 2009-12-28 19:05 -------- dc----w- c:\program files\TuneUp Utilities 2009
2009-12-22 19:39 . 2009-12-31 14:48 -------- dc----w- c:\program files\USB Disk Win98 Driver
2009-12-21 22:18 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-21 22:17 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-12-21 22:17 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-12-21 22:17 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2009-12-21 22:17 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-12-21 22:17 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-12-21 22:17 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-12-21 22:17 . 2009-06-25 08:27 729088 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-12-21 22:17 . 2009-02-09 10:56 709632 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-12-21 22:17 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-12-21 22:16 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-12-21 22:16 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-12-21 22:16 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-12-21 22:16 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-21 22:16 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-12-21 22:16 . 2009-08-04 17:29 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-21 22:16 . 2009-08-04 17:29 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-21 22:16 . 2009-08-04 17:29 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-21 22:16 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-12-21 22:09 . 2009-12-21 22:09 -------- dcsh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-12-21 21:57 . 2009-07-31 09:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2009-12-21 21:57 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2009-12-21 21:57 . 2008-04-14 07:49 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2009-12-21 21:56 . 2008-04-14 07:51 81920 -c----w- c:\windows\system32\ieencode.dll
2009-12-18 07:04 . 2003-06-19 00:31 18944 -c--a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2009-12-18 07:04 . 2003-06-19 00:31 17920 -c--a-w- c:\windows\system32\mdimon.dll
2009-12-12 20:21 . 2009-12-30 22:44 -------- dc----w- c:\program files\CCleaner
2009-12-12 11:53 . 2009-12-12 11:53 -------- dc----w- c:\program files\VS Revo Group
2009-12-07 17:58 . 2009-09-02 15:41 1184984 -c--a-w- c:\windows\system32\wvc1dmod.dll
2009-12-03 15:19 . 2009-12-14 14:09 -------- dc----w- c:\program files\MSECache
2009-12-03 13:46 . 2007-01-05 19:56 96256 -c--a-w- c:\windows\system32\dllcache\wmpband.dll
2009-12-02 16:26 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-02 16:24 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-02 16:24 . 2009-10-29 07:43 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-02 16:24 . 2009-10-29 07:43 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-02 16:24 . 2009-10-29 07:43 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-02 16:24 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-02 16:24 . 2009-10-29 07:43 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-02 13:43 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-01 00:21 . 2008-10-15 19:24 35121356 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-01-01 00:21 . 2008-10-15 19:24 3004653600 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-31 22:26 . 2009-06-26 17:04 -------- dc----w- c:\program files\DVDFab 6
2009-12-31 20:43 . 2008-10-15 18:00 -------- dc----w- c:\program files\Trend Micro
2009-12-31 19:42 . 2009-02-10 19:58 -------- dc----w- c:\program files\JetAudio
2009-12-31 19:41 . 2007-05-28 11:00 -------- dc----w- c:\program files\Common Files\COWON
2009-12-31 18:24 . 2006-12-18 14:35 86327 -c--a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-12-31 18:24 . 2006-12-18 14:35 2724 -c--a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-12-31 15:54 . 2008-02-08 17:55 -------- dc----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-31 15:54 . 2007-07-21 08:18 -------- dc----w- c:\program files\PJsoft
2009-12-31 15:41 . 2007-07-21 08:52 3208 -c--a-w- c:\windows\im32st.dat
2009-12-31 15:15 . 2009-04-03 11:59 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-31 14:52 . 2006-12-19 17:15 -------- dc----w- c:\program files\Tapety 2.10
2009-12-31 14:52 . 2007-03-13 12:57 -------- dc----w- c:\program files\Windows Media Connect 2
2009-12-31 14:50 . 2008-09-07 19:19 -------- dc----w- c:\program files\PVD15
2009-12-31 14:49 . 2007-12-23 22:58 -------- dc----w- c:\program files\WinAVI Video Converter 9.0
2009-12-31 14:49 . 2006-12-21 12:45 -------- dc----w- c:\program files\Winamp
2009-12-31 14:45 . 2009-12-01 10:31 -------- dc----w- c:\program files\TO2SSM
2009-12-31 14:41 . 2006-12-19 17:22 -------- dc----w- c:\program files\QIP
2009-12-31 14:36 . 2007-05-09 12:45 -------- dc----w- c:\program files\MSBuild
2009-12-31 13:59 . 2008-12-09 18:50 -------- dc----w- c:\program files\ICQ6Toolbar
2009-12-31 02:23 . 2009-11-25 19:54 12464 -c--a-w- c:\windows\system32\avgrsstx.dll
2009-12-31 02:23 . 2009-11-25 19:54 28424 -c--a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-30 23:49 . 2008-02-26 14:52 -------- dc----w- c:\program files\Common Files\Nero
2009-12-30 22:45 . 2009-11-30 20:47 -------- dc----w- c:\program files\OpenOffice.org 3
2009-12-30 22:44 . 2007-01-03 12:15 -------- dc----w- c:\program files\AC3 Decoder
2009-12-30 22:44 . 2009-09-07 12:03 -------- dc----w- c:\program files\AGEIA Technologies
2009-12-30 22:44 . 2008-10-07 17:03 -------- dc----w- c:\program files\AdorageI-SAL
2009-12-30 22:44 . 2008-09-08 17:57 -------- dc----w- c:\program files\All Ten Fingers
2009-12-30 22:44 . 2008-04-12 18:22 -------- dc----w- c:\program files\Around The World In 80 Days
2009-12-30 22:44 . 2009-03-02 19:00 -------- dc----w- c:\program files\Big Mutha Truckers 2
2009-12-30 22:44 . 2009-01-23 15:57 -------- dc----w- c:\program files\BitComet
2009-12-30 22:44 . 2009-01-23 15:59 -------- dc----w- c:\program files\CometBird
2009-12-30 22:44 . 2006-12-21 20:10 -------- dc----w- c:\program files\Codec Pack - All In 1
2009-12-30 22:43 . 2009-06-17 19:43 -------- dc----w- c:\program files\DAEMON Tools Lite
2009-12-30 22:43 . 2009-06-17 19:43 -------- dc----w- c:\program files\DAEMON Tools Toolbar
2009-12-30 22:43 . 2006-12-20 15:06 -------- dc----w- c:\program files\DVD Shrink
2009-12-30 22:40 . 2008-02-27 13:57 -------- dc----w- c:\program files\Exact Audio Copy
2009-12-30 22:40 . 2008-09-01 14:57 -------- dc----w- c:\program files\Google
2009-12-30 22:39 . 2007-01-17 14:22 -------- dc----w- c:\program files\JetAudio 1
2009-12-30 22:39 . 2008-02-27 14:03 -------- dc----w- c:\program files\K-Lite Codec Pack
2009-12-30 22:39 . 2009-08-25 12:13 -------- dc----w- c:\program files\MozBackup
2009-12-30 22:39 . 2007-05-09 08:57 -------- dc----w- c:\program files\Microsoft Works
2009-12-30 22:39 . 2009-02-22 11:25 -------- dc----w- c:\program files\NSS
2009-12-30 22:39 . 2006-12-18 15:18 -------- dc----w- c:\program files\NVidia Refresh Rate Fix
2009-12-30 22:39 . 2009-07-12 14:40 -------- dc----w- c:\program files\PC Connectivity Solution
2009-12-30 22:39 . 2006-12-20 16:20 -------- dc----w- c:\program files\PDF
2009-12-30 22:03 . 2008-12-03 17:49 -------- dc----w- c:\program files\Plato DVD to MP3 Ripper
2009-12-30 22:03 . 2007-06-11 14:17 -------- dc----w- c:\program files\PopCap Games
2009-12-30 22:03 . 2009-06-18 10:04 -------- dc----w- c:\program files\QIP Infium
2009-12-30 22:03 . 2006-12-21 13:43 -------- dc----w- c:\program files\Singles
2009-12-30 21:59 . 2008-03-27 07:37 -------- dc----w- c:\program files\WinAVIVideoConverter
2009-12-30 18:01 . 2006-12-23 15:10 -------- dc----w- c:\program files\GameSpy Arcade
2009-12-30 13:55 . 2009-04-03 11:59 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-30 13:54 . 2009-04-03 11:59 19160 -c--a-w- c:\windows\system32\drivers\mbam.sys
2009-12-27 22:48 . 2001-10-25 12:00 440316 ----a-w- c:\windows\system32\perfh005.dat
2009-12-27 22:48 . 2001-10-25 12:00 83652 ----a-w- c:\windows\system32\perfc005.dat
2009-12-22 19:39 . 2006-12-18 14:57 -------- dc-h--w- c:\program files\InstallShield Installation Information
2009-12-21 23:20 . 2009-11-25 19:54 360584 -c--a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-21 23:19 . 2009-11-25 19:54 25608 -c--a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2009-12-21 23:19 . 2009-11-25 19:54 333192 -c--a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-21 23:19 . 2009-11-25 19:54 161800 -c--a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-12-12 16:06 . 2008-04-06 18:23 -------- dc----w- c:\program files\Ulead Systems
2009-12-12 16:06 . 2008-04-06 18:29 -------- dc----w- c:\program files\Common Files\Ulead Systems
2009-12-08 15:36 . 2009-12-08 15:36 0 -c-ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-07 16:38 . 2006-12-20 17:51 -------- dc----w- c:\program files\Zoner
2009-12-01 10:32 . 2009-12-01 10:25 -------- dc----w- c:\program files\Common Files\Motive
2009-11-27 13:46 . 2008-02-26 14:52 -------- dc----w- c:\program files\Nero
2009-11-25 19:53 . 2009-11-25 19:53 -------- dc----w- c:\program files\AVG
2009-11-25 14:11 . 2009-11-25 14:11 8 -c--a-w- c:\windows\system32\nvModes.dat
2009-11-25 09:56 . 2006-12-18 14:33 23512 -c--a-w- c:\windows\system32\emptyregdb.dat
2009-11-24 16:38 . 2009-11-24 16:24 664 -c--a-w- c:\windows\system32\d3d9caps.dat
2009-10-29 07:43 . 2004-08-17 13:49 916480 -c--a-w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-17 13:49 75776 -c--a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-17 13:49 25088 -c--a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 -c--a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-17 13:49 271360 -c--a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-17 13:49 150016 -c--a-w- c:\windows\system32\rastls.dll
2009-10-12 13:40 . 2004-08-17 13:49 79872 -c--a-w- c:\windows\system32\raschap.dll
2008-02-26 14:02 . 2008-02-26 14:02 24 --sh--w- c:\windows\S92270F3B.tmp
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OFFICEKB"="c:\program files\Labtec\Keyboard\V5.1\kbdap32a.exe" [2009-12-31 387584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-31 2033432]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-31 02:23 12464 -c--a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Z^Nabídka Start^Programy^Po spuštění^EduBase 2 - Application server.lnk]
path=c:\documents and settings\Z\Nabídka Start\Programy\Po spuštění\EduBase 2 - Application server.lnk
backup=c:\windows\pss\EduBase 2 - Application server.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Z^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Z\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2009-01-20 06:37 2523960 -c--a-w- c:\program files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 -c--a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2009-11-16 15:36 172792 -c--a-w- c:\program files\ICQ6.5\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Piracy]
2009-12-30 13:55 1389904 -c--a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2009-12-30 13:55 429392 -c--a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 -c--a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-06-13 07:16 528384 -c--a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS12 Preload]
2008-06-09 10:03 397456 -c--a-w- c:\program files\Corel\Corel VideoStudio 12\uvPL.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ahead\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\CometBird\\CometBird.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9651:TCP"= 9651:TCP:BitComet 9651 TCP
"9651:UDP"= 9651:UDP:BitComet 9651 UDP
"9204:TCP"= 9204:TCP:BitComet 9204 TCP
"9204:UDP"= 9204:UDP:BitComet 9204 UDP

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-17 721904]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [2006-08-29 32377]
R3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
R3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
R3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
R3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
R3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
R3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
R3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
R3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [x]
S0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSxx.sys [2009-12-21 25608]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2009-12-21 161800]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-12-21 333192]
S1 AvgTdiX;AVG Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-12-21 360584]
S1 is-D3FINdrv;is-D3FINdrv;c:\windows\system32\DRIVERS\97774039.sys [2008-07-08 148496]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2009-12-31 285392]
S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]
S3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [2009-12-21 122376]
S3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [2009-12-21 30216]
S3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [2009-12-21 25736]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-01-01 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp? ... earchTerms}
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Z\Data aplikací\Mozilla\Firefox\Profiles\auqs26zg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - http:/seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\documents and settings\Z\Data aplikací\Mozilla\Firefox\Profiles\auqs26zg.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
MSConfigStartUp-18d65452 - c:\windows\system32\lyjhmoiw.dll
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools\daemon.exe
MSConfigStartUp-ICQ Lite - c:\program files\ICQLite\ICQLite.exe
AddRemove-češtiny do Your Uninstaller 2008 6.1.1223 6.1.1223 - c:\program files\Your Uninstaller 2008\Languages\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-01 01:24
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(464)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\program files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2010-01-01 01:31:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-01 00:31
ComboFix2.txt 2009-11-20 19:15

Před spuštěním: Volných bajtů: 148 309 839 872
Po spuštění: Volných bajtů: 149 152 342 016

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - DFC0B9F664C236673974E7534E00842F

c:\windows\system32\lyjhmoiw.dll
toto prosim otestujte na VIRUSTOTAL
 
(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; vysledek sem vlozte. Pokud již byl soubor testován nechte otestovat znova)

Jak to nyní vypadá s PC ?

tento soubor jsem nenašel

Takže jak to nyní vypadá s Pc

Objevuje se mě pořád toto.Tady jsem dal foto. http://www.imagebam.com/image/30df5862077062

To je k nepřečtení
Pří zobrazení chyby zmačknete klávesovou zkratku Ctrl+PrtScrn
Otevřete Malování a date vložit Ctrl+V pak uložit obrázek
Nahrajete obrázek na free server třeba tento http://imgup.eu/
a sem dáte odkaz pro Fóra

Nejprve se objeví toto: http://www.imagebam.com/image/254df662081072
pak toto:http://www.imagebam.com/image/93be1662081073

Vložte instalační cd od tiskárny HP restartujte PC a odklikejte instalaci

OK vyřešeno Přeji hodně zdraví a štěstí v novém roce a mnoho úspěchu.Posílám aspoň SMS 50 kč Moc dík

I my děkujeme a přejeme vám vše nejlepší http://www.viry.cz/forum/



Ještě toto ať po sobě uklidím

T-Cleaner
pozor občas některé antiviry hlásí utilitu jako vir není po použití ji smažte,
aby jste předešli zbytečnému poplachu.
Zmáčknete A a Entr
Maže tempy resetuje nastavení XP na výchozí Resetuje body obnovy(Systém Volume Information)vymaže nejznámější jednorázové utility na odvirování
T-Cleaner
stáhněte T-Cleaner

Automatické spouštění CD Rom a DVD
disků nedoporučuji je to sice nepříjemné ale je to dobrá ochrana proti virum šířící se za pomocí viru Autorun pokud trváte na automatickém spouštění přidejte položky do registru ale je to na vaše vlastní riziko pokud si přinesete od kamaráda soubory na Flešce a pod
Naposledy jste při řešení problému použil ComboFix -> Aplikujte tento .reg soubor od Tempesta -> http://sweb.cz/Marinus/M-Autorun.reg (stáhnout (Pokud se otevře textový soubor zkopírovat text do
Poznámkového bloku dát uložit jako Autorun.reg) soubor poklepat a potvrdit přidání do registrů pak restartovat PC)
Nahradní Link http://www.edisk.cz/stahnout-soubor/449 ... _521B.html

T-Cleaner program jsem stáhl ale písmenem A nejde spustit

Zmačkněte entr a rozeběhne se