Viry ve windows prosím help

Zpráva

P@tRiCk_ · #46 Příspěvek od **P@tRiCk_** » 03 črc 2010 12:36

1)Nwm jak se to tam jmenuje

2) vyhodilo mi to error

Error: Unable to interpret <Paste Instructions for Items to be Moved> in the current context!
 
OTM by OldTimer - Version 3.1.12.2 log created on 07032010_133450

3)

Kód: Vybrat vše

Při zjišťování verze softwaru, který je v počítači spuštěn, používá tento web ovládací prvky ActiveX. Zobrazí-li se upozornění na ovládací prvek ActiveX, zkontrolujte nejprve, zda je ovládací prvek digitálně podepsán společností Microsoft, a potom ho nainstalujte a povolte.

#47 Příspěvek od **Caroprd111** » 03 črc 2010 12:44

O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Softonic VLC EN Toolbar - {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Max EN Toolbar - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll
O3 - Toolbar: Softonic English TC Toolbar - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

Obrázek

Aplikujte skript znovu.

Obrázek

Instalaci povolte.

P@tRiCk_ · #48 Příspěvek od **P@tRiCk_** » 03 črc 2010 13:13

O5 mi tam naskákaly errory a co sem nainstaloval FW tak mi blbne net po restartu mi ani nešel tak sem ho odinstaloval...

Sedím tady hodiny a hodiny včera do půlnoci dneska od pěti a marně budu mít rači zavirovanej PC než se stím takhle prát...

Moc vám děkuji za trpělivost a čas co ste si pro mě udělal

#49 Příspěvek od **Caroprd111** » 03 črc 2010 13:16

Nemáte zač

P@tRiCk_ · #50 Příspěvek od **P@tRiCk_** » 03 črc 2010 13:21

Ještě pár otázek nazávěr:
1)Co používat za defragmentaci abych to dal někdy do kupy original windows? Momentálně používám Auslogics Disk Defrag
2)Jak oživit PC je pomalej na to jakej má výkon

#51 Příspěvek od **Caroprd111** » 03 črc 2010 13:25

1) Doporučuji Defraggler http://www.slunecnice.cz/sw/defraggler/

2) Pokud nechcete PC odvirovat, tak se nedivte, že je pomalý. Odinstalujte nepotřebné programy a pročistěte CCleanerem.

P@tRiCk_ · #52 Příspěvek od **P@tRiCk_** » 03 črc 2010 13:27

Kdyby to šlo odvirovat tak to odviruju ale samej error a komplikace...

#53 Příspěvek od **Caroprd111** » 03 črc 2010 13:28

Ono by to šlo, ale musel byste trochu lépe spolupracovat.

P@tRiCk_ · #54 Příspěvek od **P@tRiCk_** » 03 črc 2010 13:29

Spolupracuju jak jen můžu ale když to píše errory? To je jedno

#55 Příspěvek od **Caroprd111** » 03 črc 2010 13:31

Psal jste, že budete mít PC radši zavirovaný, tak nevím, co si o tom mám myslet.

P@tRiCk_ · #56 Příspěvek od **P@tRiCk_** » 03 črc 2010 13:36

To je jedno...

Díky moc za ochotu a čas

Třeba zase napíšu až mi PC skolabuje

#57 Příspěvek od **stell** » 03 črc 2010 14:02

Zdravim.
PROSIM CITAJTE POZORNE NAVODY!!!,

Stáhněte na plochu, ukončete všechna aktivní okna
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Driver::
twomat
zfzurgqoh
zwxpff
NetSvc::
twomat
zfzurgqoh
zwxpff

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

P@tRiCk_ · #58 Příspěvek od **P@tRiCk_** » 03 črc 2010 17:53

ComboFix 10-07-01.02 - Patrik 03.07.2010 18:03:13.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.697 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patrik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Patrik\Plocha\CFScript.txt.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\vbzlib1.dll
D:\install.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TWOMAT
-------\Legacy_ZFZURGQOH
-------\Legacy_ZWXPFF
-------\Service_twomat
-------\Service_zfzurgqoh
-------\Service_zwxpff

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 12:26 . 2010-07-03 12:26 -------- d-----w- c:\program files\Defraggler
2010-07-03 12:06 . 2010-07-03 12:06 -------- d-----w- c:\windows\Internet Logs
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 10:53 . 2010-07-03 11:59 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-07-03 10:49 . 2008-01-17 17:59 713216 -c----w- c:\windows\system32\dllcache\sxs.dll
2010-07-03 06:28 . 2010-07-03 06:29 -------- d-----w- c:\windows\system32\NtmsData
2010-07-03 05:52 . 2010-07-03 05:52 -------- d-sh--w- c:\documents and settings\Patrik\IECompatCache
2010-07-03 05:51 . 2010-07-03 05:51 -------- d-----w- c:\program files\CCleaner
2010-07-02 19:13 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-02 19:13 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-02 17:09 . 2010-07-02 17:11 -------- d-----w- C:\ToolBar SD
2010-07-02 16:34 . 2010-07-03 11:21 -------- d-----w- c:\program files\trend micro
2010-07-02 13:07 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-02 13:07 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-02 13:07 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-02 13:07 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-02 13:07 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-02 13:07 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-02 13:07 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-02 13:06 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-02 13:06 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\program files\SystemRequirementsLab
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\documents and settings\Patrik\SystemRequirementsLab
2010-07-01 12:49 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-07-01 12:49 . 2010-07-01 12:49 -------- d-----w- c:\windows\Logs
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Detect
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Toolbar
2010-06-30 20:23 . 2009-04-28 20:20 129520 ------w- c:\windows\system32\pxafs.dll
2010-06-30 20:23 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp
2010-06-30 16:26 . 2010-06-30 16:26 7 ----a-w- C:\tw0001.dat
2010-06-29 14:22 . 2010-06-29 14:22 286720 ------w- c:\windows\Setup1.exe
2010-06-29 14:22 . 2010-06-29 14:22 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-06-28 18:05 . 2010-07-02 12:10 -------- d-----w- c:\program files\SRS - Street Racing Syndicate
2010-06-26 21:41 . 2010-06-26 21:41 -------- d-----w- c:\program files\Common Files\DirectX
2010-06-26 21:29 . 2010-06-26 21:29 -------- d-----w- c:\program files\EA GAMES
2010-06-21 14:26 . 2010-07-03 11:52 70992 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-06-18 16:24 . 2010-06-18 16:24 -------- d-----w- c:\program files\FreeCall.com
2010-06-18 08:36 . 2010-06-18 08:37 -------- d-----w- c:\program files\mp3DirectCut
2010-06-14 20:09 . 2010-07-02 17:11 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-06-14 20:01 . 2010-06-14 20:01 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-11 15:25 . 2010-06-11 15:25 -------- d-----w- c:\program files\XfireXO
2010-06-11 15:24 . 2010-07-03 00:22 -------- d-----w- c:\program files\Xfire
2010-06-09 14:17 . 2010-06-09 14:17 -------- d-----w- c:\program files\MSBuild
2010-06-09 14:14 . 2010-06-09 14:14 -------- d-----w- c:\windows\system32\XPSViewer
2010-06-09 14:13 . 2010-06-09 14:13 -------- d-----w- c:\program files\Reference Assemblies
2010-06-09 14:13 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-06-09 14:12 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-06-06 20:55 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-06-06 20:55 . 2010-06-26 08:59 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-06 20:55 . 2010-06-26 10:09 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-06 20:55 . 2010-06-11 15:46 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-06 20:15 . 2010-06-06 20:15 -------- d-sh--w- c:\windows\ftpcache
2010-06-04 04:57 . 2010-06-04 04:57 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Eye 312
2010-06-04 04:47 . 2007-10-04 15:42 48128 ----a-w- c:\windows\system32\Remove.exe
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Pac7302
2010-06-04 04:47 . 2006-10-12 09:57 14336 ----a-w- c:\windows\system32\P7302USD.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 05:43 . 2010-05-21 21:39 -------- d-----w- c:\program files\Windows Desktop Search
2010-07-03 05:42 . 2002-09-23 12:00 77706 ----a-w- c:\windows\system32\perfc005.dat
2010-07-03 05:42 . 2002-09-23 12:00 427336 ----a-w- c:\windows\system32\perfh005.dat
2010-07-02 18:53 . 2010-05-26 15:38 -------- d-----w- c:\program files\WinFlip
2010-07-02 17:41 . 2009-11-17 15:39 -------- d-----w- c:\program files\Opera 10 Beta
2010-07-02 17:11 . 2009-12-18 10:42 -------- d-----w- c:\program files\AskBarDis
2010-07-01 13:12 . 2009-10-29 07:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-01 12:50 . 2010-07-01 12:50 -------- d-----w- c:\program files\Rockstar Games
2010-06-28 18:07 . 2009-12-11 14:09 -------- d-----w- c:\program files\GameSpy Arcade
2010-06-26 16:07 . 2002-09-23 12:00 163644 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-05-31 13:08 . 2010-05-31 13:08 -------- d-----w- c:\program files\Common Files\Java
2010-05-31 13:07 . 2010-05-31 13:08 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-28 00:04 . 2010-05-28 00:04 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\TrueTransparency
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\Vista Drive Icon
2010-05-26 15:10 . 2010-05-26 15:10 -------- d-----w- c:\program files\Softonic_English_TC
2010-05-26 15:01 . 2010-05-26 15:01 -------- d-----w- c:\program files\WinPcap
2010-05-26 14:38 . 2009-10-29 18:08 -------- d-----w- c:\program files\QIP Infium
2010-05-23 16:24 . 2010-04-24 15:14 921632 ----a-w- C:\PA7302.DAT
2010-05-21 21:14 . 2010-02-08 19:05 -------- d-----w- c:\program files\Max_EN
2010-05-21 21:14 . 2009-12-17 15:51 -------- d-----w- c:\program files\Softonic_VLC_EN
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\xing shared
2010-05-14 11:06 . 2010-01-13 21:39 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-14 11:01 . 2010-05-14 11:01 -------- d-----w- c:\program files\Xvid
2010-04-24 12:32 . 2010-04-24 12:32 81 --sh--r- c:\windows\CT4CET.bin
2010-04-07 20:18 . 2010-04-07 20:18 74703 ----a-w- c:\windows\system32\mfc45.dll
.

------- Sigcheck -------

[7] 2004-08-17 . 84FEF6BE553ACC66729F5D4113F53310 . 2150400 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2004-08-17 . 5C108FECE9B30922649C5C4E9B80B9B5 . 2146816 . . [5.1.2600.2180] . . c:\windows\system32\ntoskrnl.exe
[7] 2004-08-17 . 84FEF6BE553ACC66729F5D4113F53310 . 2150400 . . [5.1.2600.2180] . . c:\windows\system32\VITrans\ntoskrnl.exe
[-] 2002-09-23 . BB405B214B5B49AB3F00196C10885611 . 1891840 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe

[-] 2004-08-17 . D528D77EAD3C7A52A4F17D45D2809E81 . 1438208 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\system32\VITrans\explorer.exe
[-] 2002-09-23 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[7] 2004-08-17 . 7715EDDD01EDFEF9EF335D29C6DFE212 . 2017280 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2004-08-17 . 60B05387246DF377C22DCCA1EE7B5006 . 2013696 . . [5.1.2600.2180] . . c:\windows\system32\ntkrnlpa.exe
[7] 2004-08-17 . 7715EDDD01EDFEF9EF335D29C6DFE212 . 2017280 . . [5.1.2600.2180] . . c:\windows\system32\VITrans\ntkrnlpa.exe
[-] 2002-09-23 . E2A57A7B4182490DFE1EBADE818146A2 . 1920512 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]
2010-04-15 10:33 2515552 ----a-w- c:\program files\Softonic_English_TC\tbSoft.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\XfireXO\tbXfir.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{867dd841-5bf7-44ca-8426-c5a6eda00735}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Max_EN\tbMax1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e6570cd8-9978-4621-b1f9-6a62436f0466}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Softonic_VLC_EN\tbSof0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E6570CD8-9978-4621-B1F9-6A62436F0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867DD841-5BF7-44CA-8426-C5A6EDA00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-01-06 135664]
"QIP2005"="c:\program files\QIP\qip.exe" [2009-08-13 3276288]
"RegistryMechanic"="d:\registry mechanic\RegMech.exe" [2010-04-08 3233752]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"DAEMON Tools Lite"="d:\daemon tools lite\daemon.exe" [2009-04-23 691656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-07-12 352256]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe" [2010-02-17 243032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-14 202256]
"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Patrik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ProgSense.lnk - d:\progsense\ProgSense.exe [2010-5-24 888000]
Screenshot Utility.lnk - d:\screenshot utility\ScreenshotUtility.exe [2010-6-6 344064]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-5-28 3493264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Team17 Software Ltd\\WormsFortsDemo\\WF.exe"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Online Demo\\Worms 4 Mayhem Online Demo.exe"=
"c:\\Program Files\\Opera 10 Beta\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp03\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp02x\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp01b\\samp-server.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp022\\samp-server.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"d:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\SRS - Street Racing Syndicate\\Bin\\SRS.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\trainer.exe.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4805:TCP"= 4805:TCP:eufbhvcx
"21034:TCP"= 21034:TCP:BitComet 21034 TCP
"21034:UDP"= 21034:UDP:BitComet 21034 UDP

R0 ahci8086;ahci8086;c:\windows\system32\drivers\ahci8086.sys [29.10.2009 12:31 119808]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.7.2010 15:07 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.7.2010 15:07 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [20.11.2009 17:07 246520]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 18:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [12.5.2010 15:08 632792]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.6.2010 22:01 721904]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\User_Feed_Synchronization-{9C10480B-93C6-4E37-91DA-96E8674D38DE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www.zoner.cz/podpora/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{3e717667-c786-43d0-b809-b378938f6770} - d:\clip extractor\ClipExtractor.exe
TCP: {52B0A3FB-BE3D-424D-A8D1-BAE446DAD5F8} = 213.211.45.3,212.96.160.7
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-HookURL - (no file)
URLSearchHooks-Rank - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
AddRemove-2kv4.8.442 - c:\windows\Radeon Omega Drivers v4.8.442

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 18:44
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

c:\docume~1\Patrik\LOCALS~1\Temp\pic8880.jpg 4676 bytes

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'explorer.exe'(4060)
c:\program files\Xfire\xfire_toucan_42784.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\program files\Stardock\Fences\FencesMenu.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\stardock\fences\DesktopDock.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 18:52:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 16:52

Před spuštěním: Volných bajtů: 12 730 314 752
Po spuštění: Volných bajtů: 12 624 216 064

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer

- - End Of File - - CFF92F7E574FF63805FDC3FB28188A41

#59 Příspěvek od **stell** » 03 črc 2010 18:18

no mas tam confickera.
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
FCOPY::
c:\windows\ServicePackFiles\i386\ntoskrnl.exe | c:\windows\system32\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntoskrnl.exe | c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe | c:\windows\system32\ntkrnlpa.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe | c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
RESTORE::
c:\windows\explorer.exe
srpeek::
c:\windows\explorer.exe
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4805:TCP"=-
Driver::
eufbhvcx
ICQ Service
File::
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
DDS::
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
Rootkit::
c:\docume~1\Patrik\LOCALS~1\Temp\pic8880.jpg

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

P@tRiCk_ · #60 Příspěvek od **P@tRiCk_** » 03 črc 2010 18:50

ComboFix 10-07-01.02 - Patrik 03.07.2010 19:31:04.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.493 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patrik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Patrik\Plocha\CFScript.txt.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job

c:\windows\explorer.exe . . . je infikován!!

.
--------------- FCopy ---------------

c:\windows\ServicePackFiles\i386\ntoskrnl.exe --> c:\windows\system32\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntoskrnl.exe --> c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe --> c:\windows\system32\ntkrnlpa.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe --> c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 12:26 . 2010-07-03 12:26 -------- d-----w- c:\program files\Defraggler
2010-07-03 12:06 . 2010-07-03 12:06 -------- d-----w- c:\windows\Internet Logs
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 10:53 . 2010-07-03 11:59 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-07-03 10:49 . 2008-01-17 17:59 713216 -c----w- c:\windows\system32\dllcache\sxs.dll
2010-07-03 06:28 . 2010-07-03 06:29 -------- d-----w- c:\windows\system32\NtmsData
2010-07-03 05:52 . 2010-07-03 05:52 -------- d-sh--w- c:\documents and settings\Patrik\IECompatCache
2010-07-03 05:51 . 2010-07-03 05:51 -------- d-----w- c:\program files\CCleaner
2010-07-02 19:13 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-02 19:13 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-02 17:09 . 2010-07-02 17:11 -------- d-----w- C:\ToolBar SD
2010-07-02 16:34 . 2010-07-03 11:21 -------- d-----w- c:\program files\trend micro
2010-07-02 13:07 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-02 13:07 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-02 13:07 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-02 13:07 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-02 13:07 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-02 13:07 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-02 13:07 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-02 13:06 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-02 13:06 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\program files\SystemRequirementsLab
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\documents and settings\Patrik\SystemRequirementsLab
2010-07-01 12:49 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-07-01 12:49 . 2010-07-01 12:49 -------- d-----w- c:\windows\Logs
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Detect
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Toolbar
2010-06-30 20:23 . 2009-04-28 20:20 129520 ------w- c:\windows\system32\pxafs.dll
2010-06-30 20:23 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp
2010-06-30 16:26 . 2010-06-30 16:26 7 ----a-w- C:\tw0001.dat
2010-06-29 14:22 . 2010-06-29 14:22 286720 ------w- c:\windows\Setup1.exe
2010-06-29 14:22 . 2010-06-29 14:22 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-06-28 18:05 . 2010-07-02 12:10 -------- d-----w- c:\program files\SRS - Street Racing Syndicate
2010-06-26 21:41 . 2010-06-26 21:41 -------- d-----w- c:\program files\Common Files\DirectX
2010-06-26 21:29 . 2010-06-26 21:29 -------- d-----w- c:\program files\EA GAMES
2010-06-21 14:26 . 2010-07-03 11:52 70992 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-06-18 16:24 . 2010-06-18 16:24 -------- d-----w- c:\program files\FreeCall.com
2010-06-18 08:36 . 2010-06-18 08:37 -------- d-----w- c:\program files\mp3DirectCut
2010-06-14 20:09 . 2010-07-02 17:11 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-06-14 20:01 . 2010-06-14 20:01 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-11 15:25 . 2010-06-11 15:25 -------- d-----w- c:\program files\XfireXO
2010-06-11 15:24 . 2010-07-03 00:22 -------- d-----w- c:\program files\Xfire
2010-06-09 14:17 . 2010-06-09 14:17 -------- d-----w- c:\program files\MSBuild
2010-06-09 14:14 . 2010-06-09 14:14 -------- d-----w- c:\windows\system32\XPSViewer
2010-06-09 14:13 . 2010-06-09 14:13 -------- d-----w- c:\program files\Reference Assemblies
2010-06-09 14:13 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-06-09 14:12 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-06-06 20:55 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-06-06 20:55 . 2010-06-26 08:59 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-06 20:55 . 2010-06-26 10:09 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-06 20:55 . 2010-06-11 15:46 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-06 20:15 . 2010-06-06 20:15 -------- d-sh--w- c:\windows\ftpcache
2010-06-04 04:57 . 2010-06-04 04:57 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Eye 312
2010-06-04 04:47 . 2007-10-04 15:42 48128 ----a-w- c:\windows\system32\Remove.exe
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Pac7302
2010-06-04 04:47 . 2006-10-12 09:57 14336 ----a-w- c:\windows\system32\P7302USD.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 05:43 . 2010-05-21 21:39 -------- d-----w- c:\program files\Windows Desktop Search
2010-07-03 05:42 . 2002-09-23 12:00 77706 ----a-w- c:\windows\system32\perfc005.dat
2010-07-03 05:42 . 2002-09-23 12:00 427336 ----a-w- c:\windows\system32\perfh005.dat
2010-07-02 18:53 . 2010-05-26 15:38 -------- d-----w- c:\program files\WinFlip
2010-07-02 17:41 . 2009-11-17 15:39 -------- d-----w- c:\program files\Opera 10 Beta
2010-07-02 17:11 . 2009-12-18 10:42 -------- d-----w- c:\program files\AskBarDis
2010-07-01 13:12 . 2009-10-29 07:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-01 12:50 . 2010-07-01 12:50 -------- d-----w- c:\program files\Rockstar Games
2010-06-28 18:07 . 2009-12-11 14:09 -------- d-----w- c:\program files\GameSpy Arcade
2010-06-26 16:07 . 2002-09-23 12:00 163644 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-05-31 13:08 . 2010-05-31 13:08 -------- d-----w- c:\program files\Common Files\Java
2010-05-31 13:07 . 2010-05-31 13:08 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-28 00:04 . 2010-05-28 00:04 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\TrueTransparency
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\Vista Drive Icon
2010-05-26 15:10 . 2010-05-26 15:10 -------- d-----w- c:\program files\Softonic_English_TC
2010-05-26 15:01 . 2010-05-26 15:01 -------- d-----w- c:\program files\WinPcap
2010-05-26 14:38 . 2009-10-29 18:08 -------- d-----w- c:\program files\QIP Infium
2010-05-23 16:24 . 2010-04-24 15:14 921632 ----a-w- C:\PA7302.DAT
2010-05-21 21:14 . 2010-02-08 19:05 -------- d-----w- c:\program files\Max_EN
2010-05-21 21:14 . 2009-12-17 15:51 -------- d-----w- c:\program files\Softonic_VLC_EN
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\xing shared
2010-05-14 11:06 . 2010-01-13 21:39 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-14 11:01 . 2010-05-14 11:01 -------- d-----w- c:\program files\Xvid
2010-04-24 12:32 . 2010-04-24 12:32 81 --sh--r- c:\windows\CT4CET.bin
2010-04-07 20:18 . 2010-04-07 20:18 74703 ----a-w- c:\windows\system32\mfc45.dll
.

(((((((((((((((((((((((((((((((((((((((((( SR_Search ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
------- Sigcheck -------

[-] 2004-08-17 . D528D77EAD3C7A52A4F17D45D2809E81 . 1438208 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\system32\VITrans\explorer.exe
[-] 2002-09-23 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]
2010-04-15 10:33 2515552 ----a-w- c:\program files\Softonic_English_TC\tbSoft.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\XfireXO\tbXfir.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{867dd841-5bf7-44ca-8426-c5a6eda00735}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Max_EN\tbMax1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e6570cd8-9978-4621-b1f9-6a62436f0466}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Softonic_VLC_EN\tbSof0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E6570CD8-9978-4621-B1F9-6A62436F0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867DD841-5BF7-44CA-8426-C5A6EDA00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-01-06 135664]
"QIP2005"="c:\program files\QIP\qip.exe" [2009-08-13 3276288]
"RegistryMechanic"="d:\registry mechanic\RegMech.exe" [2010-04-08 3233752]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"DAEMON Tools Lite"="d:\daemon tools lite\daemon.exe" [2009-04-23 691656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-07-12 352256]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe" [2010-02-17 243032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-14 202256]
"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Patrik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ProgSense.lnk - d:\progsense\ProgSense.exe [2010-5-24 888000]
Screenshot Utility.lnk - d:\screenshot utility\ScreenshotUtility.exe [2010-6-6 344064]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-5-28 3493264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Team17 Software Ltd\\WormsFortsDemo\\WF.exe"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Online Demo\\Worms 4 Mayhem Online Demo.exe"=
"c:\\Program Files\\Opera 10 Beta\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp03\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp02x\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp01b\\samp-server.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp022\\samp-server.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"d:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\SRS - Street Racing Syndicate\\Bin\\SRS.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\trainer.exe.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21034:TCP"= 21034:TCP:BitComet 21034 TCP
"21034:UDP"= 21034:UDP:BitComet 21034 UDP

R0 ahci8086;ahci8086;c:\windows\system32\drivers\ahci8086.sys [29.10.2009 12:31 119808]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.6.2010 22:01 721904]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.7.2010 15:07 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.7.2010 15:07 17744]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 18:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [12.5.2010 15:08 632792]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-03 c:\windows\Tasks\User_Feed_Synchronization-{9C10480B-93C6-4E37-91DA-96E8674D38DE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www.zoner.cz/podpora/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{3e717667-c786-43d0-b809-b378938f6770} - d:\clip extractor\ClipExtractor.exe
TCP: {52B0A3FB-BE3D-424D-A8D1-BAE446DAD5F8} = 213.211.45.3,212.96.160.7
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-HookURL - (no file)
URLSearchHooks-Rank - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 19:41
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x867D51F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7650fc3
\Driver\ACPI -> ACPI.sys @ 0xf739acb8
\Driver\atapi -> 0x867d61f8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058236c
ParseProcedure -> ntkrnlpa.exe @ 0x8058146a
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058236c
ParseProcedure -> ntkrnlpa.exe @ 0x8058146a
NDIS: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf720cba0
PacketIndicateHandler -> NDIS.sys @ 0xf7219b21
SendHandler -> NDIS.sys @ 0xf71f787b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(724)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'explorer.exe'(3240)
c:\windows\system32\ntshrui.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\program files\Stardock\Fences\FencesMenu.dll
c:\program files\stardock\fences\DesktopDock.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 19:48:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 17:48
ComboFix2.txt 2010-07-03 16:52

Před spuštěním: Volných bajtů: 12 694 392 832
Po spuštění: Volných bajtů: 12 570 824 704

- - End Of File - - 4EE87A97D70B837B6BD00479FD744DF4

VIRY.CZ

Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help