VIRY.CZ

ComboFix 10-10-03.03 - Michal 04.10.2010 17:00:13.12.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.767.468 [GMT 2:00]
Spuštěný z: c:\documents and settings\Michal\Dokumenty\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG 7.5.472 *On-access scanning enabled* (Outdated) {41564737-3200-1071-989B-0000E87B4FB1}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\daemon.dll
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-04 do 2010-10-04 )))))))))))))))))))))))))))))))
.

2027-12-05 18:29 . 2004-05-11 09:53 82432 -c--a-r- c:\windows\system32\MSXML4r.dll
2027-12-05 18:29 . 2004-05-11 09:53 626960 -c--a-r- c:\windows\system32\hpvaut32.dll
2027-12-05 18:29 . 2004-05-11 09:53 487424 -c--a-r- c:\windows\system32\hpvcp70.dll
2027-12-05 18:29 . 2004-05-11 09:53 44544 -c--a-r- c:\windows\system32\MSXML4a.dll
2027-12-05 18:29 . 2004-05-11 09:53 344064 -c--a-r- c:\windows\system32\hpvcr70.dll
2027-12-05 18:28 . 2027-12-05 18:28 -------- dc----w- c:\program files\Common Files\Hewlett-Packard
2027-12-05 18:27 . 2027-12-05 18:27 -------- dc----w- c:\windows\system32\URTTemp
2027-12-05 18:24 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\drivers\usbscan.sys
2027-12-05 18:24 . 2004-03-18 15:56 204800 -c--a-w- c:\windows\system32\HPZipr12.dll
2027-12-05 18:24 . 2004-03-18 15:55 65536 -c--a-w- c:\windows\system32\HPZipm12.exe
2027-12-05 18:24 . 2004-03-18 15:53 278584 -c--a-w- c:\windows\system32\HPZidr12.dll
2027-12-05 18:24 . 2004-03-18 15:39 57344 -c--a-w- c:\windows\system32\HPZisn12.dll
2027-12-05 18:24 . 2004-03-18 15:39 94208 -c--a-w- c:\windows\system32\HPZipt12.dll
2027-12-05 18:24 . 2004-03-18 15:38 61440 -c--a-w- c:\windows\system32\HPZinw12.exe
2027-12-05 18:23 . 2006-11-06 17:30 -------- dc----w- c:\program files\HP
2027-12-05 18:22 . 2004-06-21 20:02 16496 -c--a-r- c:\windows\system32\drivers\HPZipr12.sys
2027-12-05 18:22 . 2004-06-21 20:02 51088 -c--a-r- c:\windows\system32\drivers\hpzid412.sys
2027-12-05 18:22 . 2004-06-21 20:02 21744 -c--a-r- c:\windows\system32\drivers\HPZius12.sys
2027-12-05 18:22 . 2004-06-21 20:02 270336 -c--a-r- c:\windows\system32\HPZc3212.dll
2027-12-05 18:21 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\drivers\usbprint.sys
2027-12-05 18:20 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\drivers\usbccgp.sys
2027-11-17 13:36 . 1998-09-02 08:28 38160 -c--a-w- c:\windows\system32\LMRTREND.dll
2027-11-17 13:36 . 1998-08-27 04:51 182032 -c--a-w- c:\windows\system32\dxtmsft3.dll
2027-11-17 13:36 . 1998-09-02 08:28 63488 -c--a-w- c:\windows\system32\unam4ie.exe
2027-11-17 13:36 . 1998-09-02 08:02 194320 -c--a-w- c:\windows\system32\qcut.dll
2027-11-17 13:36 . 1998-08-17 09:21 10240 -c--a-w- c:\windows\system32\vidx16.dll
2027-11-17 13:36 . 1998-08-17 09:21 11776 -c--a-w- c:\windows\system32\mciqtz.drv
2027-11-17 13:36 . 2027-11-17 13:36 4608 -c--a-w- c:\windows\system32\w95inf32.dll
2027-11-17 13:36 . 2027-11-17 13:36 2272 -c--a-w- c:\windows\system32\w95inf16.dll
2027-11-17 10:51 . 2027-11-17 10:51 -------- dc----w- c:\windows\aod
2027-11-17 10:27 . 1997-04-08 19:08 299520 -c--a-w- c:\windows\uninst.exe
2027-11-17 10:15 . 2027-11-17 10:15 -------- dc----w- c:\documents and settings\LocalService\Nabídka Start
2027-11-17 10:14 . 2009-11-26 19:16 -------- dc----w- c:\windows\system32\wbem\AutoRecover
2027-11-17 10:08 . 2004-08-17 14:49 221184 -c--a-w- c:\windows\system32\wmpns.dll
2027-11-17 10:06 . 2008-04-14 03:22 49152 -c----w- c:\windows\system32\powercfg.exe
2027-11-17 10:05 . 2008-04-14 03:22 32768 -c--a-w- c:\windows\system32\snmp.exe
2027-11-17 10:05 . 2008-04-14 03:22 8704 -c--a-w- c:\windows\system32\snmptrap.exe
2027-11-17 10:04 . 2008-04-14 03:21 33792 -c--a-w- c:\windows\system32\lmmib2.dll
2027-11-17 10:04 . 2008-04-14 03:21 105472 -c--a-w- c:\windows\system32\evntagnt.dll
2027-11-17 10:04 . 2008-05-11 14:37 -------- dc----w- c:\windows\ServicePackFiles
2027-11-17 10:00 . 2009-01-07 16:20 26144 -c--a-w- c:\windows\system32\spupdsvc.exe
2027-11-17 09:56 . 2008-05-11 14:20 -------- dc----w- c:\windows\EHome
2027-10-10 15:13 . 2027-10-10 15:13 -------- dc----w- c:\program files\Adventure Soft
2027-10-10 13:41 . 2007-04-01 10:30 -------- dc----r- C:\$VAULT$.AVG
2027-10-10 13:41 . 2005-10-09 13:20 9310386 -csha-r- C:\AVG7DB_F.DAT
2027-10-10 13:21 . 2027-10-10 13:21 11966193 -c--a-w- C:\AVG7QT.DAT
2027-10-10 12:25 . 2027-10-10 12:25 -------- dc----w- c:\windows\Sun
2027-10-10 11:03 . 2002-06-17 16:55 8946 -c--a-w- c:\documents and settings\All Users\Data aplikací\BVRP Software\Classic PhoneTools\FAX0010.cmd
2027-10-10 11:01 . 2027-10-10 11:01 -------- dc----w- c:\program files\MAC
2027-10-09 08:37 . 2027-10-09 08:37 -------- dcsh--w- c:\documents and settings\Michal\UserData
2027-10-08 18:35 . 2027-10-08 18:35 50688 -c--a-w- c:\windows\system32\wbhelp2.dll
2027-10-08 16:18 . 2027-10-08 16:18 -------- dc----w- c:\program files\VID_0E8F&PID_0003
2027-10-08 16:14 . 2002-12-17 17:58 40960 ----a-w- c:\windows\system32\UMonit2K.exe
2027-10-08 16:14 . 2002-12-17 17:58 36864 -c--a-r- c:\windows\system32\geneicon.dll
2027-10-08 16:11 . 2007-05-03 07:20 737280 -c--a-w- c:\windows\iun6002.exe
2027-10-08 16:10 . 2002-12-03 08:24 22260 -c--a-r- c:\windows\system32\drivers\geneuide.sys
2027-10-08 16:10 . 2002-11-14 01:26 40960 -c--a-r- c:\windows\system32\usbmonit.exe
2027-10-08 16:10 . 2002-11-14 01:19 36864 -c--a-r- c:\windows\system32\deluidrv.exe
2027-10-08 16:10 . 2002-11-14 01:19 32768 -c--a-r- c:\windows\system32\delentry.exe
2027-10-08 16:10 . 2027-10-08 16:10 -------- dc----w- c:\program files\PanRam
2027-10-08 16:09 . 2027-10-08 16:10 -------- dc----w- c:\windows\system\IOSUBSYS
2027-10-03 19:15 . 2009-08-06 18:24 327896 -c--a-w- c:\windows\system32\wucltui.dll
2027-10-03 19:15 . 2009-08-06 18:24 327896 -c--a-w- c:\windows\system32\dllcache\wucltui.dll
2027-10-03 19:15 . 2009-08-06 18:24 209632 -c--a-w- c:\windows\system32\wuweb.dll
2027-10-03 19:15 . 2009-08-06 18:24 209632 -c--a-w- c:\windows\system32\dllcache\wuweb.dll
2027-10-03 19:15 . 2009-08-06 18:24 35552 -c--a-w- c:\windows\system32\dllcache\wups.dll
2027-10-03 19:15 . 2009-08-06 18:24 35552 ----a-w- c:\windows\system32\wups.dll
2027-10-03 19:15 . 2009-08-06 18:23 575704 -c--a-w- c:\windows\system32\wuapi.dll
2027-10-03 19:15 . 2009-08-06 18:23 575704 -c--a-w- c:\windows\system32\dllcache\wuapi.dll
2027-10-03 19:15 . 2005-05-26 02:16 194328 -c--a-w- c:\windows\system32\wuaueng1.dll
2027-10-03 19:15 . 2005-05-26 02:16 194328 -c--a-w- c:\windows\system32\dllcache\wuaueng1.dll
2027-10-03 19:15 . 2005-05-26 02:16 173336 -c--a-w- c:\windows\system32\wuauclt1.exe
2027-10-03 19:15 . 2005-05-26 02:16 173336 -c--a-w- c:\windows\system32\dllcache\wuauclt1.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2027-11-17 10:08 . 2027-10-02 17:38 8972 -c--a-w- c:\windows\pchealth\HelpCtr\Config\Cntstore.bin
2027-10-10 08:40 . 2027-10-02 18:54 700 -c--a-w- c:\windows\eReg.dat
2027-10-02 17:54 . 2027-10-02 17:54 -------- dc----w- c:\program files\VIA FliteDeck
2027-10-02 17:53 . 2027-10-02 17:53 -------- dc----w- c:\program files\VIA Technologies, Inc
2027-10-02 17:39 . 2027-10-02 17:39 -------- dc----w- c:\program files\microsoft frontpage
2027-10-02 17:39 . 2027-10-02 17:39 558142 -c--a-w- c:\windows\java\Packages\CN5ZFR9B.ZIP
2027-10-02 17:39 . 2027-10-02 17:39 155995 -c--a-w- c:\windows\java\Packages\LNTBVFF5.ZIP
2027-10-02 17:36 . 2027-10-02 17:36 21812 -c--a-w- c:\windows\system32\emptyregdb.dat
2010-10-04 15:04 . 2002-09-23 12:00 83742 ----a-w- c:\windows\system32\perfc005.dat
2010-10-04 15:04 . 2002-09-23 12:00 441086 ----a-w- c:\windows\system32\perfh005.dat
2010-10-04 14:39 . 2010-10-04 14:41 390144 -c--a-w- c:\windows\system32\CF27972.exe
2010-09-07 16:12 . 2002-12-31 22:56 38848 -c--a-w- c:\windows\avastSS.scr
2010-09-07 16:11 . 2009-10-30 12:28 167592 -c--a-w- c:\windows\system32\aswBoot.exe
2010-09-07 15:52 . 2009-10-30 12:28 46672 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 15:52 . 2009-10-30 12:28 165584 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 15:47 . 2009-10-30 12:28 23376 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 15:47 . 2009-10-30 12:28 100176 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 15:47 . 2009-10-30 12:28 94544 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 15:47 . 2009-10-30 12:28 17744 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 15:46 . 2009-10-30 12:28 28880 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 -c--a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2009-10-23 289072]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10c.exe" [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 -c--a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [3.4.2007 7:33 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [3.4.2007 7:33 5248]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.10.2009 14:28 165584]
R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [10.9.2007 17:31 425080]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.10.2009 14:28 17744]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [8.2.2007 0:06 49152]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2.4.2007 13:18 10218624]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2.2.2008 20:36 58288]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12.9.2009 15:45 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12.9.2009 15:45 8320]
S3 rockusb;Driver for rockusb Device;c:\windows\system32\drivers\rockusb.sys [22.3.2006 20:57 73984]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2009-11-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
mStart Page = hxxp://home.sweetim.com
mSearch Bar = hxxp://us.rd.yahoo.com/clientapps/AutoSearch/SearchBarLM/YSetSearch/2008/03/03/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/clientapps/AutoSearch/SearchUrl/YSetSearch/2008/03/03/*http://www.yahoo.com
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Přelož do češtiny - c:\program files\Seznam Listicka\Toolbar.dll/5034
IE: Download Video - http://www.viloader.net/addon.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Hledej v &Seznamu - c:\program files\Seznam Listicka\Toolbar.dll/5033
IE: Hledej v Seznam &Fulltextu - c:\program files\Seznam Listicka\Toolbar.dll/5035
IE: Zobrazit originál
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: stahuj.cz\www
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxp://www.listicka.cz/toolbar.cab
.

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x835F7DF0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf75f2f28
\Driver\ACPI -> ACPI.sys @ 0xf753fcb8
\Driver\atapi -> 0x835f7df0
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: VIA Rhine III Management Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf73d8bb0
PacketIndicateHandler -> NDIS.sys @ 0xf73e5a21
SendHandler -> NDIS.sys @ 0xf73c387b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1614895754-842925246-1060284298-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1614895754-842925246-1060284298-1004\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (S-1-5-21-1614895754-842925246-1060284298-1004)
@Allowed: (Read) (S-1-5-21-1614895754-842925246-1060284298-1004)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(796)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-10-04 17:21:03
ComboFix-quarantined-files.txt 2010-10-04 15:21
ComboFix2.txt 2009-10-09 06:26
ComboFix3.txt 2009-10-01 21:56
ComboFix4.txt 2009-10-01 19:44
ComboFix5.txt 2010-10-04 14:43

Před spuštěním: 9 974 882 304
Po spuštění: Volných bajtů: 10 138 071 040

- - End Of File - - 8C2DF5E26463D9AAD073ACB87EBAD556

2 položky CF smazal, zbytek logu vypadá čistý. Udělejte ještě sken MBR: http://www2.gmer.net/mbr/mbr.exe a dejte log.

VIRY.CZ

prosím o kontrolu,počítač je po dětech pomalý...

prosím o kontrolu,počítač je po dětech pomalý...

Re: prosím o kontrolu,počítač je po dětech pomalý...