VIRY.CZ

ping mi skace cca od 20 az do 2000 jak kdy,stahovani zaple nemam,PC jsem projel cleanerem,antispware i antivirem a fakt uz nevim cim to muze byt.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:12:08, on 14.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\IObit\Game Booster\GameBox.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\Utils\Miranda IM new\miranda32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Mumble\mumble.exe
C:\WINDOWS\system32\dllhost.exe
F:\Utils\totalcmd\TOTALCMD.EXE
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\Dzadzded\Dokumenty\Stažené soubory\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iobit.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Toolbar BHO - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file)
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Utils\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IObit Toolbar Service (IObitBarService) - Unknown owner - C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe (file missing)
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8327 bytes

bumpo

povypinaj postupne vsetky bezp. programy a pri tom sleduj odozvu:
ZoneAlarm+Spyware Terminator+Advanced SystemCare 3+Avira

nepomohlo

vloz log z ComboFix

ComboFix 11-02-13.03 - Dzadzded 14.02.2011 13:44:10.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.1127 [GMT 1:00]
Spuštěný z: c:\documents and settings\Dzadzded\Dokumenty\Stažené soubory\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Dzadzded\Dokumenty\cc_20110214_010754.reg

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-14 do 2011-02-14 )))))))))))))))))))))))))))))))
.

2011-02-14 00:04 . 2011-02-14 00:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-02-13 23:59 . 2011-02-13 23:59 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-02-13 23:59 . 2011-02-14 00:02 -------- d-----w- c:\program files\Google
2011-02-13 23:59 . 2011-02-13 23:59 -------- d-----w- c:\documents and settings\Dzadzded\Local Settings\Data aplikací\Google
2011-02-13 14:49 . 2011-02-13 14:49 -------- d-----w- c:\program files\Crawler
2011-02-13 14:49 . 2011-02-13 14:49 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-02-13 14:49 . 2011-02-13 20:45 -------- d-----w- c:\documents and settings\Dzadzded\Data aplikací\Spyware Terminator
2011-02-13 14:48 . 2011-02-14 10:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-02-13 14:48 . 2011-02-13 20:48 -------- d-----w- c:\program files\Spyware Terminator
2011-02-10 09:02 . 2008-04-13 21:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2011-02-10 09:02 . 2008-04-13 21:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2011-02-10 09:01 . 2008-11-07 17:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-02-10 08:58 . 2011-02-10 09:02 -------- d-----w- c:\documents and settings\Dzadzded\Data aplikací\Nokia
2011-02-10 08:58 . 2011-02-10 09:02 -------- d-----w- c:\documents and settings\Dzadzded\Data aplikací\PC Suite
2011-02-10 08:58 . 2011-02-10 09:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Suite
2011-02-10 08:57 . 2011-02-10 08:57 -------- d-----w- c:\program files\Common Files\PCSuite
2011-02-10 08:57 . 2011-02-10 08:57 -------- d-----w- c:\program files\Common Files\Nokia
2011-02-10 08:56 . 2011-02-10 08:58 -------- d-----w- c:\program files\DIFX
2011-02-10 08:56 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-02-10 08:56 . 2011-02-10 08:56 -------- d-----w- c:\program files\PC Connectivity Solution
2011-02-10 08:55 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-02-10 08:55 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-02-10 08:55 . 2010-07-30 13:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-02-10 08:55 . 2011-02-10 08:58 -------- dc----w- c:\windows\system32\DRVSTORE
2011-02-10 08:55 . 2010-07-30 13:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-02-10 08:55 . 2010-07-30 13:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-02-10 08:55 . 2010-07-30 13:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-02-10 08:55 . 2010-02-26 13:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-02-10 08:55 . 2010-07-30 13:17 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2011-02-10 08:53 . 2011-02-10 08:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Installations
2011-02-09 15:43 . 2011-02-09 16:02 -------- d--h--w- c:\windows\$hf_mig$
2011-01-17 20:32 . 2011-01-17 20:34 -------- d-----w- c:\documents and settings\Dzadzded\Data aplikací\TS3Client
2011-01-17 20:30 . 2011-01-17 20:31 -------- d-----w- c:\program files\TeamSpeak 3 Client

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-21 14:44 . 2008-04-14 08:51 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2008-04-14 08:37 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2008-04-14 07:45 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2008-04-14 08:51 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:06 . 2008-03-01 13:02 832512 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:06 . 2008-03-01 13:02 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 23:06 . 2008-04-27 10:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 23:06 . 2008-04-27 10:08 17408 ----a-w- c:\windows\system32\corpol.dll
2010-12-20 17:25 . 2008-04-14 08:51 729088 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2008-04-27 10:08 389120 ----a-w- c:\windows\system32\html.iec
2010-12-20 10:16 . 2010-12-18 10:15 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-12-09 15:15 . 2008-04-14 08:51 713216 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 15:14 . 2008-04-14 08:07 2194944 ------w- c:\windows\system32\ntoskrnl.exe
2010-12-09 15:14 . 2008-04-14 06:06 2071552 ------w- c:\windows\system32\ntkrnlpa.exe
2010-12-09 14:30 . 2008-04-14 08:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-11-30 17:13 . 2010-12-18 10:15 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-18 18:15 . 2009-08-06 12:21 81920 ----a-w- c:\windows\system32\isign32.dll
.

------- Sigcheck -------

[-] 2008-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-08-29 09:00 2734688 ----a-w- c:\program files\ZoneAlarm\tbZon1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\uTorrentBar\tbuTor.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-29 2734688]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-11-29 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-11-29 3908192]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-29 2734688]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-12-14 2402512]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-02-13 3318784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"C-Media Mixer"="Mixer.exe" [2002-07-12 1581056]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Dzadzded^Nabídka Start^Programy^Po spuštění^CurseClientStartup.ccip]
path=c:\documents and settings\Dzadzded\Nabídka Start\Programy\Po spuštění\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccipStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObitBar Browser Plugin Loader

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
2002-07-12 15:33 1581056 ----a-w- c:\windows\mixer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
2006-03-22 22:13 1591808 ----a-w- c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 13:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-12-21 10:53 1483264 ----a-w- f:\utils\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-12-20 19:57 1242448 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"f:\\Utils\\MIranda\\miranda32.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"f:\\Utils\\Miranda IM new\\miranda32.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\games\\League of Legends\\air\\LolClient.exe"=
"d:\\games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"f:\\Games\\Prototype\\prototypef.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59008:TCP"= 59008:TCP:Pando Media Booster
"59008:UDP"= 59008:UDP:Pando Media Booster
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"8395:TCP"= 8395:TCP:League of Legends Launcher
"8395:UDP"= 8395:UDP:League of Legends Launcher
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"6967:TCP"= 6967:TCP:League of Legends Launcher
"6967:UDP"= 6967:UDP:League of Legends Launcher
"6957:TCP"= 6957:TCP:League of Legends Launcher
"6957:UDP"= 6957:UDP:League of Legends Launcher
"6924:TCP"= 6924:TCP:League of Legends Launcher
"6924:UDP"= 6924:UDP:League of Legends Launcher
"6908:TCP"= 6908:TCP:League of Legends Launcher
"6908:UDP"= 6908:UDP:League of Legends Launcher
"6893:TCP"= 6893:TCP:League of Legends Launcher
"6893:UDP"= 6893:UDP:League of Legends Launcher
"6909:TCP"= 6909:TCP:League of Legends Launcher
"6909:UDP"= 6909:UDP:League of Legends Launcher
"6898:TCP"= 6898:TCP:League of Legends Launcher
"6898:UDP"= 6898:UDP:League of Legends Launcher
"6914:TCP"= 6914:TCP:League of Legends Launcher
"6914:UDP"= 6914:UDP:League of Legends Launcher
"6903:TCP"= 6903:TCP:League of Legends Launcher
"6903:UDP"= 6903:UDP:League of Legends Launcher
"6920:TCP"= 6920:TCP:League of Legends Launcher
"6920:UDP"= 6920:UDP:League of Legends Launcher

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [27.9.2009 10:41 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.8.2009 15:34 691696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [13.2.2011 15:49 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [18.12.2010 11:15 135336]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [26.5.2010 14:35 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [26.5.2010 14:35 493032]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14.2.2011 0:59 136176]
S2 IObitBarService;IObit Toolbar Service;c:\progra~1\IObitBar\toolbar\1.bin\i0barsvc.exe --> c:\progra~1\IObitBar\toolbar\1.bin\i0barsvc.exe [?]
S3 AsrCDDrv;AsrCDDrv;\??\c:\windows\system32\Drivers\AsrCDDrv.sys --> c:\windows\system32\Drivers\AsrCDDrv.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [14.4.2008 9:52 14336]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [27.9.2009 10:41 160640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2011-02-14 c:\windows\Tasks\Game_Booster_Startup.job
- c:\program files\IObit\Game Booster\GameBox.exe [2010-11-17 21:47]

2011-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-13 23:59]

2011-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-13 23:59]

2011-02-06 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-02-17 12:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60347
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Dzadzded\Data aplikací\Mozilla\Firefox\Profiles\lfeon9cu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/firefox?client=firefox-a& ... s:official
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60347&qkw=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: ZoneAlarm Security Engine: {FFB96CC1-7EB3-449D-B827-DB661701C6BB} - c:\program files\CheckPoint\ZAForceField\TrustChecker
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - f:\utils\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Tamper Data: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} - %profile%\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
AddRemove-TrueMotion Compression Toolkit - c:\duck\Uninst.isu

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-14 13:47
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-796845957-1993962763-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ff,c4,a1,56,70,0d,15,a6,f4,d1,f7,ed,c1,b3,5c,22,aa,5a,c5,b5,56,8b,60,
24,fb,e9,65,db,51,1c,7b,35,aa,4c,2c,3d,8c,28,0b,b2,71,65,ec,8a,d8,1e,64,34,\
"??"=hex:7f,61,8a,d5,0e,c6,68,55,81,d2,51,b1,6a,61,01,c3

[HKEY_USERS\S-1-5-21-796845957-1993962763-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:e0,83,0d,ed,10,d3,1d,23,36,5d,5e,ba,6f,9c,cd,ca,f7,46,50,db,80,
6e,3b,ac,8d,05,02,37,ff,00,73,46,9b,76,12,15,7f,1d,30,0c,c7,14,20,04,80,2a,\
"rkeysecu"=hex:a4,88,41,5a,ef,7f,15,f6,1b,45,26,d1,9b,ce,ae,10

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="AEE2FC3E7A697FED46033CB342D7C27D1E4573F31F6B692EB3404280F54F7CD0DD85A35505A76A1239ED0999D7C36BCC98B907A3C5A5F2BB8F780BC4FA53B66A874AAA6C9EFD3AFE6566FB98FBF576D6C37D7F16C26F8A6AB3631B0F5513FE06188B256F28E81858095400112E88B6C04DA8C1C0D91F4B035FE36E0A2A43DC358018C85C48999410E514A3F5B7C8630569BFD4AC94C0B7A4554D27F261CBB8D935316EC4E573A07140721B4F203798F0CDC0E4743A91B143DEE90A1B26C5DFACAE0E15D0318F1217E1333BB7B58AD5A5B41B42495D048224FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DBA7FD869164D67945D575E7D6A3B9808152F17879584103B026F6326C0AD310A606303C58AF6261CC231F790659DC79C082814CC411136F70F1F63A2BBB2024B849F2C2879EBFA963462EDC1FC91F6C76E1F08561D993B9380255D4AF9A1F01EBEC78F55933C9F71131FCB20649EC5C82B0FA335100DF926A9287643A3A59D3F6F516F2961719DAFF2C78C5C2349C707A2E5B913C38BAB1F5FC47DCBA21E0C4380A631172FC6E1AB6D34CB3D864BF342BF88BFAAA66AEFBFFC0C5FB3A79CA3115D245C230CAABF8E9EAE4E1DA110A40970CB52CA6BB3CA1EE18032DEA4E733E2F4991D674DC069D928F2F7E9C63896C0A4FCAFD507A42324F01A2C4651F969C6BB4DC6110AE0FAE02E35522712196E22D259BAC435AFC40E8F46AB75A9825B212977CCDF9F97EF4B581A0D69DD3A30BAF5157A22F1785EEE29E2AE8DEA630127384648ABADA1AB15553DF8DB4E58C86A0956190E815B04ACACC659421AB338E4E8D877DB9776F10D53AB8CBCC56485659039663A68E22D010C3773DB7C3CBE37BEC6B8ED073AEB5809E6E05D6E039735104AD5EEF15234F93D72E9371FFEBAD3C29612F3664A29EE2EE4B4A6B50C97B6128FFC862B1FDA77BC274BC3CF2A353F7EC6AC126735191A7F11E8104D8B7E1B240096F1E771C131887A4C85A2A798D583485603FC4091FC3DC884A829442BE6588403333D29F2B0A28244166E9036C4E4FEFD13DFE0CC892D5EB09303A8DFF143FCC3E105D5D6D3924EAF214EB2C38F39463A230C43E60718173B07D7E24369003C01A95EBDBFCBE1DAAFE62092588C1CE842A94246E112C82D97CBE84E5F4FAA8A0449AADA5E1FA01E053B0A656FE72F28F4AE867F239A124E59423CFAA3F666A0BD9310D9CCA561FE9986EF956B9E94BA515120B47564469DBCDA992E608A57B0BF71F91C058F3959F9C500C110847448FDC09CE2830640B01D9C0EE0CD8428DA40DC94B7665D44FE540926BD05407A6D43434A3760ED5B11FE22EC3F06B807B71CE4D276B46520B2FDF4980E57CC55BB8D32BE1702D8"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(788)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'lsass.exe'(844)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Celkový čas: 2011-02-14 13:49:31
ComboFix-quarantined-files.txt 2011-02-14 12:49
ComboFix2.txt 2010-09-11 10:59

Před spuštěním: 551 813 120
Po spuštění: 624 549 888

- - End Of File - - 82DC3C0BDB77456A627EC7FE76C22D37

doporucujem odinstalovat Spyware Terminator+Advanced SystemCare 3
+ vycistit PC s CCleanerom
namisto prikazu ping pouzi prikaz tracert > aby sme vedeli kde sa pingy stracaju napr.
tracert www.seznam.cz

no zatim to vypada ok,kdyztak dam vedet a dik za pomoc

rado sa stalo

VIRY.CZ

spike lagy,prosim o kontrolu

spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu

Re: spike lagy,prosim o kontrolu