VIRY.CZ

Prosím o kontrolu logu z notbooku mé kamarádky.Půl roku bez antiviráku a pc se restartí po 1 minutě.Pouze práce v nouzáku.Na flash disku virus autorun.inf.Má win xp.Děkuji.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dana Krupičková at 2011-03-27 21:19:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (13%) free of 15 GB
Total RAM: 895 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:19:48, on 27.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Nemazat nevstupovat\Utility\RSIT\RSIT(4).exe
C:\Program Files\trend micro\Dana Krupičková.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{921F5E8F-18B2-4605-8A8F-93C120C14128}: NameServer = 194.228.41.65,194.228.41.113
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/DANAKR~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 7273 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AWC AutoSweep.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-09-23 756840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-20 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"DrvIcon"=C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe [2007-07-04 45056]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-20 148888]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-03-02 1667584]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2007-09-04 54576]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-05-11 708697]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe [2008-12-22 150528]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-09-04 95536]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-06 26102056]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-02-01 2342608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-11-12 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-24 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-09-23 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2011-03-27 21:19:43 ----D---- C:\rsit
2011-03-27 21:19:43 ----D---- C:\Program Files\trend micro
2011-03-27 21:12:41 ----D---- C:\WINDOWS\temp
2011-03-27 21:12:39 ----A---- C:\ComboFix.txt
2011-03-27 21:07:38 ----D---- C:\Program Files\The KMPlayer
2011-03-27 21:04:23 ----A---- C:\Boot.bak
2011-03-27 21:04:19 ----RASHD---- C:\cmdcons
2011-03-27 20:58:31 ----A---- C:\WINDOWS\zip.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\SWSC.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\SWREG.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\sed.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\PEV.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\NIRCMD.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\MBR.exe
2011-03-27 20:58:31 ----A---- C:\WINDOWS\grep.exe
2011-03-27 20:53:31 ----A---- C:\WINDOWS\ntbtlog.txt
2011-03-27 20:50:18 ----D---- C:\WINDOWS\ERDNT
2011-03-27 20:50:18 ----D---- C:\Comx
2011-03-27 20:50:18 ----AD---- C:\Qoobox
2011-03-27 20:50:18 ----A---- C:\WINDOWS\system32\CF19415.exe
2011-03-27 20:24:57 ----D---- C:\Program Files\CCleaner
2011-03-27 20:02:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-03-27 19:54:34 ----D---- C:\WINDOWS\pss
2011-03-27 19:44:37 ----A---- C:\WINDOWS\isRS-000.tmp
2011-03-27 19:27:05 ----RAD---- C:\autorun.inf
2011-03-27 19:03:10 ----SHD---- C:\WINDOWS\CSC
2011-03-24 13:15:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-18 00:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-03-09 13:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$

======List of files/folders modified in the last 1 months======

2011-03-27 21:19:43 ----RD---- C:\Program Files
2011-03-27 21:13:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-27 21:12:41 ----D---- C:\WINDOWS
2011-03-27 21:11:52 ----SD---- C:\WINDOWS\Tasks
2011-03-27 21:11:10 ----A---- C:\WINDOWS\system.ini
2011-03-27 21:10:52 ----D---- C:\WINDOWS\system32
2011-03-27 21:09:38 ----D---- C:\WINDOWS\system32\drivers
2011-03-27 21:09:14 ----D---- C:\WINDOWS\AppPatch
2011-03-27 21:09:13 ----D---- C:\Program Files\Common Files
2011-03-27 21:04:23 ----RASH---- C:\boot.ini
2011-03-27 20:25:51 ----D---- C:\Documents and Settings\Dana Krupičková\Data aplikací\Azureus
2011-03-27 20:25:48 ----D---- C:\WINDOWS\Debug
2011-03-27 20:22:10 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-27 20:16:48 ----D---- C:\WINDOWS\system32\inetsrv
2011-03-27 19:57:54 ----D---- C:\Program Files\Google
2011-03-27 19:57:37 ----D---- C:\Program Files\ESET
2011-03-27 19:57:09 ----AC---- C:\WINDOWS\win.ini
2011-03-27 19:46:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-03-27 19:12:38 ----HD---- C:\WINDOWS\inf
2011-03-27 18:57:41 ----D---- C:\Documents and Settings\Dana Krupičková\Data aplikací\Skype
2011-03-27 18:41:39 ----D---- C:\WINDOWS\Prefetch
2011-03-27 18:38:00 ----D---- C:\Documents and Settings\Dana Krupičková\Data aplikací\skypePM
2011-03-27 18:37:36 ----A---- C:\ASWL2K.ini
2011-03-24 13:15:13 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-23 19:46:03 ----D---- C:\WINDOWS\system32\oodag
2011-03-23 18:49:57 ----D---- C:\Program Files\Mozilla Firefox
2011-03-18 00:44:57 ----D---- C:\Program Files\Microsoft Silverlight
2011-03-18 00:20:32 ----SHD---- C:\WINDOWS\Installer
2011-03-18 00:19:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-09 13:43:16 ----AC---- C:\WINDOWS\system32\MRT.exe
2011-03-09 13:43:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-11-05 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-11-05 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-11-05 4992]
R3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-08-09 70144]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-05-11 189664]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-05-26 20747]
S2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
S2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-02-06 130952]
S2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
S3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-11-05 22784]
S3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-11-05 10112]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\DANAKR~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 mbr;mbr; \??\C:\Comx7854C\mbr.sys []
S3 MHNDRV;Ovladač platformy MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
S3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-23 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-23 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2008-11-05 58880]
S2 ASWLSVC;ASWLSVC; C:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-11-12 573440]
S2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-01 135664]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-20 152984]
S2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-05-11 225280]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-05-20 603904]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-20 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-05-20 360192]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Flash disk připojte a dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

combofix jsem dělal ještě před váma ale udělám ho znova.Zde je výpis z MWAV jestli se vám hodí.Děkuji za ochotu.
Přemístění hodnot registrů: ******** (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost/netsvcs) Previous Value: [UxTuneUp], New Value: [NULL]
Přemístění hodnot registrů: ******** (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost/netsvcs) Previous Value: [MHN], New Value: [NULL]
Objekt "NULLBYTE Spyware/Adware" nalezen v souborovém systému! Provedené akce: Záznam odstraněn.
Objekt "Backdoor (IRCBot) Trojans Spyware/Adware" nalezen v souborovém systému! Provedené akce: Záznam odstraněn.
Objekt "Backdoor (IRCBot) Trojans Spyware/Adware" nalezen v souborovém systému! Provedené akce: Záznam odstraněn.
Objekt "DiskKnight Adware" nalezen v souborovém systému! Provedené akce: Záznam odstraněn.
Objekt "AntiSpyware Pro XP Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Záznam odstraněn.
Záznam "HKCR\DirectAnimation.PathControl" odkazuje na neplatný objekt "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\DirectAnimation.Sequence" odkazuje na neplatný objekt "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\DirectAnimation.SequencerControl" odkazuje na neplatný objekt "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\DirectAnimation.SpriteControl" odkazuje na neplatný objekt "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\DirectAnimation.StructuredGraphicsControl" odkazuje na neplatný objekt "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\JavaPlugin.FamilyVersionSupport" odkazuje na neplatný objekt "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\MailFileAtt" odkazuje na neplatný objekt "{00020D05-0000-0000-C000-000000000046}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\mapifvbx.object" odkazuje na neplatný objekt "{41116C00-8B90-101B-96CD-00AA003B14FC}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\SymWriter.pdb" odkazuje na neplatný objekt "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Provedené akce: Záznam odstraněn.
Záznam "HKCR\Toolbar.CT1978305" odkazuje na neplatný objekt "{badb308a-df88-429b-ba77-6d739439fed4}". Provedené akce: Záznam odstraněn.
Soubor C:\WINDOWS\NIRCMD.exe indentifikován jako "Malware.Win32 (ES)". Provedené akce: Smazáno!.
Soubor C:\WINDOWS\system32\CMDOW.exe indentifikován jako "APPL/HideWindows.31232.1 (ES)". Provedené akce: Smazáno!.
Soubor C:\Documents and Settings\Dana Krupičková\Dokumenty\Stažené soubory\Advanced.System.Care.Pro3.5.0.CZ Serials.Keygen\ASC\Keygen.exe indentifikován jako "Troj/KeyGen-DO.TE (ES)". Provedené akce: Smazáno!.
Soubor C:\System Volume Information\_restore{B71BED64-FB0B-46FE-AD8E-A01B3D3FA7A9}\RP0\A0000006.exe indentifikován jako "Malware.Win32 (ES)". Provedené akce: Smazáno!.
Soubor C:\System Volume Information\_restore{B71BED64-FB0B-46FE-AD8E-A01B3D3FA7A9}\RP0\A0000007.exe indentifikován jako "APPL/HideWindows.31232.1 (ES)". Provedené akce: Smazáno!.
Soubor D:\Nemazat nevstupovat\Utility\Flash_Disinfector.exe indentifikován jako "APPL/NirCmd.2 (ES)". Provedené akce: Smazáno!.

zde předešlý combofix v nouzáku.Nespustil jsem ho ale jako s právama admina.Vadí?
ComboFix 11-03-26.02 - Dana Krupičková 27.03.2011 21:07:29.1.1 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.895.543 [GMT 2:00]
Spuštěný z: d:\nemazat nevstupovat\Utility\Combofix\Comx.exe
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Cache
F:\Autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-27 do 2011-03-27 )))))))))))))))))))))))))))))))
.
.
2011-03-27 19:07 . 2011-03-27 19:08 -------- d-----w- c:\program files\The KMPlayer
2011-03-27 18:50 . 2011-03-27 18:53 -------- d-----w- C:\Comx
2011-03-27 18:50 . 2011-03-27 18:50 390144 ----a-w- c:\windows\system32\CF19415.exe
2011-03-27 18:24 . 2011-03-27 18:24 -------- d-----w- c:\program files\CCleaner
2011-03-27 17:44 . 2011-03-27 17:44 711168 ----a-w- c:\windows\isRS-000.tmp
2011-03-25 06:22 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{C8D4A20B-5169-4984-B407-F3C4BD5F75CD}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2009-06-06 05:49 5943120 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-02-02 17:11 . 2009-10-03 08:09 222080 -c----w- c:\windows\system32\MpSigStub.exe
2011-02-02 07:58 . 2009-05-20 07:36 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2009-05-20 07:36 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2008-10-19 06:38 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2008-04-14 07:37 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:02 . 2008-10-17 14:02 1864064 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2009\MemOptimizer.exe" [2008-12-22 150528]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 95536]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-06 26102056]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-02-01 2342608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"DrvIcon"="c:\program files\Vista Components\Vista Drive Icon\DrvIcon.exe" [2007-07-04 45056]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-20 148888]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-03-02 1667584]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 54576]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-05-11 708697]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AlwaysReady Power Message APP"=ARPWRMSG.EXE
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"RTHDCPL"=RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8686:TCP"= 8686:TCP:BitComet 8686 TCP
"8686:UDP"= 8686:UDP:BitComet 8686 UDP
.
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 16:49 13592]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 15:23 106208]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 15:23 727720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1.3.2010 14:00 135664]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [26.5.2009 18:02 246520]
S3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [26.5.2009 11:23 1056512]
S3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [26.5.2009 11:23 8064]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 03:32 128512 -c--a-w- c:\windows\system32\advpack.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{FC88681F-4735-4f2f-9514-C21BAC737CF8}]
2009-03-08 03:32 128512 -c--a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-27 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 17:06]
.
2011-03-27 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-07-02 12:11]
.
2011-03-27 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-07-02 11:38]
.
2011-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-01 12:00]
.
2011-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-01 12:00]
.
2011-03-27 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 14:50]
.
2011-03-27 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 17:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: {921F5E8F-18B2-4605-8A8F-93C120C14128} = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\Dana Krupičková\Data aplikací\Mozilla\Firefox\Profiles\u1vo0bgk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2238016&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Driver Detective Community Toolbar: {8786b320-6cf4-47da-aef0-47011b3f84fb} - %profile%\extensions\{8786b320-6cf4-47da-aef0-47011b3f84fb}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - %profile%\extensions\xmlfiller@software602.cz
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-27 21:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="161FC717415C5A6AF3E20BBD4A7CDBA098550BDD275DAAC916ACD1C78F741D453BC11C90F8CBDAC56CF4924F5A35CA96522EDE71C2874671D4E28612BFF8276A6AB8A26E0DFA1C5F2EA35BE29CB154FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407FEBC9E127BECC74CA6A0AC4980AC79339D055844FEFEA649A8C3D9703D053AEC40A98E50073FBAF81444032A426068A9907119DADA15E7165A84AE56448534DECFAA587E072E2721A12CAC395CFD854479F7A06A63D1A50E2E80EEAED7359D8E8EE594EE67F589D635755ABD098BDE816D76700CF2C84C8B2CC197A594E328FD16B3D984A4457FE197E65CEEC3B29B8F063FB06A273F29C25DC8C57BD6916F0301E15FB300F80B5E94B9A1954F4E446F621BAA4562ADF239D18ABF8344F7EDCA6E3203857D26103CFC9CC112317048F5A2C34F6ECBC2BEC79BED6D2743FE83D103574519E49358BFA5AFF6D4B05D794B6C68B04FCB5F879C5150D8627E47766C657CC99D42BC127E678B9D645B8D0FEC6A2D0561911A2EB98D7FB345E5226EC0423DDBD865524F671E3939DB83AC24AAC8A727B4103BF575EFC1D0F42D167749C72C6725633683382BB56F68BD1C35A9BB6317EC7B4006F719CD29A7495D02D4AB4DFCEE13010A05F2F308CDE2702663F55F77BFCF5C69C03250D7AC76E76208A31951B6127E1EB55F5AF3E011713C24B20F8E7AC9F18FA063691C61B4D651D66C7DBD93BF2D63855AC2C30D291C238B30D8C7FA6C9D4C3DDD2CDBBBC682EA8D46DB3F2D41C05E06D6FA2DCFCEA068112F98B2B57D2C571152229DC333F2B0CA730876C1FCA1F698C8C40A3B6C64FEFAF41D80B0879ECAE977C58D15C5688580BCCCA9A120EAFCF6A9D558F62F80BB674B288888D72A27680A08FA618D54B1776CE43F341B6BA02CF359BABB88BE5B4680F1C66A81B8CF03C5CBDAEA5C5EE348530445EF2127F718AAECF5D82CA27ADC66A5D99B5B688B04EE6B458B4C60A9E2C44C6DE4AB567B6D51237430955E9C44D1E183727D0A8609CCB0742FB568790A98D80B3276638835F00144387FDCA7E81D39AC5BC7A2CE04295C495539BA2A53A936190E016F614B158098F96CB7660B2534DDD45B6D593AD223C714394CF92CD96432C00F4C2BDE4F8F4496224187C04C4C48F19ED67D449B2C9891DDC7085089599929AA02EF74359144BD28FE9BF177F03D59BC007412DA94068B110C58D4227EB2B79DCB9BE35D5BB336CB289A5A1106B4C7A23E60646C6A81D182AB541F103186717A9A00D66637D65B9FA85F8C07E0C78B021DC3D12DB31D49256E48EAC14042701390D34FEFE39199F7A1A6EDC9CE3788525885428067926831CB64C52BF2B56102852EA09E1270F5ED6894B44F"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1672)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-03-27 21:12:39
ComboFix-quarantined-files.txt 2011-03-27 19:12
.
Před spuštěním: 1 980 084 224
Po spuštění: 1 984 180 224
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 4C061AA7A6319CB0BB0AC804022D575C

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\isRS-000.tmp

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu CoimboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Obrázek

to jsem udělal,pc se restartoval a combofix napsal že vytváří report,ale jako vždy po restartu do normalního systému se pc opět sám restartil ještě než dokončil cobofix report.Ten restart se opakuje nepřetržitě.Už si nevím rady.Děkuji vám za snahu.

Dal systém před restartem nějakou hlášku?

popíšuproblém podrobně.Kamarádka měla svoji flashku kterou dává do pc.Přenesla ji ke kamarádovi a jeho AV ji vyhodnotil ako zavirovanou virem autorun.inf.Tím pádem jsem vyhodnotil že bude mít zavirovaný notebook.Mimo jiné neměla prodlouženou licenci Antiviru a půl roku byla bez aktualizovaného AV.Antivir měla legalizován nelegálním software Minodlogin na vyhledávání licencí.Tento software je sám o sobě zavirovaný.Vše jsem jí odinstaloval a nainstaloval legální AV.Při pokusu o odvirování flash disku dle návodu který jsem našel na vašich stránkách se náhle systém z ničeho nic zrestartoval a to samé se opakuje neustále dokola.Před tím to nedělalo.Systém naběhne tak na 10-20 vteřin a když nybíhají programy po spuštění je okamžitý restart.Bezu jakékoliv hlášky.Jen problikne známá modrá obrazovka kde ale nestačím pochytit co je tam napsáno.Děkuji.

Zkuste spustit TDSSKiller: http://support.kaspersky.com/viruses/utility a uložte ho na plochu. Dále postupujte podle kolegova návodu:

2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.

Děkuji vám.Budu pokračovat u mé kamarádky zitra po 11 hodine dopoledne.Děkuji za ochotu.

Zatím není zač!

děkujiza tpělivost.Zdá se že nic nenašel.Zde je log.
2011/03/29 16:00:00.0328 1156 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/29 16:00:00.0703 1156 ================================================================================
2011/03/29 16:00:00.0703 1156 SystemInfo:
2011/03/29 16:00:00.0703 1156
2011/03/29 16:00:00.0703 1156 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/29 16:00:00.0703 1156 Product type: Workstation
2011/03/29 16:00:00.0703 1156 ComputerName: PRAHA-F3D445740
2011/03/29 16:00:00.0703 1156 UserName: Dana Krupičková
2011/03/29 16:00:00.0703 1156 Windows directory: C:\WINDOWS
2011/03/29 16:00:00.0703 1156 System windows directory: C:\WINDOWS
2011/03/29 16:00:00.0703 1156 Processor architecture: Intel x86
2011/03/29 16:00:00.0703 1156 Number of processors: 1
2011/03/29 16:00:00.0703 1156 Page size: 0x1000
2011/03/29 16:00:00.0703 1156 Boot type: Safe boot with network
2011/03/29 16:00:00.0703 1156 ================================================================================
2011/03/29 16:00:03.0437 1156 Initialize success
2011/03/29 16:00:11.0375 0876 ================================================================================
2011/03/29 16:00:11.0375 0876 Scan started
2011/03/29 16:00:11.0375 0876 Mode: Manual;
2011/03/29 16:00:11.0375 0876 ================================================================================
2011/03/29 16:00:12.0921 0876 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/29 16:00:13.0000 0876 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/03/29 16:00:13.0140 0876 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/29 16:00:13.0281 0876 AegisP (2f7f3e8da380325866e566f5d5ec23d5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/03/29 16:00:13.0375 0876 AFD (4d43e74f2a1239d53929b82600f1971c) C:\WINDOWS\System32\drivers\afd.sys
2011/03/29 16:00:13.0765 0876 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
2011/03/29 16:00:13.0859 0876 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
2011/03/29 16:00:13.0906 0876 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
2011/03/29 16:00:14.0062 0876 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
2011/03/29 16:00:14.0140 0876 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
2011/03/29 16:00:14.0484 0876 ASNDIS5 (05a56c3156e1b6cc7bbd8e1d54d491f2) C:\WINDOWS\system32\ASNDIS5.SYS
2011/03/29 16:00:14.0734 0876 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/29 16:00:14.0890 0876 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/29 16:00:15.0203 0876 ati2mtag (86be5339a67c0a309f3e3ef8b0901ee5) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/03/29 16:00:15.0421 0876 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/29 16:00:15.0515 0876 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/29 16:00:15.0609 0876 BCM43XX (e7debb46b9ef1f28932e533be4a3d1a9) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/03/29 16:00:15.0812 0876 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/29 16:00:15.0906 0876 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/03/29 16:00:16.0078 0876 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/03/29 16:00:16.0156 0876 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/03/29 16:00:16.0359 0876 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/03/29 16:00:16.0687 0876 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/29 16:00:16.0781 0876 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/29 16:00:16.0906 0876 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/29 16:00:17.0093 0876 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/29 16:00:17.0156 0876 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/29 16:00:17.0343 0876 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/03/29 16:00:17.0546 0876 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/03/29 16:00:17.0843 0876 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/29 16:00:18.0015 0876 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/29 16:00:18.0187 0876 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/29 16:00:18.0265 0876 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/29 16:00:18.0375 0876 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/29 16:00:18.0578 0876 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/29 16:00:18.0687 0876 eamon (59d9e5dbcfef1e0e3dbac1b55c718f2d) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/03/29 16:00:18.0875 0876 ehdrv (3bd67a869964bf57266cbbd1dca38c6a) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/03/29 16:00:19.0000 0876 epfw (1a7384d0684adc204178f593994194b1) C:\WINDOWS\system32\DRIVERS\epfw.sys
2011/03/29 16:00:19.0187 0876 Epfwndis (82ccb9d92dd674f3a4758f4a6a18fc1c) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
2011/03/29 16:00:19.0281 0876 epfwtdi (db4fe66ecc47e6934dd769ff00e170bc) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
2011/03/29 16:00:19.0390 0876 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/29 16:00:19.0546 0876 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/29 16:00:19.0609 0876 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/29 16:00:19.0671 0876 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/29 16:00:19.0734 0876 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/29 16:00:19.0906 0876 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/29 16:00:19.0984 0876 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/29 16:00:20.0046 0876 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/29 16:00:20.0171 0876 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/03/29 16:00:20.0359 0876 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/29 16:00:20.0515 0876 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/29 16:00:20.0718 0876 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/29 16:00:20.0953 0876 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/29 16:00:21.0250 0876 IntcAzAudAddService (12f4d2aa29745dc2a403ff42e75cf7fa) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/03/29 16:00:21.0593 0876 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/29 16:00:21.0656 0876 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/29 16:00:21.0718 0876 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/29 16:00:21.0859 0876 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/29 16:00:21.0921 0876 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/29 16:00:21.0984 0876 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/29 16:00:22.0078 0876 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/03/29 16:00:22.0250 0876 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/29 16:00:22.0312 0876 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2011/03/29 16:00:22.0375 0876 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/29 16:00:22.0468 0876 iviVD (7bd8ff29fecc1f4ef5b26ce3ffa80ae8) C:\WINDOWS\system32\DRIVERS\iviVD.sys
2011/03/29 16:00:22.0625 0876 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/29 16:00:22.0734 0876 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/29 16:00:22.0906 0876 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/29 16:00:23.0265 0876 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/03/29 16:00:23.0359 0876 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/29 16:00:23.0453 0876 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/29 16:00:23.0625 0876 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/29 16:00:23.0687 0876 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/29 16:00:23.0781 0876 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/29 16:00:24.0031 0876 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
2011/03/29 16:00:24.0109 0876 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
2011/03/29 16:00:24.0281 0876 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/29 16:00:24.0375 0876 MRxSmb (d09b9f0b9960dd41e73127b7814c115f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/29 16:00:24.0578 0876 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/29 16:00:24.0656 0876 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/29 16:00:24.0812 0876 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/29 16:00:24.0875 0876 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/29 16:00:24.0953 0876 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/29 16:00:25.0031 0876 MTsensor (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
2011/03/29 16:00:25.0203 0876 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/29 16:00:25.0281 0876 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/29 16:00:25.0484 0876 NDIS (b5b1080d35974c0e718d64280761bcd5) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/29 16:00:25.0562 0876 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/29 16:00:25.0609 0876 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/29 16:00:25.0687 0876 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/29 16:00:25.0875 0876 NdisWan (b053a8411045fd0664b389a090cb2bbc) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/29 16:00:25.0953 0876 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/29 16:00:26.0015 0876 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/29 16:00:26.0187 0876 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/29 16:00:26.0328 0876 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/29 16:00:26.0406 0876 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/29 16:00:26.0640 0876 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/29 16:00:26.0734 0876 nvport (add596f11d3a23e55d960d4cce6e9b3a) C:\WINDOWS\system32\Drivers\nvport.sys
2011/03/29 16:00:26.0765 0876 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/29 16:00:26.0953 0876 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/29 16:00:27.0109 0876 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/03/29 16:00:27.0265 0876 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/29 16:00:27.0328 0876 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/29 16:00:27.0375 0876 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/29 16:00:27.0484 0876 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/29 16:00:27.0578 0876 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/03/29 16:00:28.0062 0876 pfc (da86016f0672ada925f589ede715f185) C:\WINDOWS\system32\drivers\pfc.sys
2011/03/29 16:00:28.0171 0876 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/29 16:00:28.0281 0876 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/29 16:00:28.0453 0876 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/29 16:00:28.0546 0876 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/29 16:00:28.0953 0876 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/29 16:00:29.0046 0876 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/03/29 16:00:29.0234 0876 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/29 16:00:29.0296 0876 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/29 16:00:29.0390 0876 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/29 16:00:29.0562 0876 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/29 16:00:29.0656 0876 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/29 16:00:29.0843 0876 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/03/29 16:00:29.0921 0876 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/29 16:00:30.0031 0876 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/29 16:00:30.0250 0876 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/03/29 16:00:30.0328 0876 rimsptsk (5338e12cc00f6ce1b11e252fff25ac1e) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2011/03/29 16:00:30.0515 0876 risdptsk (c5b1e7188d110aa23961f29abbad8a47) C:\WINDOWS\system32\DRIVERS\risdptsk.sys
2011/03/29 16:00:30.0625 0876 RTL8023xp (accaef9f58ae156772be67df148c5b3a) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2011/03/29 16:00:30.0718 0876 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/03/29 16:00:30.0937 0876 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/03/29 16:00:31.0000 0876 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/29 16:00:31.0093 0876 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
2011/03/29 16:00:31.0296 0876 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/29 16:00:31.0421 0876 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/29 16:00:31.0531 0876 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/29 16:00:31.0718 0876 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/29 16:00:31.0828 0876 Srv (70cd8b8dd2a680b128617c19eb0ab94f) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/29 16:00:32.0046 0876 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/29 16:00:32.0125 0876 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/29 16:00:32.0312 0876 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/29 16:00:32.0609 0876 SynMini (472b9e75ddab952f0cd37bd9aa3e81f8) C:\WINDOWS\system32\Drivers\SynMini.sys
2011/03/29 16:00:32.0718 0876 SynScan (bed9a41e66e9f038af6d2e487a3f2757) C:\WINDOWS\system32\Drivers\SynScan.sys
2011/03/29 16:00:32.0906 0876 SynTP (eba71a1b7db9f6e3f70c15a64817c53f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/03/29 16:00:32.0984 0876 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/29 16:00:33.0171 0876 Tcpip (ad978a1b783b5719720cff204b666c8e) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/29 16:00:33.0359 0876 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/29 16:00:33.0406 0876 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/29 16:00:33.0468 0876 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/29 16:00:33.0671 0876 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/29 16:00:33.0921 0876 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/29 16:00:34.0109 0876 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/29 16:00:34.0156 0876 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/29 16:00:34.0250 0876 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/03/29 16:00:34.0328 0876 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/29 16:00:34.0515 0876 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/29 16:00:34.0578 0876 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/29 16:00:34.0671 0876 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/29 16:00:34.0890 0876 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/29 16:00:35.0000 0876 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/29 16:00:35.0343 0876 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/29 16:00:35.0421 0876 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/29 16:00:35.0484 0876 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/29 16:00:35.0843 0876 ================================================================================
2011/03/29 16:00:35.0843 0876 Scan finished
2011/03/29 16:00:35.0843 0876 ================================================================================

ještě k výše uvedenému logu výpis z mbam.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6203

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

29.3.2011 16:41:05
mbam-log-2011-03-29 (16-41-05).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 178952
Uplynulý čas: 12 minut, 22 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files\microsoft games\solitaire\solitaire.exe (Malware.Gen) -> Quarantined and deleted successfully.

OK, smazáno. Možná to ani vir nebyl. Kdybyste nemazal a dal jen log, doporučil bych vám test na virustotal. Jako virus se mi to nezdá.

problém je ale stále stejný.Pracovat se dá pouze v nouzovém režimu.V normálním jen po nastartování problikne modrá obrazovka a opětovně se restartuje stále dokola.Nemohl ten virus např. nějak narušit systém?Je teda pravdou že kamarádka s OS zacházela neskutečně.Půl roku bez aktual.antiviru a jen 15mb na kořenovém disku volného místa.Uvolnil jsem jí 4gb.Děkuji vám.Už si nevím rady.

VIRY.CZ

restatí se systém po1 minutě.

restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.

Re: restatí se systém po1 minutě.