VIRY.CZ

Dobrý den můžete pomoci s mým compem?
Asi 14dní se mi zpomalil internet 8mb na 2mb. proměřoval mi to chlapík od O2 a u něj to ukazovalo 6-7mb ale v mým počítači jen 2mb.
Prý to vypadá na virus nebo sitovou kartu.
Přeinstaloval jsem firefox projel comp esetem vyčistil jsem co se dalo ale pořád stejné.
Internet načítá i stahuje o hodně pomaleji a i některé programy nabíhají pomaleji.
Mohl by mi tady někdo poradit?Díky předem za pomoc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:43:18, on 30.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\DVBViewer\DVBVservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\TO2WCM\McciTrayApp.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\DVBViewer\DVBVCtrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ASUS\P7131\Remote Control\RCService.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKCU\..\Run: [DVBV Service Ctrl] C:\Program Files\DVBViewer\DVBVCtrl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-21-507921405-861567501-725345543-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: LastPass vyplňování formulářů - file://C:\Program Files\LastPass\context.html?cmd=fillforms
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://62.177.122.219/cab/OCXChecker_6110.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {8C6E5902-B109-40D4-AC59-22A4B0D7261A} (RPB[5.3.0.1] Control) - http://62.177.98.17:82/cab/RPB.cab
O16 - DPF: {C357FE0A-0556-4970-8990-64DF0B8E8C6B} (WebCamX Control) - http://86.63.215.229/WebCamX.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DVBViewer Recording Service (DVBVRecorder) - CM & V - C:\Program Files\DVBViewer\DVBVservice.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: RCSERVICE - Unknown owner - C:\Program Files\ASUS\P7131\Remote Control\RCService.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 9178 bytes


--------------------------------------------------------------
Ještě log z combofix

ComboFix 11-04-29.04 - Jiří - Chvojka 30.04.2011 17:09:08.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1453 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jiří - Chvojka\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-28 do 2011-04-30 )))))))))))))))))))))))))))))))
.
.
2011-04-30 12:16 . 2011-04-30 12:31 -------- d-----w- c:\program files\Skype
2011-04-29 15:04 . 2011-04-29 15:04 -------- d-----w- c:\documents and settings\UpdatusUser
2011-04-29 15:04 . 2011-04-29 15:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2011-04-29 15:03 . 2011-04-08 05:14 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-04-29 15:03 . 2011-04-08 05:14 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-04-27 14:17 . 2011-04-27 14:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype Extras
2011-04-25 16:41 . 2011-04-25 16:41 -------- d--h--r- c:\documents and settings\Šimon-Chvojka\Data aplikací\SecuROM
2011-04-21 09:42 . 2011-04-21 09:42 -------- d-----w- c:\program files\ESET
2011-04-21 09:42 . 2011-04-21 09:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-04-11 14:44 . 2009-05-05 11:51 267560 ----a-w- c:\documents and settings\Šimon-Chvojka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Launcher.exe
2011-04-07 20:15 . 2011-04-07 20:15 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-04-07 20:15 . 2011-04-07 20:15 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:15 . 2011-04-07 20:15 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-04-07 20:15 . 2011-04-07 20:15 13891176 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 20:15 . 2011-04-07 20:15 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 20:15 . 2011-04-07 20:15 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2011-04-07 20:15 . 2011-04-07 20:15 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-04-07 02:42 . 2011-04-07 02:42 -------- d-----w- c:\program files\Gabest
2011-04-06 01:55 . 2011-04-21 08:38 -------- d-----w- c:\documents and settings\Jiří - Chvojka\Data aplikací\vlc
2011-04-04 15:20 . 2011-04-04 15:20 -------- d-----w- c:\program files\Common Files\Stardock
2011-04-04 15:20 . 2011-04-04 15:22 163712 ----a-w- c:\windows\system32\drivers\vidstub.sys
2011-04-04 13:53 . 2011-04-04 13:53 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-04-04 02:30 . 2008-04-26 14:14 42672 ------w- c:\windows\system32\wbsys.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-08 05:14 . 2010-06-11 01:42 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-08 05:14 . 2010-06-11 01:42 5210112 ----a-w- c:\windows\system32\nvcuda.dll
2011-04-08 05:14 . 2010-06-11 01:42 2770536 ----a-w- c:\windows\system32\nvcuvid.dll
2011-04-08 05:14 . 2010-06-11 01:42 2074216 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14 . 2010-06-11 01:42 13000704 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-08 05:14 . 2006-10-22 10:22 4111232 ----a-w- c:\windows\system32\nv4_disp.dll
2011-04-08 05:14 . 2006-10-22 10:22 2027008 ----a-w- c:\windows\system32\nvapi.dll
2011-04-08 05:14 . 2006-10-22 10:22 14856192 ----a-w- c:\windows\system32\nvoglnt.dll
2011-04-08 05:14 . 2006-10-22 10:22 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-03-12 03:33 . 2011-03-12 03:33 388096 ----a-r- c:\documents and settings\Jiří - Chvojka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-08 00:42 . 2006-03-02 12:00 44544 ----a-w- c:\windows\system32\alg.exe
2011-03-07 05:33 . 2010-06-10 23:51 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 16:32 . 2011-03-04 16:32 39424 ----a-w- c:\windows\zipinst.exe
2011-03-04 06:36 . 2006-03-02 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2006-03-02 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 01:28 . 2011-03-02 01:28 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-03-01 06:50 . 2011-03-01 06:50 219648 ----a-w- C:\uxtheme.uxtender
2011-03-01 05:14 . 2011-03-01 06:50 219648 ----a-w- c:\windows\system32\uxtheme.uxtender
2011-03-01 05:14 . 2006-03-02 12:00 219648 ----a-w- c:\windows\system32\uxtheme(2).dll
2011-02-22 23:08 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2011-02-18 22:13 . 2010-07-05 19:11 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-18 22:13 . 2010-07-05 19:11 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-18 12:29 . 2011-03-08 07:31 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-02-18 12:24 . 2010-09-29 03:45 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-02-17 13:18 . 2006-03-02 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-03-02 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-03-02 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-03-02 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-03-02 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-07 21:04 . 2010-06-12 03:48 1379096 ----a-w- c:\windows\system32\AutoPartNt.exe
2011-02-07 09:43 . 2011-02-07 09:43 1178073 ----a-w- c:\windows\system32\unins000.exe
2011-02-03 05:14 . 2011-02-03 05:14 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-03 05:13 . 2011-02-03 05:13 684313 ----a-w- c:\windows\unins000.exe
2011-02-02 07:58 . 2010-06-10 23:50 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-04-30_14.58.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-30 15:08 . 2011-04-30 15:08 16384 c:\windows\temp\Perflib_Perfdata_7fc.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVBV Service Ctrl"="c:\program files\DVBViewer\DVBVCtrl.exe" [2010-09-08 56320]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\\nTune.exe" [2005-07-21 589824]
"RCSystem"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880]
"CTHelper"="CTHELPER.EXE" [2005-08-07 16384]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-12-18 307200]
"TO2WCM_McciTrayApp"="c:\program files\TO2WCM\McciTrayApp.exe" [2008-01-30 1473536]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2009-09-22 2114752]
"BootSkin Startup Jobs"="c:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"NvMediaCenter"="NvMCTray.dll" [2011-04-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-02-24 1753192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Daniela-Chvojkov \Nabˇdka Start\Programy\Po spuçtŘnˇ\
RK Launcher.lnk - c:\documents and settings\Daniela-Chvojkov \Dokumenty\Downloads\RK_Launcher_04_Beta\RKLauncher.exe [2011-3-23 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities 2011\WinStyler\tu_logonui.exe"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Start WingMan Profiler"="c:\program files\Logitech\Profiler\lwemon.exe" /noui
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" /R
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Lexmark X74-X75"="c:\program files\Lexmark X74-X75\lxbbbmgr.exe"
"P7131Appl"=c:\program files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
"Memeo AutoSync"=c:\program files\Memeo\AutoSync\MemeoLauncher2.exe --silent
"Memeo Instant Backup"=c:\program files\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
"Seagate Dashboard"=c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
"H2O"=c:\program files\SyncroSoft\Pos\H2O\cledx.exe
"TO2SSM_McciTrayApp"=c:\program files\TO2SSM\McciTrayApp.exe
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Daniela-Chvojková\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Video Server E\\Video Server E.exe"=
"c:\\Program Files\\DVBViewer\\dvbviewer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
.
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [25.12.2010 3:10 149376]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 DVBVRecorder;DVBViewer Recording Service;c:\program files\DVBViewer\DVBVservice.exe [22.2.2011 12:37 617600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackup\MemeoBackgroundService.exe [23.4.2010 2:33 25824]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [29.4.2011 17:04 2218600]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [30.4.2010 16:47 14088]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [18.2.2011 14:27 1517376]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [9.9.2010 2:22 2831232]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [11.6.2010 10:52 33792]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [29.11.2010 20:27 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13.7.2010 10:54 136176]
S2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService.exe [14.9.2010 5:55 61440]
S3 FLASHSYS;FLASHSYS;c:\program files\MSI\Live Update 4\LU4\FlashSys.sys [11.6.2010 5:11 9216]
S3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys --> c:\windows\system32\DRIVERS\FlashUSB.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13.7.2010 10:54 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys --> c:\windows\system32\DRIVERS\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys --> c:\windows\system32\DRIVERS\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys --> c:\windows\system32\DRIVERS\lgvmodem.sys [?]
S3 WEBNTACCESS;WEBNTACCESS;\??\c:\progra~1\MSI\LIVEUP~1\NTACCESS.SYS --> c:\progra~1\MSI\LIVEUP~1\NTACCESS.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.9.2010 19:57 691696]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-13 08:54]
.
2011-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-13 08:54]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: LastPass vyplňování formulářů - file://c:\program files\LastPass\context.html?cmd=fillforms
Trusted Zone: com\www.msi
DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} - hxxp://62.177.122.219/cab/OCXChecker_6110.cab
DPF: {8C6E5902-B109-40D4-AC59-22A4B0D7261A} - hxxp://62.177.98.17:82/cab/RPB.cab
DPF: {C357FE0A-0556-4970-8990-64DF0B8E8C6B} - hxxp://86.63.215.229/WebCamX.cab
FF - ProfilePath - c:\documents and settings\Jiří - Chvojka\Data aplikací\Mozilla\Firefox\Profiles\5odgvbv9.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-30 17:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(4084)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-04-30 17:14:53
ComboFix-quarantined-files.txt 2011-04-30 15:14
ComboFix2.txt 2011-04-30 15:00
ComboFix3.txt 2011-03-12 03:07
.
Před spuštěním: Volných bajtů: 43 873 898 496
Po spuštění: Volných bajtů: 43 850 444 800
.
Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7
- - End Of File - - 10891F4BA5FA13CA5FF295F5A95580E8

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-04-30.03 - Jiří - Chvojka 01.05.2011 6:02.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1468 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jiří - Chvojka\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-01 do 2011-05-01 )))))))))))))))))))))))))))))))
.
.
2011-04-30 16:12 . 2011-04-30 16:12 -------- d-----w- c:\documents and settings\Jiří - Chvojka\Data aplikací\Malwarebytes
2011-04-30 16:11 . 2011-04-30 16:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-30 16:11 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-30 16:11 . 2011-04-30 16:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-30 16:11 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-30 16:07 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\02755142.sys
2011-04-30 16:07 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\0275514.sys
2011-04-30 16:07 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\02755141.sys
2011-04-30 12:16 . 2011-04-30 12:31 -------- d-----w- c:\program files\Skype
2011-04-29 15:04 . 2011-04-29 15:04 -------- d-----w- c:\documents and settings\UpdatusUser
2011-04-29 15:04 . 2011-04-29 15:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2011-04-29 15:03 . 2011-04-08 05:14 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-04-29 15:03 . 2011-04-08 05:14 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-04-27 14:17 . 2011-04-27 14:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype Extras
2011-04-25 16:41 . 2011-04-25 16:41 -------- d--h--r- c:\documents and settings\Šimon-Chvojka\Data aplikací\SecuROM
2011-04-21 09:42 . 2011-04-21 09:42 -------- d-----w- c:\program files\ESET
2011-04-21 09:42 . 2011-04-21 09:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-04-11 14:44 . 2009-05-05 11:51 267560 ----a-w- c:\documents and settings\Šimon-Chvojka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Launcher.exe
2011-04-07 20:15 . 2011-04-07 20:15 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-04-07 20:15 . 2011-04-07 20:15 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:15 . 2011-04-07 20:15 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-04-07 20:15 . 2011-04-07 20:15 13891176 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 20:15 . 2011-04-07 20:15 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 20:15 . 2011-04-07 20:15 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2011-04-07 20:15 . 2011-04-07 20:15 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-04-07 02:42 . 2011-04-07 02:42 -------- d-----w- c:\program files\Gabest
2011-04-06 01:55 . 2011-04-21 08:38 -------- d-----w- c:\documents and settings\Jiří - Chvojka\Data aplikací\vlc
2011-04-04 15:20 . 2011-04-04 15:20 -------- d-----w- c:\program files\Common Files\Stardock
2011-04-04 15:20 . 2011-04-04 15:22 163712 ----a-w- c:\windows\system32\drivers\vidstub.sys
2011-04-04 13:53 . 2011-04-04 13:53 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-04-04 02:30 . 2008-04-26 14:14 42672 ------w- c:\windows\system32\wbsys.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-08 05:14 . 2010-06-11 01:42 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-08 05:14 . 2010-06-11 01:42 5210112 ----a-w- c:\windows\system32\nvcuda.dll
2011-04-08 05:14 . 2010-06-11 01:42 2770536 ----a-w- c:\windows\system32\nvcuvid.dll
2011-04-08 05:14 . 2010-06-11 01:42 2074216 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14 . 2010-06-11 01:42 13000704 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-08 05:14 . 2006-10-22 10:22 4111232 ----a-w- c:\windows\system32\nv4_disp.dll
2011-04-08 05:14 . 2006-10-22 10:22 2027008 ----a-w- c:\windows\system32\nvapi.dll
2011-04-08 05:14 . 2006-10-22 10:22 14856192 ----a-w- c:\windows\system32\nvoglnt.dll
2011-04-08 05:14 . 2006-10-22 10:22 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-03-12 03:33 . 2011-03-12 03:33 388096 ----a-r- c:\documents and settings\Jiří - Chvojka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-08 00:42 . 2006-03-02 12:00 44544 ----a-w- c:\windows\system32\alg.exe
2011-03-07 05:33 . 2010-06-10 23:51 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 16:32 . 2011-03-04 16:32 39424 ----a-w- c:\windows\zipinst.exe
2011-03-04 06:36 . 2006-03-02 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2006-03-02 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 01:28 . 2011-03-02 01:28 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-03-01 06:50 . 2011-03-01 06:50 219648 ----a-w- C:\uxtheme.uxtender
2011-03-01 05:14 . 2011-03-01 06:50 219648 ----a-w- c:\windows\system32\uxtheme.uxtender
2011-03-01 05:14 . 2006-03-02 12:00 219648 ----a-w- c:\windows\system32\uxtheme(2).dll
2011-02-22 23:08 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2011-02-18 22:13 . 2010-07-05 19:11 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-18 22:13 . 2010-07-05 19:11 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-18 12:29 . 2011-03-08 07:31 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-02-18 12:24 . 2010-09-29 03:45 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-02-17 13:18 . 2006-03-02 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-03-02 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-03-02 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-03-02 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-03-02 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-07 21:04 . 2010-06-12 03:48 1379096 ----a-w- c:\windows\system32\AutoPartNt.exe
2011-02-07 09:43 . 2011-02-07 09:43 1178073 ----a-w- c:\windows\system32\unins000.exe
2011-02-03 05:14 . 2011-02-03 05:14 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-03 05:13 . 2011-02-03 05:13 684313 ----a-w- c:\windows\unins000.exe
2011-02-02 07:58 . 2010-06-10 23:50 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-04-30_14.58.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-30 16:30 . 2011-04-30 16:30 49640 c:\windows\system32\GDIPFONTCACHEV1.DAT
+ 2010-06-11 01:22 . 2011-04-30 16:28 220840 c:\windows\system32\FNTCACHE.DAT
- 2010-06-11 01:22 . 2011-04-21 08:07 220840 c:\windows\system32\FNTCACHE.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVBV Service Ctrl"="c:\program files\DVBViewer\DVBVCtrl.exe" [2010-09-08 56320]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\\nTune.exe" [2005-07-21 589824]
"RCSystem"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880]
"CTHelper"="CTHELPER.EXE" [2005-08-07 16384]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-12-18 307200]
"TO2WCM_McciTrayApp"="c:\program files\TO2WCM\McciTrayApp.exe" [2008-01-30 1473536]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2009-09-22 2114752]
"BootSkin Startup Jobs"="c:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"NvMediaCenter"="NvMCTray.dll" [2011-04-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-02-24 1753192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Daniela-Chvojkov \Nabˇdka Start\Programy\Po spuçtŘnˇ\
RK Launcher.lnk - c:\documents and settings\Daniela-Chvojkov \Dokumenty\Downloads\RK_Launcher_04_Beta\RKLauncher.exe [2011-3-23 393216]
.
c:\documents and settings\Jiýˇ - Chvojka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
setup_9.0.0.722_30.04.2011_17-36.lnk - c:\documents and settings\Jiýˇ - Chvojka\Plocha\Virus Removal Tool\setup_9.0.0.722_30.04.2011_17-36\startup.exe [2011-4-30 72208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities 2011\WinStyler\tu_logonui.exe"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Start WingMan Profiler"="c:\program files\Logitech\Profiler\lwemon.exe" /noui
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" /R
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Lexmark X74-X75"="c:\program files\Lexmark X74-X75\lxbbbmgr.exe"
"P7131Appl"=c:\program files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
"Memeo AutoSync"=c:\program files\Memeo\AutoSync\MemeoLauncher2.exe --silent
"Memeo Instant Backup"=c:\program files\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
"Seagate Dashboard"=c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
"H2O"=c:\program files\SyncroSoft\Pos\H2O\cledx.exe
"TO2SSM_McciTrayApp"=c:\program files\TO2SSM\McciTrayApp.exe
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Daniela-Chvojková\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Video Server E\\Video Server E.exe"=
"c:\\Program Files\\DVBViewer\\dvbviewer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
.
R0 02755142;02755142 Boot Guard Driver;c:\windows\system32\drivers\02755142.sys [30.4.2011 18:07 37392]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [25.12.2010 3:10 149376]
R1 02755141;02755141;c:\windows\system32\drivers\02755141.sys [30.4.2011 18:07 128016]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R1 setup_9.0.0.722_30.04.2011_17-36drv;setup_9.0.0.722_30.04.2011_17-36drv;c:\windows\system32\drivers\0275514.sys [30.4.2011 18:07 315408]
R2 DVBVRecorder;DVBViewer Recording Service;c:\program files\DVBViewer\DVBVservice.exe [22.2.2011 12:37 617600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackup\MemeoBackgroundService.exe [23.4.2010 2:33 25824]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [29.4.2011 17:04 2218600]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [30.4.2010 16:47 14088]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [18.2.2011 14:27 1517376]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [9.9.2010 2:22 2831232]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [11.6.2010 10:52 33792]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [29.11.2010 20:27 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13.7.2010 10:54 136176]
S2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService.exe [14.9.2010 5:55 61440]
S3 FLASHSYS;FLASHSYS;c:\program files\MSI\Live Update 4\LU4\FlashSys.sys [11.6.2010 5:11 9216]
S3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys --> c:\windows\system32\DRIVERS\FlashUSB.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13.7.2010 10:54 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys --> c:\windows\system32\DRIVERS\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys --> c:\windows\system32\DRIVERS\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys --> c:\windows\system32\DRIVERS\lgvmodem.sys [?]
S3 WEBNTACCESS;WEBNTACCESS;\??\c:\progra~1\MSI\LIVEUP~1\NTACCESS.SYS --> c:\progra~1\MSI\LIVEUP~1\NTACCESS.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.9.2010 19:57 691696]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-13 08:54]
.
2011-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-13 08:54]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: LastPass vyplňování formulářů - file://c:\program files\LastPass\context.html?cmd=fillforms
Trusted Zone: com\www.msi
DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} - hxxp://62.177.122.219/cab/OCXChecker_6110.cab
DPF: {8C6E5902-B109-40D4-AC59-22A4B0D7261A} - hxxp://62.177.98.17:82/cab/RPB.cab
DPF: {C357FE0A-0556-4970-8990-64DF0B8E8C6B} - hxxp://86.63.215.229/WebCamX.cab
FF - ProfilePath - c:\documents and settings\Jiří - Chvojka\Data aplikací\Mozilla\Firefox\Profiles\5odgvbv9.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-01 06:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3864)
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-05-01 06:12:39
ComboFix-quarantined-files.txt 2011-05-01 04:12
ComboFix2.txt 2011-04-30 15:14
ComboFix3.txt 2011-04-30 15:00
ComboFix4.txt 2011-03-12 03:07
.
Před spuštěním: Volných bajtů: 43 595 046 912
Po spuštění: Volných bajtů: 43 570 601 984
.
Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7
- - End Of File - - 4861E7F99EB6B1AFCDBC7A6F6C5B23E0

Log vypadá čistý. Zkuste reinstalovat ovladač síť. karty, případně obnovte TCP/IP protokol pomocí WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Utilita ho renstaluje. Máte-li parametry sítě zadány ručně, budete je muset po restartu znovu zadat.

Nevím jak se zadávají ty parametry sítě kde je najdu? a neumímnajít ovladač sítové karty omlouvám se jsemv tomhle totální laik

Dobry den, omlouvam se Rudymu za vstup.

http://www.dat.cz/cms/helpdesk/935/ - tady mate navod na ty parametry a najdete je ve vasi smlouve s poskytovatelem internetu

S tim ovladacem budete ale muset stejne pockat na Rudyho. Nejsem si totiz jisty, jak je to u XP. U visty ho najdu v ovladacich panelech - spravce zarizeni - sitove adaptery - kliknu na nazev a nahore se objevi ikonka aktualizovat ovladac, dalsi odinstalovat ovladac atd. Ale jak rikam, nevim, jestli je to stejne a popravde ani jestli je to ono

Zatim se mejte a preji uspesne vyreseni

Ovladač byste měl mít na CD, které bylo přiloženo k zákl. desce. Pokud ho nemáte, najdete ho na webu výrobce desky.

Tak jsem to vše udělal podle pokynů naskočilo to tak jak má být,
takže chlapci jste zlatíčka jede to.
Mockrát díky Jirkabj

Za všechny: Není zač!