VIRY.CZ

Ahoj, už asi 4. dnem se mi celkem brutálně seká internet, což se mi dříve nestávalo, stránky jsem měl k dispozici prakticky hned ted musím čekat nejaké 3-4 sekundy na stránku než se kompletně načte, používám google chrome, jelikož např. internet explorer, který jsem dříve používal mi totálně vypovedel službu a ten pouštím snad 15 sekund a Mozilla, kterou jsem měl naposledy ta mi delala to samé jako ted chrome nejaký destruktivní učinky to má v mem pc a nevem proč :X. Taky nevem či to má na to nějaký vliv, ale mám v chromu nejaký toolbar či co to je jakési Server-share.com se značkou také korunky, ale když dávám odinstalování programů tak to tam pod tímto nazvem nejde najít. PC sem už pustil cez ComboFix, CCleaner, Aviru, ESET i Norton, různě som to přeinstalovával a mělo by být vše bez chyb tak nechápu prostě sice se to trošku už behem dne zlepšilo to načítání stránek postupným projíždením techto programů, ale stále to není na také urovi na ktere to bylo třeba před mesicem. V PC mam 2xharddisc přičemž na každem minimálně 40 GB volneho mista, když jsem zkusil pustit hru na pc online tak jsem měl naprosto normální ping s kterým obyčejně hraju, ale jen jsem tu hru pustil a hrál 5 minut abych zjistil či je to to samé jako net, tak nevím či by to třeba po pul hodině padalo, ale vypadalo to normálně takže problem asi jen při tom prohlížení webovek. Tady je ss z rychlost.cz:
, ten jsem pustil 4x po sobě a jednou mi ukazal zcela uplně iná čísla a jinak to bylo vždycky tak s tolerancí +-800 u downloadu a +-200 u uploadu a stabilita u tech 3 pokusů take byla v toleranci +-10%, tak zkrátka nevím co ještě tady je log z RSIT :


Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2011-11-26 20:44:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 145 GB (61%) free of 238 GB
Total RAM: 3070 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:44:20, on 26.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Appupdater\appupdatert.exe
C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
C:\Documents and Settings\uzivatel\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/?aff=svd_0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=46c82f64- ... 1d60b5f8fd
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Open FVD Suite IE Plugin - {2B171655-A70C-5c18-B693-6CB5DC269D44} - C:\PROGRA~1\FVDIEP~1\FVDIEPlugin_1.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Neuminho_O Thomas NeumimSkiNho\Porn Downloaders\SpeedBit Video Downloader\Toolbar\grabber.dll (file missing)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Neuminho_O Thomas NeumimSkiNho\Porn Downloaders\SpeedBit Video Downloader\Toolbar\tbcore3.dll (file missing)
O3 - Toolbar: FVD Suite IE Plugin - {2B171655-A70C-5c18-B693-6CB5DC269D41} - C:\PROGRA~1\FVDIEP~1\FVDIEPlugin_1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Appupdater Tray Notification Icon.lnk = C:\Program Files\Appupdater\appupdatert.exe
O8 - Extra context menu item: FVDIEPlugin Add Page - res://C:\PROGRA~1\FVDIEP~1\FVDIEPlugin_1.dll/IECONTEXT.DLL.HTM
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Open FVD Suite IE Plugin - {2B171655-A70C-5c18-B693-6CB5DC269D43} - C:\PROGRA~1\FVDIEP~1\FVDIEPlugin_1.dll (HKCU)
O9 - Extra 'Tools' menuitem: Open FVD Suite IE Plugin - {2B171655-A70C-5c18-B693-6CB5DC269D43} - C:\PROGRA~1\FVDIEP~1\FVDIEPlugin_1.dll (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Appupdater - Nabber.org - C:\Program Files\Appupdater\appupdaters.exe
O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 7545 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton Security Scan for uzivatel.job
C:\WINDOWS\tasks\SBWUpdateTask_Logon_f89ab8aa-001D60B5F8FD.job
C:\WINDOWS\tasks\SBWUpdateTask_Time_f89ab8aa-001D60B5F8FD.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B171655-A70C-5c18-B693-6CB5DC269D44}]
Open FVD Suite IE Plugin - C:\PROGRA~1\FVDIEP~1\FVDIEPlugin_1.dll [2011-08-04 501248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
SearchPredictObj Class - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL [2010-12-22 469144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-03-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\Neuminho_O Thomas NeumimSkiNho\Porn Downloaders\SpeedBit Video Downloader\Toolbar\grabber.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Neuminho_O Thomas NeumimSkiNho\Porn Downloaders\SpeedBit Video Downloader\Toolbar\tbcore3.dll []
{2B171655-A70C-5c18-B693-6CB5DC269D41} - FVD Suite IE Plugin - C:\PROGRA~1\FVDIEP~1\FVDIEPlugin_1.dll [2011-08-04 501248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-09-11 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\steam.exe [2011-08-02 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-12-10 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-11-30 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ExifLauncher2.lnk]
C:\PROGRA~1\FINEPI~1\QUICKD~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Orbit.lnk]
C:\PROGRA~1\ORBITD~1\orbitdm.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uzivatel^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Appupdater Tray Notification Icon.lnk - C:\Program Files\Appupdater\appupdatert.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Steam\steamapps\n3um1nho\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\n3um1nho\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.lhacm"=lhacm.acm

======List of files/folders created in the last 1 month======

2011-11-26 20:44:07 ----D---- C:\rsit
2011-11-26 20:44:07 ----D---- C:\Program Files\trend micro
2011-11-26 20:14:05 ----A---- C:\ComboFix.txt
2011-11-26 20:07:32 ----A---- C:\Boot.bak
2011-11-26 20:07:25 ----RASHD---- C:\cmdcons
2011-11-26 20:05:45 ----A---- C:\WINDOWS\zip.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\SWSC.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\SWREG.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\sed.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\PEV.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\NIRCMD.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\MBR.exe
2011-11-26 20:05:45 ----A---- C:\WINDOWS\grep.exe
2011-11-26 19:12:19 ----D---- C:\WINDOWS\ERDNT
2011-11-26 19:10:07 ----D---- C:\Qoobox
2011-11-26 18:36:11 ----D---- C:\Config.Msi
2011-11-26 18:12:31 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\InstallShield
2011-11-26 17:03:13 ----D---- C:\Program Files\WinASO
2011-11-23 15:42:45 ----D---- C:\Program Files\WinPcap
2011-11-23 15:42:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Freemake
2011-11-23 15:42:01 ----D---- C:\Program Files\Freemake
2011-11-23 15:39:07 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-11-23 15:39:05 ----D---- C:\Program Files\Common Files\SpeedBit
2011-11-23 15:39:03 ----A---- C:\WINDOWS\system32\EasyHook64.dll
2011-11-23 15:39:03 ----A---- C:\WINDOWS\system32\EasyHook32.dll
2011-11-01 12:53:19 ----D---- C:\Program Files\AnvSoft Web FLV Player Free

======List of files/folders modified in the last 1 month======

2011-11-26 20:44:07 ----D---- C:\Program Files
2011-11-26 20:27:33 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-26 20:27:32 ----D---- C:\WINDOWS\Temp
2011-11-26 20:24:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-11-26 20:13:15 ----SD---- C:\WINDOWS\Tasks
2011-11-26 20:12:38 ----D---- C:\WINDOWS
2011-11-26 20:12:38 ----A---- C:\WINDOWS\system.ini
2011-11-26 20:12:33 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-26 20:12:13 ----D---- C:\WINDOWS\CSC
2011-11-26 20:10:56 ----D---- C:\WINDOWS\system32\drivers
2011-11-26 20:10:56 ----D---- C:\WINDOWS\system32
2011-11-26 20:10:56 ----D---- C:\WINDOWS\AppPatch
2011-11-26 20:10:52 ----D---- C:\Program Files\Common Files
2011-11-26 20:07:32 ----RASH---- C:\boot.ini
2011-11-26 18:36:25 ----SHD---- C:\WINDOWS\Installer
2011-11-26 18:36:15 ----HD---- C:\WINDOWS\inf
2011-11-26 18:13:11 ----D---- C:\Program Files\Moozy
2011-11-26 18:12:35 ----D---- C:\Program Files\FinePixViewer
2011-11-26 18:12:31 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\FUJIFILM
2011-11-26 18:12:24 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-26 17:52:36 ----A---- C:\WINDOWS\win.ini
2011-11-26 17:41:19 ----D---- C:\Program Files\Google
2011-11-26 17:30:31 ----D---- C:\Program Files\Opera
2011-11-26 17:29:31 ----RD---- C:\Program Files\Skype
2011-11-26 17:28:34 ----D---- C:\WINDOWS\Prefetch
2011-11-26 17:27:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-11-26 17:24:03 ----D---- C:\WINDOWS\pss
2011-11-26 17:15:51 ----D---- C:\Program Files\Steam
2011-11-26 16:16:36 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Winamp
2011-11-25 21:00:52 ----SHD---- C:\System Volume Information
2011-11-25 20:59:20 ----D---- C:\WINDOWS\system32\NtmsData
2011-11-25 18:49:48 ----D---- C:\WINDOWS\Registration
2011-11-25 18:17:45 ----D---- C:\Program Files\AskTBar
2011-11-25 17:24:45 ----D---- C:\Program Files\DownloadToolz
2011-11-25 17:21:09 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\PriceGong
2011-11-25 17:20:53 ----D---- C:\Program Files\Ask.com
2011-11-25 17:19:01 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-11-23 15:42:50 ----D---- C:\WINDOWS\system32\config
2011-11-01 12:46:11 ----D---- C:\Program Files\BinaryMark
2011-10-30 23:41:16 ----D---- C:\Program Files\IrfanView
2011-10-30 12:22:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2009-04-02 304920]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35088]
R3 appliandMP;appliandMP; C:\WINDOWS\system32\DRIVERS\appliand.sys [2011-06-26 28256]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-03-14 165760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-01 4424704]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 appliand;Applian Network Service; C:\WINDOWS\system32\DRIVERS\appliand.sys [2011-06-26 28256]
S3 catchme;catchme; \??\C:\DOCUME~1\uzivatel\LOCALS~1\Temp\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Freemake Improver;Freemake Improver; C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-11-23 74752]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2011-11-23 8704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-03-23 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 Appupdater;Appupdater; C:\Program Files\Appupdater\appupdaters.exe [2011-07-16 2439971]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

Zdravím!
Pokud provedete před skenem RSIT ComboFix, můžete si být jist, že RSIT bude čistý, neboť CF spolehlivě zamete všechny stopy po příp. virech. Navíc riskujete poškození systému. Rád bych viděl log z ComboFix. Najdete ho v C:\combofix.txt.

Díky, no ten odpolední log z ComboFix je tento:


omboFix 11-11-26.04 - uzivatel 26.11.2011 20:09:28.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2549 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\uzivatel\Dokumenty\Downloads\CT2776682_BrotherSoft_Extreme.exe
C:\prefs.js
c:\program files\Content Cleaner
c:\program files\Content Cleaner\AForge.dll
c:\program files\Content Cleaner\AForge.Imaging.dll
c:\program files\Content Cleaner\AxInterop.WMPLib.dll
c:\program files\Content Cleaner\Boot.UI.dll
c:\program files\Content Cleaner\Class1.dll
c:\program files\Content Cleaner\Dsofile.dll
c:\program files\Content Cleaner\Interop.DexterLib.dll
c:\program files\Content Cleaner\Interop.DSOFile.dll
c:\program files\Content Cleaner\Interop.WMPLib.dll
c:\program files\Content Cleaner\JockerSoft.Media.dll
c:\program files\Content Cleaner\logo.ICO
c:\program files\Content Cleaner\New Folder #1\MyInstallerClass.dll
c:\program files\Content Cleaner\New Folder #1\MyInstallerClass.InstallState
c:\program files\Content Cleaner\Proof_concept.exe
c:\program files\Content Cleaner\Proof_concept.exe.config
c:\program files\Content Cleaner\qedit.dll
c:\program files\Content Cleaner\sbooks.chm
c:\program files\Content Cleaner\Skin.dll
c:\program files\Content Cleaner\Skin.Imaging.dll
c:\program files\Content Cleaner\Thumbs.db
c:\program files\Content Cleaner\UrlHistoryLibrary.dll
c:\program files\Content Cleaner\urls.dat
c:\program files\Content Cleaner\wmp.dll
c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
C:\test.txt
c:\windows\CSC\d6
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-26 do 2011-11-26 )))))))))))))))))))))))))))))))
.
.
2011-11-26 17:12 . 2011-11-26 17:12 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\InstallShield
2011-11-26 16:03 . 2011-11-26 16:03 -------- d-----w- c:\program files\WinASO
2011-11-23 14:42 . 2011-11-23 14:42 -------- d-----w- c:\program files\WinPcap
2011-11-23 14:42 . 2011-11-23 14:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Freemake
2011-11-23 14:42 . 2011-11-23 14:42 -------- d-----w- c:\program files\Freemake
2011-11-23 14:39 . 2011-11-23 14:39 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2011-11-23 14:39 . 2011-11-23 14:39 -------- d-----w- c:\program files\Common Files\SpeedBit
2011-11-23 14:39 . 2011-11-23 14:39 -------- d-----w- c:\documents and settings\uzivatel\Videos
2011-11-23 14:39 . 2011-11-23 14:38 84480 ----a-w- c:\windows\system32\EasyHook32.dll
2011-11-23 14:39 . 2011-11-23 14:38 102912 ----a-w- c:\windows\system32\EasyHook64.dll
2011-11-01 11:53 . 2011-11-26 17:11 -------- d-----w- c:\program files\AnvSoft Web FLV Player Free
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-15 00:04 . 2011-10-15 00:04 1409 ----a-w- c:\windows\QTFont.for
2011-10-10 13:15 . 2011-06-28 14:25 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-09-24 10:32 . 2011-06-21 23:59 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2007-11-06 15:19 . 2011-09-14 08:00 1162744 ----a-w- c:\program files\opera\program\plugins\mfc90u.dll
2007-11-06 15:19 . 2011-09-14 08:00 568832 ----a-w- c:\program files\opera\program\plugins\msvcp90.dll
2007-11-06 15:19 . 2011-09-14 08:00 655872 ----a-w- c:\program files\opera\program\plugins\msvcr90.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-10-23 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Appupdater Tray Notification Icon.lnk - c:\program files\Appupdater\appupdatert.exe [2011-7-16 2581142]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ExifLauncher2.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\ExifLauncher2.lnk
backup=c:\windows\pss\ExifLauncher2.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Orbit.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
backup=c:\windows\pss\Orbit.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\uzivatel\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-09-11 15:31 136176 ----atw- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-11-04 07:51 1753192 ------w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-10-19 19:16 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-26 16:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sh--r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-08-02 11:49 1242448 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-12-10 12:28 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-11-30 13:19 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Steam\\steamapps\\n3um1nho\\counter-strike\\hl.exe"=
.
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [23.11.2011 15:42 8704]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11.2.2011 22:23 35088]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [10.12.2010 13:29 92008]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [20.7.2011 0:31 28256]
S2 Appupdater;Appupdater;c:\program files\Appupdater\appupdaters.exe [16.7.2011 22:59 2439971]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [23.11.2011 15:42 74752]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [20.7.2011 0:31 28256]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-25 c:\windows\Tasks\Norton Security Scan for uzivatel.job
- c:\progra~1\NORTON~2\Engine\311~1.6\Nss.exe [2011-06-28 06:22]
.
2011-11-26 c:\windows\Tasks\SBWUpdateTask_Logon_f89ab8aa-001D60B5F8FD.job
- c:\progra~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe [2011-11-23 14:38]
.
2011-11-26 c:\windows\Tasks\SBWUpdateTask_Time_f89ab8aa-001D60B5F8FD.job
- c:\progra~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe [2011-11-23 14:38]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.speedbit.com/?aff=svd_0
mStart Page = hxxp://startsear.ch/?aff=1&cf=46c82f64-ed0b-11e0-a028-001d60b5f8fd
IE: FVDIEPlugin Add Page - c:\progra~1\FVDIEP~1\FVDIEPlugin_1.dll/IECONTEXT.DLL.HTM
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{4AF9DF3E-17A4-428F-A39E-28ADA0A3A522} - (no file)
BHO-{92A9ACF4-9333-43AE-9698-DB283326F87F} - c:\neuminho_o thomas neumimskinho\Porn Downloaders\SpeedBit Video Downloader\Toolbar\tbcore3.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - (no file)
MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
MSConfigStartUp-avgnt - c:\program files\Avira\AntiVir Desktop\avgnt.exe
MSConfigStartUp-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe
MSConfigStartUp-EvidenceBegone - c:\program files\Evidence Begone\EvidenceBegone.exe
MSConfigStartUp-Freecorder FLV Service - c:\program files\Freecorder\FLVSrvc.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Freecorder5 - c:\program files\Freecorder\uninstall.exe
AddRemove-Freecorder5.02 - c:\program files\Freecorder\uninstall.exe
AddRemove-SPEEDbit Video Downloader - c:\neuminho_o thomas neumimskinho\Porn Downloaders\SpeedBit Video Downloader\GRRemove.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-26 20:12
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-11-26 20:14:05
ComboFix-quarantined-files.txt 2011-11-26 19:14
.
Před spuštěním: Volných bajtů: 151 685 275 648
Po spuštění: Volných bajtů: 151 664 963 584
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - E017D9182809A829E2ACD4A5AC7637AA

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\ConduitEngine

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Tak udelal jsem to, ale zatím žádné známky toho, že by jse problem vyřešil, myslím si že jsem udelal vše dobře jak jste psal jelikož po tom co combofix udelal ulohu restartoval jse pc a na ploše už jsem ten soubor CScript neměl poté. Co bych měl udělat dál, celkem dost mi tento problem vadí a rád bych ho vyřešil co nejdříve.


Toto je nový log z Cobofix:



ComboFix 11-11-26.04 - uzivatel 27.11.2011 1:12.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2304 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\uzivatel\Plocha\CFScript.txt.txt
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\uzivatel\LOCALS~1\Temp\~32.tmp
c:\documents and settings\uzivatel\Local Settings\Temp\~32.tmp
c:\program files\ConduitEngine
c:\program files\ConduitEngine\appContextMenu.xml
c:\program files\ConduitEngine\ConduitEngin0.dll
c:\program files\ConduitEngine\ConduitEngine.dll
c:\program files\ConduitEngine\ConduitEngineHelper.exe
c:\program files\ConduitEngine\ConduitEngineUninstall.exe
c:\program files\ConduitEngine\engineContextMenu.xml
c:\program files\ConduitEngine\EngineSettings.json
c:\program files\ConduitEngine\INSTALL.LOG
c:\program files\ConduitEngine\ldrConduitEngine.dll
c:\program files\ConduitEngine\prxConduitEngine.dll
c:\program files\ConduitEngine\toolbar.cfg
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-27 do 2011-11-27 )))))))))))))))))))))))))))))))
.
.
2011-11-26 19:44 . 2011-11-26 19:44 -------- d-----w- C:\rsit
2011-11-26 19:44 . 2011-11-26 19:44 -------- d-----w- c:\program files\trend micro
2011-11-26 17:12 . 2011-11-26 17:12 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\InstallShield
2011-11-26 16:03 . 2011-11-26 16:03 -------- d-----w- c:\program files\WinASO
2011-11-23 14:42 . 2011-11-23 14:42 -------- d-----w- c:\program files\WinPcap
2011-11-23 14:42 . 2011-11-23 14:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Freemake
2011-11-23 14:42 . 2011-11-23 14:42 -------- d-----w- c:\program files\Freemake
2011-11-23 14:39 . 2011-11-23 14:39 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2011-11-23 14:39 . 2011-11-23 14:39 -------- d-----w- c:\program files\Common Files\SpeedBit
2011-11-23 14:39 . 2011-11-23 14:39 -------- d-----w- c:\documents and settings\uzivatel\Videos
2011-11-23 14:39 . 2011-11-23 14:38 84480 ----a-w- c:\windows\system32\EasyHook32.dll
2011-11-23 14:39 . 2011-11-23 14:38 102912 ----a-w- c:\windows\system32\EasyHook64.dll
2011-11-01 11:53 . 2011-11-26 17:11 -------- d-----w- c:\program files\AnvSoft Web FLV Player Free
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-15 00:04 . 2011-10-15 00:04 1409 ----a-w- c:\windows\QTFont.for
2011-10-10 13:15 . 2011-06-28 14:25 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-09-24 10:32 . 2011-06-21 23:59 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2007-11-06 15:19 . 2011-09-14 08:00 1162744 ----a-w- c:\program files\opera\program\plugins\mfc90u.dll
2007-11-06 15:19 . 2011-09-14 08:00 568832 ----a-w- c:\program files\opera\program\plugins\msvcp90.dll
2007-11-06 15:19 . 2011-09-14 08:00 655872 ----a-w- c:\program files\opera\program\plugins\msvcr90.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-10-23 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-11-26_19.12.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-27 00:20 . 2011-11-27 00:20 16384 c:\windows\Temp\Perflib_Perfdata_33c.dat
+ 2011-02-19 22:03 . 2011-02-19 22:03 51024 c:\windows\system32\vcomp100.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 81744 c:\windows\system32\mfcm100u.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 81744 c:\windows\system32\mfcm100.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 60752 c:\windows\system32\mfc100rus.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 43344 c:\windows\system32\mfc100kor.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 62288 c:\windows\system32\mfc100ita.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 36176 c:\windows\system32\mfc100cht.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 36176 c:\windows\system32\mfc100chs.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 64336 c:\windows\system32\mfc100fra.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 63824 c:\windows\system32\mfc100esn.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 55120 c:\windows\system32\mfc100enu.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 64336 c:\windows\system32\mfc100deu.dll
+ 2011-02-18 23:40 . 2011-02-18 23:40 773968 c:\windows\system32\msvcr100.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 421200 c:\windows\system32\msvcp100.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 138056 c:\windows\system32\atl100.dll
+ 2011-11-26 22:12 . 2011-11-26 22:12 160768 c:\windows\Installer\98b037.msi
+ 2011-02-19 22:03 . 2011-02-19 22:03 4422992 c:\windows\system32\mfc100u.dll
+ 2011-02-19 22:03 . 2011-02-19 22:03 4397384 c:\windows\system32\mfc100.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Appupdater Tray Notification Icon.lnk - c:\program files\Appupdater\appupdatert.exe [2011-7-16 2581142]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ExifLauncher2.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\ExifLauncher2.lnk
backup=c:\windows\pss\ExifLauncher2.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Orbit.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
backup=c:\windows\pss\Orbit.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\uzivatel\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-09-11 15:31 136176 ----atw- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-11-04 07:51 1753192 ------w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-10-19 19:16 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-26 16:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sh--r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-08-02 11:49 1242448 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-12-10 12:28 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-11-30 13:19 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Steam\\steamapps\\n3um1nho\\counter-strike\\hl.exe"=
.
R?2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [23.11.2011 15:42 74752]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [23.11.2011 15:42 8704]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11.2.2011 22:23 35088]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [10.12.2010 13:29 92008]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [20.7.2011 0:31 28256]
S?2 Appupdater;Appupdater;c:\program files\Appupdater\appupdaters.exe [16.7.2011 22:59 2439971]
S?2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [20.7.2011 0:31 28256]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-25 c:\windows\Tasks\Norton Security Scan for uzivatel.job
- c:\progra~1\NORTON~2\Engine\311~1.6\Nss.exe [2011-06-28 06:22]
.
2011-11-27 c:\windows\Tasks\SBWUpdateTask_Logon_f89ab8aa-001D60B5F8FD.job
- c:\progra~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe [2011-11-23 14:38]
.
2011-11-27 c:\windows\Tasks\SBWUpdateTask_Time_f89ab8aa-001D60B5F8FD.job
- c:\progra~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe [2011-11-23 14:38]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.speedbit.com/?aff=svd_0
mStart Page = hxxp://startsear.ch/?aff=1&cf=46c82f64-ed0b-11e0-a028-001d60b5f8fd
IE: FVDIEPlugin Add Page - c:\progra~1\FVDIEP~1\FVDIEPlugin_1.dll/IECONTEXT.DLL.HTM
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-27 01:21
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(984)
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'explorer.exe'(2324)
c:\windows\system32\ieframe.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\imapi.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2011-11-27 01:22:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-27 00:22
ComboFix2.txt 2011-11-26 19:14
.
Před spuštěním: Volných bajtů: 151 472 795 648
Po spuštění: Volných bajtů: 151 465 181 184
.
- - End Of File - - C7C0898A966F84524F2DEECFA51063FA

Všechno smazáno. Ještě poprosím o sken TDSSKillerem: http://support.kaspersky.com/downloads/ ... killer.zip . Stáhněte, rozbalte na plochu, spusťte a nechte pracovat. Pak sem dejte log.

Tak provedeno. Tady je ten log z teho Killera:


13:31:15.0359 3892 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
13:31:17.0359 3892 ============================================================
13:31:17.0359 3892 Current date / time: 2011/11/27 13:31:17.0359
13:31:17.0359 3892 SystemInfo:
13:31:17.0359 3892
13:31:17.0359 3892 OS Version: 5.1.2600 ServicePack: 3.0
13:31:17.0359 3892 Product type: Workstation
13:31:17.0359 3892 ComputerName: UZIVATEL-17711A
13:31:17.0359 3892 UserName: uzivatel
13:31:17.0359 3892 Windows directory: C:\WINDOWS
13:31:17.0359 3892 System windows directory: C:\WINDOWS
13:31:17.0359 3892 Processor architecture: Intel x86
13:31:17.0359 3892 Number of processors: 2
13:31:17.0359 3892 Page size: 0x1000
13:31:17.0359 3892 Boot type: Normal boot
13:31:17.0359 3892 ============================================================
13:31:17.0625 3892 Initialize success
13:31:19.0000 3944 ============================================================
13:31:19.0000 3944 Scan started
13:31:19.0000 3944 Mode: Manual;
13:31:19.0000 3944 ============================================================
13:31:19.0250 3944 Abiosdsk - ok
13:31:19.0265 3944 abp480n5 - ok
13:31:19.0328 3944 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:31:19.0328 3944 ACPI - ok
13:31:19.0375 3944 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:31:19.0375 3944 ACPIEC - ok
13:31:19.0375 3944 adpu160m - ok
13:31:19.0453 3944 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:31:19.0453 3944 aec - ok
13:31:19.0468 3944 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
13:31:19.0468 3944 AFD - ok
13:31:19.0468 3944 Aha154x - ok
13:31:19.0484 3944 aic78u2 - ok
13:31:19.0484 3944 aic78xx - ok
13:31:19.0500 3944 AliIde - ok
13:31:19.0515 3944 amsint - ok
13:31:19.0562 3944 appliand (69370f2e2827ffba910d0bfa9e62e484) C:\WINDOWS\system32\DRIVERS\appliand.sys
13:31:19.0562 3944 appliand - ok
13:31:19.0562 3944 appliandMP (69370f2e2827ffba910d0bfa9e62e484) C:\WINDOWS\system32\DRIVERS\appliand.sys
13:31:19.0562 3944 appliandMP - ok
13:31:19.0609 3944 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:31:19.0609 3944 Arp1394 - ok
13:31:19.0625 3944 asc - ok
13:31:19.0625 3944 asc3350p - ok
13:31:19.0640 3944 asc3550 - ok
13:31:19.0703 3944 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:31:19.0703 3944 AsyncMac - ok
13:31:19.0859 3944 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:31:19.0859 3944 atapi - ok
13:31:19.0859 3944 Atdisk - ok
13:31:19.0906 3944 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:31:19.0906 3944 Atmarpc - ok
13:31:19.0984 3944 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:31:19.0984 3944 audstub - ok
13:31:20.0046 3944 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:31:20.0046 3944 Beep - ok
13:31:20.0046 3944 catchme - ok
13:31:20.0093 3944 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:31:20.0093 3944 cbidf2k - ok
13:31:20.0125 3944 cd20xrnt - ok
13:31:20.0140 3944 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:31:20.0140 3944 Cdaudio - ok
13:31:20.0156 3944 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:31:20.0156 3944 Cdfs - ok
13:31:20.0203 3944 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:31:20.0203 3944 Cdrom - ok
13:31:20.0203 3944 Changer - ok
13:31:20.0234 3944 CmdIde - ok
13:31:20.0250 3944 Cpqarray - ok
13:31:20.0390 3944 CrystalSysInfo (f054744f67576a01139885173392502b) C:\Program Files\MediaCoder\SysInfo.sys
13:31:20.0390 3944 CrystalSysInfo - ok
13:31:20.0437 3944 dac2w2k - ok
13:31:20.0437 3944 dac960nt - ok
13:31:20.0500 3944 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:31:20.0500 3944 Disk - ok
13:31:20.0593 3944 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
13:31:20.0593 3944 dmboot - ok
13:31:20.0625 3944 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
13:31:20.0625 3944 dmio - ok
13:31:20.0687 3944 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:31:20.0687 3944 dmload - ok
13:31:20.0734 3944 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:31:20.0734 3944 DMusic - ok
13:31:20.0750 3944 dpti2o - ok
13:31:20.0812 3944 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:31:20.0812 3944 drmkaud - ok
13:31:20.0859 3944 E100B (5e72c8fbba5e949995ceb4d25656f904) C:\WINDOWS\system32\DRIVERS\e100b325.sys
13:31:20.0859 3944 E100B - ok
13:31:20.0953 3944 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:31:20.0953 3944 Fastfat - ok
13:31:20.0968 3944 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
13:31:20.0968 3944 Fdc - ok
13:31:20.0984 3944 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
13:31:20.0984 3944 Fips - ok
13:31:20.0984 3944 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
13:31:20.0984 3944 Flpydisk - ok
13:31:21.0062 3944 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:31:21.0062 3944 FltMgr - ok
13:31:21.0109 3944 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:31:21.0109 3944 Fs_Rec - ok
13:31:21.0125 3944 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:31:21.0125 3944 Ftdisk - ok
13:31:21.0171 3944 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:31:21.0171 3944 Gpc - ok
13:31:21.0187 3944 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:31:21.0203 3944 HDAudBus - ok
13:31:21.0265 3944 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:31:21.0265 3944 HidUsb - ok
13:31:21.0281 3944 hpn - ok
13:31:21.0343 3944 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
13:31:21.0343 3944 HTTP - ok
13:31:21.0359 3944 i2omgmt - ok
13:31:21.0375 3944 i2omp - ok
13:31:21.0437 3944 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:31:21.0437 3944 i8042prt - ok
13:31:21.0500 3944 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\DRIVERS\iaStor.sys
13:31:21.0500 3944 iaStor - ok
13:31:21.0531 3944 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:31:21.0531 3944 Imapi - ok
13:31:21.0546 3944 ini910u - ok
13:31:21.0765 3944 IntcAzAudAddService (39a817320087ef1c851d7a8f1701b3e0) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:31:21.0796 3944 IntcAzAudAddService - ok
13:31:21.0843 3944 IntelIde - ok
13:31:21.0906 3944 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:31:21.0906 3944 intelppm - ok
13:31:21.0953 3944 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:31:21.0953 3944 Ip6Fw - ok
13:31:21.0968 3944 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:31:21.0968 3944 IpFilterDriver - ok
13:31:21.0968 3944 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:31:21.0984 3944 IpInIp - ok
13:31:22.0015 3944 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:31:22.0015 3944 IpNat - ok
13:31:22.0031 3944 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:31:22.0031 3944 IPSec - ok
13:31:22.0078 3944 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:31:22.0078 3944 IRENUM - ok
13:31:22.0187 3944 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:31:22.0187 3944 isapnp - ok
13:31:22.0250 3944 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:31:22.0250 3944 Kbdclass - ok
13:31:22.0328 3944 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:31:22.0328 3944 kbdhid - ok
13:31:22.0390 3944 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:31:22.0390 3944 kmixer - ok
13:31:22.0421 3944 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
13:31:22.0421 3944 KSecDD - ok
13:31:22.0453 3944 lbrtfdc - ok
13:31:22.0468 3944 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:31:22.0468 3944 mnmdd - ok
13:31:22.0531 3944 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
13:31:22.0531 3944 Modem - ok
13:31:22.0640 3944 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:31:22.0640 3944 Mouclass - ok
13:31:22.0703 3944 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:31:22.0703 3944 mouhid - ok
13:31:22.0718 3944 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:31:22.0734 3944 MountMgr - ok
13:31:22.0734 3944 mraid35x - ok
13:31:22.0750 3944 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:31:22.0750 3944 MRxDAV - ok
13:31:22.0781 3944 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:31:22.0796 3944 MRxSmb - ok
13:31:22.0843 3944 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:31:22.0843 3944 Msfs - ok
13:31:22.0890 3944 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:31:22.0890 3944 MSKSSRV - ok
13:31:22.0921 3944 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:31:22.0921 3944 MSPCLOCK - ok
13:31:22.0937 3944 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:31:22.0937 3944 MSPQM - ok
13:31:22.0953 3944 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:31:22.0953 3944 mssmbios - ok
13:31:22.0953 3944 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
13:31:22.0953 3944 Mup - ok
13:31:22.0968 3944 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:31:22.0968 3944 NDIS - ok
13:31:22.0984 3944 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:31:22.0984 3944 NdisTapi - ok
13:31:23.0000 3944 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:31:23.0000 3944 Ndisuio - ok
13:31:23.0000 3944 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:31:23.0000 3944 NdisWan - ok
13:31:23.0015 3944 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
13:31:23.0015 3944 NDProxy - ok
13:31:23.0015 3944 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:31:23.0015 3944 NetBIOS - ok
13:31:23.0046 3944 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:31:23.0046 3944 NetBT - ok
13:31:23.0062 3944 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:31:23.0062 3944 NIC1394 - ok
13:31:23.0140 3944 npf (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
13:31:23.0140 3944 npf - ok
13:31:23.0203 3944 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:31:23.0203 3944 Npfs - ok
13:31:23.0250 3944 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:31:23.0265 3944 Ntfs - ok
13:31:23.0328 3944 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:31:23.0328 3944 Null - ok
13:31:23.0734 3944 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:31:23.0812 3944 nv - ok
13:31:23.0906 3944 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:31:23.0906 3944 NwlnkFlt - ok
13:31:23.0921 3944 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:31:23.0921 3944 NwlnkFwd - ok
13:31:23.0968 3944 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:31:23.0968 3944 ohci1394 - ok
13:31:24.0031 3944 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
13:31:24.0031 3944 Parport - ok
13:31:24.0031 3944 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:31:24.0031 3944 PartMgr - ok
13:31:24.0078 3944 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
13:31:24.0078 3944 ParVdm - ok
13:31:24.0093 3944 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
13:31:24.0109 3944 PCI - ok
13:31:24.0109 3944 PCIDump - ok
13:31:24.0109 3944 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:31:24.0109 3944 PCIIde - ok
13:31:24.0171 3944 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:31:24.0171 3944 Pcmcia - ok
13:31:24.0218 3944 PDCOMP - ok
13:31:24.0234 3944 PDFRAME - ok
13:31:24.0234 3944 PDRELI - ok
13:31:24.0250 3944 PDRFRAME - ok
13:31:24.0250 3944 perc2 - ok
13:31:24.0265 3944 perc2hib - ok
13:31:24.0281 3944 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:31:24.0281 3944 PptpMiniport - ok
13:31:24.0296 3944 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:31:24.0296 3944 PSched - ok
13:31:24.0359 3944 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:31:24.0359 3944 Ptilink - ok
13:31:24.0421 3944 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:31:24.0421 3944 PxHelp20 - ok
13:31:24.0437 3944 ql1080 - ok
13:31:24.0437 3944 Ql10wnt - ok
13:31:24.0453 3944 ql12160 - ok
13:31:24.0453 3944 ql1240 - ok
13:31:24.0468 3944 ql1280 - ok
13:31:24.0500 3944 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:31:24.0500 3944 RasAcd - ok
13:31:24.0562 3944 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:31:24.0562 3944 Rasl2tp - ok
13:31:24.0578 3944 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:31:24.0578 3944 RasPppoe - ok
13:31:24.0578 3944 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:31:24.0578 3944 Raspti - ok
13:31:24.0640 3944 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:31:24.0640 3944 Rdbss - ok
13:31:24.0718 3944 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:31:24.0718 3944 RDPCDD - ok
13:31:24.0781 3944 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:31:24.0781 3944 rdpdr - ok
13:31:24.0843 3944 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
13:31:24.0843 3944 RDPWD - ok
13:31:24.0890 3944 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:31:24.0890 3944 redbook - ok
13:31:24.0937 3944 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:31:24.0937 3944 Secdrv - ok
13:31:24.0984 3944 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
13:31:24.0984 3944 Serial - ok
13:31:25.0046 3944 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:31:25.0046 3944 Sfloppy - ok
13:31:25.0125 3944 Simbad - ok
13:31:25.0125 3944 Sparrow - ok
13:31:25.0187 3944 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:31:25.0187 3944 splitter - ok
13:31:25.0250 3944 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
13:31:25.0250 3944 sr - ok
13:31:25.0281 3944 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
13:31:25.0281 3944 Srv - ok
13:31:25.0328 3944 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:31:25.0328 3944 swenum - ok
13:31:25.0359 3944 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:31:25.0359 3944 swmidi - ok
13:31:25.0375 3944 symc810 - ok
13:31:25.0375 3944 symc8xx - ok
13:31:25.0390 3944 sym_hi - ok
13:31:25.0390 3944 sym_u3 - ok
13:31:25.0437 3944 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:31:25.0437 3944 sysaudio - ok
13:31:25.0515 3944 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:31:25.0515 3944 Tcpip - ok
13:31:25.0625 3944 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:31:25.0625 3944 TDPIPE - ok
13:31:25.0640 3944 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:31:25.0640 3944 TDTCP - ok
13:31:25.0640 3944 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:31:25.0640 3944 TermDD - ok
13:31:25.0656 3944 TosIde - ok
13:31:25.0687 3944 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:31:25.0687 3944 Udfs - ok
13:31:25.0687 3944 ultra - ok
13:31:25.0750 3944 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:31:25.0750 3944 Update - ok
13:31:25.0812 3944 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:31:25.0812 3944 usbccgp - ok
13:31:25.0890 3944 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:31:25.0890 3944 usbehci - ok
13:31:25.0968 3944 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:31:25.0968 3944 usbhub - ok
13:31:26.0031 3944 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:31:26.0031 3944 usbscan - ok
13:31:26.0062 3944 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:31:26.0062 3944 usbstor - ok
13:31:26.0125 3944 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:31:26.0125 3944 usbuhci - ok
13:31:26.0156 3944 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:31:26.0156 3944 VgaSave - ok
13:31:26.0171 3944 ViaIde - ok
13:31:26.0203 3944 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
13:31:26.0203 3944 VolSnap - ok
13:31:26.0218 3944 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:31:26.0218 3944 Wanarp - ok
13:31:26.0234 3944 WDICA - ok
13:31:26.0296 3944 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:31:26.0296 3944 wdmaud - ok
13:31:26.0421 3944 WpdUsb (c1b3d9d75c3fb735f5fa3a5806aded57) C:\WINDOWS\system32\Drivers\wpdusb.sys
13:31:26.0421 3944 WpdUsb - ok
13:31:26.0484 3944 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:31:26.0484 3944 WS2IFSL - ok
13:31:26.0531 3944 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
13:31:26.0625 3944 \Device\Harddisk0\DR0 - ok
13:31:26.0625 3944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
13:31:26.0640 3944 \Device\Harddisk1\DR1 - ok
13:31:26.0640 3944 Boot (0x1200) (444fafce162322a6951dd413857ebc23) \Device\Harddisk0\DR0\Partition0
13:31:26.0640 3944 \Device\Harddisk0\DR0\Partition0 - ok
13:31:26.0640 3944 ============================================================
13:31:26.0640 3944 Scan finished
13:31:26.0640 3944 ============================================================
13:31:26.0656 2852 Detected object count: 0
13:31:26.0656 2852 Actual detected object count: 0

Ani rootkit nemáte. Zkuste restartovat modem, příp. další síť. prvek v datové cestě. Dále zkuste použít WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Utilita reinstaluje protokol TCP/IP. Máte-li parametry sítě zadány ručně, budete je muset po restartu znovu zadat.