VIRY.CZ

Logfile of random's system information tool 1.06 (written by random/random)
Run by Miroslav at 2010-01-04 17:21:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (20%) free of 19 GB
Total RAM: 735 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:22:02, on 4.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Em-date.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\system32\outinst.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Miroslav\Plocha\Nepoužívané odkazy plochy\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Miroslav.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [EM-DATE] C:\Program Files\Em-date.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [OutlookFriend] outinst.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3436129549
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4571953867
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1c9df3897dbb800) (gupdate1c9df3897dbb800) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 6198 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EM-DATE"=C:\Program Files\Em-date.exe [2002-12-27 104960]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
"OutlookFriend"=C:\WINDOWS\system32\outinst.exe [2005-02-25 29184]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"UberIcon"=C:\Program Files\UberIcon\UberIcon Manager.exe [2007-08-17 159744]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
C:\Program Files\Innovative Solutions\DriverMax\PatchWise.bak\devices.exe [2009-10-07 7927640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
SiSPower.dll,ModeAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2]
C:\WINDOWS\vsnpstd2.exe [2004-06-10 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UberIcon]
C:\Program Files\UberIcon\UberIcon Manager.exe [2007-08-17 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Utility Tray.lnk]
C:\WINDOWS\system32\sistray.exe [2006-03-09 262144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^RocketDock.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\ROCKET~1\ROCKET~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^TransBar.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [2005-06-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^Y'z Shadow.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\YzShadow\YzShadow.exe [2006-05-21 155648]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDrives"=
"NoFileAssociate"=
"NoResolveTrack"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"

======List of files/folders created in the last 1 months======

2010-01-04 17:21:44 ----D---- C:\rsit
2010-01-04 04:12:27 ----SHD---- C:\RECYCLER
2010-01-03 21:10:23 ----D---- C:\WINDOWS\temp
2010-01-03 21:10:20 ----A---- C:\ComboFix.txt
2010-01-03 20:57:44 ----A---- C:\WINDOWS\zip.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\SWSC.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\SWREG.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\sed.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\PEV.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\MBR.exe
2010-01-03 20:57:44 ----A---- C:\WINDOWS\grep.exe
2010-01-03 20:57:15 ----D---- C:\WINDOWS\ERDNT
2010-01-03 20:57:02 ----D---- C:\Qoobox
2009-12-30 19:38:46 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-12-29 23:51:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-12-29 23:12:26 ----D---- C:\WINDOWS\Prefetch
2009-12-29 22:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-29 22:50:56 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-29 22:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-12-29 22:48:46 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-29 22:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-29 22:46:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-29 22:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-29 22:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-29 22:43:58 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-29 22:43:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-29 22:42:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-29 22:41:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-29 22:40:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-29 22:39:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-29 22:38:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-12-29 22:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-29 22:36:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-29 22:35:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-29 22:34:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-29 22:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-29 22:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-29 22:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-29 22:30:34 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-29 22:29:40 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-12-29 22:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-29 22:26:18 ----D---- C:\Program Files\Messenger
2009-12-29 17:43:18 ----D---- C:\Program Files\ICQ6.5
2009-12-23 23:39:12 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\Spicebird
2009-12-23 23:38:35 ----D---- C:\Program Files\Synovel Spicebird
2009-12-15 17:56:16 ----D---- C:\Program Files\Common Files\Skype
2009-12-13 12:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-11 20:27:14 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\ESET
2009-12-11 20:24:11 ----D---- C:\Program Files\ESET
2009-12-09 22:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 22:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 22:40:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 22:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 22:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-06 22:18:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Veselé Omalovánky 3
2009-12-06 22:18:15 ----D---- C:\Program Files\Veselé Omalovánky 3
2009-12-06 12:35:31 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2009-12-06 12:25:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Veselé Omalovánky 4
2009-12-06 12:25:53 ----D---- C:\Program Files\Veselé Omalovánky 4

======List of files/folders modified in the last 1 months======

2010-01-04 16:52:22 ----D---- C:\Program Files\Mozilla Firefox
2010-01-04 16:45:51 ----D---- C:\Program Files\Mozilla Thunderbird
2010-01-04 04:18:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-03 21:10:23 ----D---- C:\WINDOWS
2010-01-03 21:06:43 ----A---- C:\WINDOWS\system.ini
2010-01-03 21:03:53 ----D---- C:\WINDOWS\system32\drivers
2010-01-03 21:03:53 ----D---- C:\WINDOWS\system32
2010-01-03 21:03:53 ----D---- C:\WINDOWS\AppPatch
2010-01-03 21:03:48 ----D---- C:\Program Files\Common Files
2010-01-03 20:59:16 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-03 20:14:12 ----SHD---- C:\WINDOWS\Installer
2010-01-03 20:12:04 ----AC---- C:\WINDOWS\mgutil_reg.ini
2010-01-03 18:18:39 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\ICQ
2010-01-03 17:31:26 ----D---- C:\Program Files\QIP Infium bz™Pack
2010-01-03 16:14:25 ----D---- C:\Program Files\Windows Desktop Search
2010-01-03 16:10:01 ----D---- C:\WINDOWS\system32\wbem
2010-01-03 16:10:00 ----HD---- C:\WINDOWS\inf
2010-01-03 14:48:41 ----SD---- C:\WINDOWS\Tasks
2010-01-03 14:07:53 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\vlc
2010-01-03 12:22:01 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\Skype
2010-01-03 09:51:23 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\skypePM
2010-01-03 08:32:26 ----D---- C:\Program Files\EcardsMediaShop
2010-01-03 08:31:08 ----D---- C:\Program Files
2010-01-03 08:25:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\page
2010-01-03 07:40:24 ----A---- C:\WINDOWS\system32\oeminfo.ini
2010-01-03 07:16:53 ----D---- C:\Config.Msi
2010-01-03 07:16:50 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-02 13:24:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-31 03:40:18 ----SHD---- C:\System Volume Information
2009-12-31 03:40:18 ----D---- C:\WINDOWS\system32\Restore
2009-12-30 22:57:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-30 22:51:41 ----D---- C:\WINDOWS\Debug
2009-12-30 22:51:39 ----D---- C:\WINDOWS\Minidump
2009-12-30 22:43:33 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\Mozilla
2009-12-30 20:14:31 ----D---- C:\WINDOWS\pss
2009-12-30 19:57:48 ----D---- C:\WINDOWS\Cursors
2009-12-30 19:57:47 ----RSD---- C:\WINDOWS\Fonts
2009-12-30 19:57:47 ----D---- C:\WINDOWS\Media
2009-12-30 19:57:47 ----D---- C:\Program Files\Outlook Express
2009-12-30 19:57:47 ----D---- C:\Program Files\Movie Maker
2009-12-30 19:57:45 ----D---- C:\WINDOWS\system32\usmt
2009-12-30 19:47:29 ----AC---- C:\WINDOWS\BricoPackUninst.txt
2009-12-30 19:47:29 ----AC---- C:\WINDOWS\BricoPackUninst.cmd
2009-12-30 19:47:24 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-12-30 19:37:48 ----D---- C:\WINDOWS\BricoPacks
2009-12-30 18:13:26 ----D---- C:\Program Files\Internet Explorer
2009-12-30 18:09:17 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-30 18:08:47 ----HDC---- C:\WINDOWS\ie8
2009-12-30 18:06:37 ----D---- C:\WINDOWS\system32\cs-CZ
2009-12-29 23:36:51 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-29 22:33:41 ----D---- C:\WINDOWS\security
2009-12-29 22:25:37 ----D---- C:\WINDOWS\Help
2009-12-29 22:25:27 ----D---- C:\WINDOWS\system32\oobe
2009-12-29 22:20:06 ----D---- C:\WINDOWS\ehome
2009-12-28 17:33:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-26 09:10:41 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-12-25 22:07:51 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-12-24 14:38:01 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\esmska
2009-12-23 23:56:55 ----AC---- C:\WINDOWS\mgutil_win.ini
2009-12-20 19:16:42 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\MyPhoneExplorer
2009-12-20 09:20:41 ----D---- C:\Program Files\Zacek v2.0
2009-12-15 17:56:08 ----RD---- C:\Program Files\Skype
2009-12-13 12:15:41 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\dvdcss
2009-12-10 03:55:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 22:42:36 ----D---- C:\WINDOWS\ie8updates
2009-12-09 22:42:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2009-12-06 14:18:45 ----D---- C:\Documents and Settings\Miroslav\Data aplikací\Ancestry
2009-12-05 07:55:07 ----D---- C:\Program Files\MyPhoneExplorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-05-14 55768]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2007-08-26 12160]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-03-05 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2007-08-26 245248]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 snpstd2;VideoCAM Look; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-07-28 334080]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-03-05 39184]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Miroslav\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 uir1100a;UIR1100A; C:\WINDOWS\system32\DRIVERS\uir1100a.sys [2004-12-01 31048]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VHidMinidrv;Bluetooth HID Device Service; C:\WINDOWS\system32\drivers\VHIDMini.sys [2007-03-05 19472]
S3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488]
S3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2009-07-24 4608]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c9df3897dbb800;Služba Google Update (gupdate1c9df3897dbb800); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2009-07-24 1492344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Dělal jste sken ComboFix 3.1. Pokud něco smazal, zde nic neuvidím. Dejte z něj log.

Tady je log z ComboFixu

ComboFix 10-01-02.05 - Miroslav 03.01.2010 20:59:45.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.735.400 [GMT 1:00]
Spuštěný z: c:\documents and settings\Miroslav\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-03 do 2010-01-03 )))))))))))))))))))))))))))))))
.

2009-12-30 18:38 . 2009-12-30 18:47 5434 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-12-29 16:43 . 2010-01-03 20:05 -------- d-----w- c:\program files\ICQ6.5
2009-12-23 22:39 . 2009-12-23 22:39 0 ----a-w- c:\windows\nsreg.dat
2009-12-23 22:38 . 2009-12-23 22:52 -------- d-----w- c:\program files\Synovel Spicebird
2009-12-15 17:00 . 2009-12-21 17:07 -------- d-----w- c:\documents and settings\Miroslav\dwhelper
2009-12-15 16:56 . 2009-12-15 16:56 -------- d-----w- c:\program files\Common Files\Skype
2009-12-13 11:36 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-11 19:24 . 2009-12-11 19:24 -------- d-----w- c:\program files\ESET
2009-12-11 16:56 . 2009-09-02 09:20 652 ----a-w- c:\windows\FIX.reg
2009-12-11 16:56 . 2008-11-01 12:23 280 ----a-w- c:\windows\reset.reg
2009-12-06 21:18 . 2009-12-06 21:18 -------- d-----w- c:\program files\Veselé Omalovánky 3
2009-12-06 11:32 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-12-06 11:32 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-12-06 11:32 . 2008-04-14 03:29 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-12-06 11:32 . 2008-04-14 03:29 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-12-06 11:25 . 2009-12-06 11:25 -------- d-----w- c:\program files\Veselé Omalovánky 4

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 16:35 . 2009-05-26 22:19 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-01-03 16:31 . 2009-10-18 17:35 -------- d-----w- c:\program files\QIP Infium bz™Pack
2010-01-03 15:14 . 2009-10-28 23:02 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-03 15:09 . 2001-10-25 12:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-01-03 15:09 . 2001-10-25 12:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-01-03 07:32 . 2009-11-15 18:09 -------- d-----w- c:\program files\EcardsMediaShop
2009-12-30 18:47 . 2009-09-11 19:08 71074 -c--a-w- c:\windows\BricoPackUninst.cmd
2009-12-30 18:47 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-12-28 16:33 . 2009-05-27 17:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-20 08:20 . 2009-11-11 17:49 -------- d-----w- c:\program files\Zacek v2.0
2009-12-15 16:56 . 2009-06-05 15:14 -------- d-----r- c:\program files\Skype
2009-12-05 06:55 . 2009-05-27 17:22 -------- d-----w- c:\program files\MyPhoneExplorer
2009-12-03 15:14 . 2009-05-27 17:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-05-27 17:14 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-02 20:59 . 2009-12-02 17:54 -------- d-----w- c:\program files\OffLine 2.0.21.1
2009-11-29 11:40 . 2009-10-30 03:10 -------- d-----w- c:\program files\Ashampoo
2009-11-29 07:08 . 2009-11-29 07:08 -------- d-----w- c:\program files\Zoner
2009-11-29 06:13 . 2009-11-16 19:57 -------- d-----w- c:\program files\kukej
2009-11-29 06:13 . 2009-05-27 19:51 -------- d-----w- c:\program files\Uloz.to Uploader
2009-11-29 06:00 . 2009-05-28 02:02 -------- d-----w- c:\program files\Google
2009-11-21 16:03 . 2004-08-17 13:49 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-19 19:48 . 2009-11-19 17:54 -------- d-----w- c:\program files\Common Files\Teleca Shared
2009-11-15 19:29 . 2009-11-14 12:40 -------- d-----w- c:\program files\Sqirlz Water Reflections
2009-11-15 19:10 . 2009-10-25 09:57 -------- d-----w- c:\program files\Java
2009-11-13 13:40 . 2009-11-13 13:40 60648 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-13 13:29 . 2009-11-04 16:37 -------- d-----w- c:\program files\Microsoft Works
2009-11-13 11:57 . 2009-11-13 11:30 73239 ----a-w- c:\windows\hpfins09.dat
2009-11-13 11:56 . 2009-11-13 11:56 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-11-13 11:53 . 2009-05-27 21:22 -------- d-----w- c:\program files\Common Files\HP
2009-11-11 18:02 . 2009-05-27 02:17 -------- d-----w- c:\program files\Quick Moto
2009-11-08 12:11 . 2009-05-26 22:18 -------- d-----w- c:\program files\MozBackup
2009-10-29 07:43 . 2004-08-17 13:49 907264 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-17 13:49 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-17 13:49 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-16 18:41 . 2009-10-16 18:41 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-10-13 10:34 . 2004-08-17 13:49 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-17 13:49 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:40 . 2004-08-17 13:49 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 12:22 . 2009-10-12 12:17 79338 -c--a-w- c:\windows\hpfins05.dat
2009-10-11 03:17 . 2009-10-25 08:49 411368 -c--a-w- c:\windows\system32\deploytk.dll
2009-10-08 13:57 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 13:57 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-08 13:57 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2002-12-27 14:15 . 2009-05-27 02:18 104960 ----a-w- c:\program files\Em-date.exe
.

------- Sigcheck -------

[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe

[-] 2009-10-29 . 36A3587D876C243688334732C77B57A7 . 6214656 . . [8.00.6001.18854] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2009-10-29 . 36A3587D876C243688334732C77B57A7 . 6214656 . . [8.00.6001.18854] . . c:\windows\system32\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . B459C87AA60BADADF3F0887737889CFF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 8097658FEC4E7E65C8A63E6B7B2B0921 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3GDR\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3GDR\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3QFE\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3QFE\mshtml.dll
[7] 2009-07-18 . A5D3E41824AA0BEA9D4A7DD190057452 . 3090944 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
[-] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2009-03-08 . 609C33496A0304480853A1DC3B2DE25B . 6265344 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2006-05-19 . E558A3302E2D8A62929ADBC24C5A0F12 . 3073536 . . [6.00.2900.2912] . . c:\windows\SoftwareDistribution\Download\8d1b90e7ea864690ae5d97f698e77d8f\sp2gdr\mshtml.dll
[-] 2006-05-19 . 45238B7C25255430091DA44A2485CBA4 . 3076096 . . [6.00.2900.2912] . . c:\windows\SoftwareDistribution\Download\8d1b90e7ea864690ae5d97f698e77d8f\sp2qfe\mshtml.dll

[-] 2009-10-29 . 70FF3306B3B5CBE84993881BD647CE67 . 907264 . . [8.00.6001.18854] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2009-10-29 . 70FF3306B3B5CBE84993881BD647CE67 . 907264 . . [8.00.6001.18854] . . c:\windows\system32\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 37CFE7928711C8157CF4D191F0EF5F69 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3QFE\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3GDR\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3GDR\wininet.dll
[7] 2009-06-26 . 6B6948F5A8E5951821681E54513E19B5 . 669184 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[-] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-03-08 . 97C2DC4A0C6F8068424A6CED25983006 . 981504 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2006-05-10 . 249006609C731D37878898D3441B19A2 . 664576 . . [6.00.2900.2904] . . c:\windows\SoftwareDistribution\Download\8d1b90e7ea864690ae5d97f698e77d8f\sp2qfe\wininet.dll

[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2007-08-17 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EM-DATE"="c:\program files\Em-date.exe" [2002-12-27 104960]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"OutlookFriend"="outinst.exe" [2005-02-25 29184]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Utility Tray.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Utility Tray.lnk
backup=c:\windows\pss\Utility Tray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^RocketDock.lnk]
path=c:\documents and settings\Miroslav\Nabídka Start\Programy\Po spuštění\RocketDock.lnk
backup=c:\windows\pss\RocketDock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^TransBar.lnk]
path=c:\documents and settings\Miroslav\Nabídka Start\Programy\Po spuštění\TransBar.lnk
backup=c:\windows\pss\TransBar.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^Y'z Shadow.lnk]
path=c:\documents and settings\Miroslav\Nabídka Start\Programy\Po spuštění\Y'z Shadow.lnk
backup=c:\windows\pss\Y'z Shadow.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2009-10-07 03:58 7927640 ----a-w- c:\program files\Innovative Solutions\DriverMax\PatchWise.bak\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
2006-03-09 01:04 49152 ----a-w- c:\windows\system32\SiSPower.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2]
2004-06-10 09:54 286720 -c--a-w- c:\windows\vsnpstd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UberIcon]
2007-08-17 17:10 159744 ----a-w- c:\program files\UberIcon\UberIcon Manager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 15:47 731840]
S0 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys --> c:\windows\system32\drivers\Partizan.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.8.2009 8:11 721904]
S2 gupdate1c9df3897dbb800;Služba Google Update (gupdate1c9df3897dbb800);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [27.5.2009 18:14 38224]
S3 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [21.4.2007 13:54 52080]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [16.10.2009 19:41 23600]
S3 uir1100a;UIR1100A;c:\windows\system32\drivers\uir1100a.sys [27.5.2009 20:07 31048]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Miroslav\Data aplikací\Mozilla\Firefox\Profiles\rm2h2vwo.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl
MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 21:06
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-01-03 21:10:19
ComboFix-quarantined-files.txt 2010-01-03 20:10

Před spuštěním: 3 888 332 800
Po spuštění: 3 857 952 768

Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 64F7FCF1CB9C0E1A9CDFDFCAFDCCDD1F

Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\reset.reg
c:\windows\FIX.reg

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

ComboFix 10-01-03.05 - Miroslav 04.01.2010 21:11:01.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.735.354 [GMT 1:00]
Spuštěný z: c:\documents and settings\Miroslav\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Miroslav\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-04 do 2010-01-04 )))))))))))))))))))))))))))))))
.

2010-01-04 18:01 . 2010-01-04 19:55 -------- d-----w- c:\program files\ICQ6.5
2010-01-04 16:21 . 2010-01-04 16:22 -------- d-----w- C:\rsit
2009-12-30 18:38 . 2009-12-30 18:47 5434 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-12-23 22:39 . 2009-12-23 22:39 0 ----a-w- c:\windows\nsreg.dat
2009-12-23 22:38 . 2009-12-23 22:52 -------- d-----w- c:\program files\Synovel Spicebird
2009-12-15 17:00 . 2009-12-21 17:07 -------- d-----w- c:\documents and settings\Miroslav\dwhelper
2009-12-15 16:56 . 2009-12-15 16:56 -------- d-----w- c:\program files\Common Files\Skype
2009-12-13 11:36 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-11 19:24 . 2009-12-11 19:24 -------- d-----w- c:\program files\ESET
2009-12-06 21:18 . 2009-12-06 21:18 -------- d-----w- c:\program files\Veselé Omalovánky 3
2009-12-06 11:32 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-12-06 11:32 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-12-06 11:32 . 2008-04-14 03:29 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-12-06 11:32 . 2008-04-14 03:29 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-12-06 11:25 . 2009-12-06 11:25 -------- d-----w- c:\program files\Veselé Omalovánky 4

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-04 18:51 . 2009-05-26 22:19 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-01-04 17:43 . 2009-10-18 17:35 -------- d-----w- c:\program files\QIP Infium bz™Pack
2010-01-03 15:14 . 2009-10-28 23:02 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-03 15:09 . 2001-10-25 12:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-01-03 15:09 . 2001-10-25 12:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-01-03 07:32 . 2009-11-15 18:09 -------- d-----w- c:\program files\EcardsMediaShop
2009-12-30 18:47 . 2009-09-11 19:08 71074 -c--a-w- c:\windows\BricoPackUninst.cmd
2009-12-30 18:47 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-12-28 16:33 . 2009-05-27 17:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-20 08:20 . 2009-11-11 17:49 -------- d-----w- c:\program files\Zacek v2.0
2009-12-15 16:56 . 2009-06-05 15:14 -------- d-----r- c:\program files\Skype
2009-12-05 06:55 . 2009-05-27 17:22 -------- d-----w- c:\program files\MyPhoneExplorer
2009-12-03 15:14 . 2009-05-27 17:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-05-27 17:14 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-02 20:59 . 2009-12-02 17:54 -------- d-----w- c:\program files\OffLine 2.0.21.1
2009-11-29 11:40 . 2009-10-30 03:10 -------- d-----w- c:\program files\Ashampoo
2009-11-29 07:08 . 2009-11-29 07:08 -------- d-----w- c:\program files\Zoner
2009-11-29 06:13 . 2009-11-16 19:57 -------- d-----w- c:\program files\kukej
2009-11-29 06:13 . 2009-05-27 19:51 -------- d-----w- c:\program files\Uloz.to Uploader
2009-11-29 06:00 . 2009-05-28 02:02 -------- d-----w- c:\program files\Google
2009-11-21 16:03 . 2004-08-17 13:49 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-19 19:48 . 2009-11-19 17:54 -------- d-----w- c:\program files\Common Files\Teleca Shared
2009-11-15 19:29 . 2009-11-14 12:40 -------- d-----w- c:\program files\Sqirlz Water Reflections
2009-11-15 19:10 . 2009-10-25 09:57 -------- d-----w- c:\program files\Java
2009-11-13 13:40 . 2009-11-13 13:40 60648 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-13 13:29 . 2009-11-04 16:37 -------- d-----w- c:\program files\Microsoft Works
2009-11-13 11:57 . 2009-11-13 11:30 73239 -c--a-w- c:\windows\hpfins09.dat
2009-11-13 11:56 . 2009-11-13 11:56 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-11-13 11:53 . 2009-05-27 21:22 -------- d-----w- c:\program files\Common Files\HP
2009-11-11 18:02 . 2009-05-27 02:17 -------- d-----w- c:\program files\Quick Moto
2009-11-08 12:11 . 2009-05-26 22:18 -------- d-----w- c:\program files\MozBackup
2009-10-29 07:43 . 2004-08-17 13:49 907264 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-17 13:49 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-17 13:49 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-16 18:41 . 2009-10-16 18:41 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-10-13 10:34 . 2004-08-17 13:49 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-17 13:49 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:40 . 2004-08-17 13:49 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 12:22 . 2009-10-12 12:17 79338 -c--a-w- c:\windows\hpfins05.dat
2009-10-11 03:17 . 2009-10-25 08:49 411368 -c--a-w- c:\windows\system32\deploytk.dll
2009-10-08 13:57 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 13:57 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-08 13:57 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2002-12-27 14:15 . 2009-05-27 02:18 104960 ----a-w- c:\program files\Em-date.exe
.

------- Sigcheck -------

[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe

[-] 2009-10-29 . 36A3587D876C243688334732C77B57A7 . 6214656 . . [8.00.6001.18854] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2009-10-29 . 36A3587D876C243688334732C77B57A7 . 6214656 . . [8.00.6001.18854] . . c:\windows\system32\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . B459C87AA60BADADF3F0887737889CFF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 8097658FEC4E7E65C8A63E6B7B2B0921 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3GDR\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3GDR\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3QFE\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3QFE\mshtml.dll
[7] 2009-07-18 . A5D3E41824AA0BEA9D4A7DD190057452 . 3090944 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
[-] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2009-03-08 . 609C33496A0304480853A1DC3B2DE25B . 6265344 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2006-05-19 . E558A3302E2D8A62929ADBC24C5A0F12 . 3073536 . . [6.00.2900.2912] . . c:\windows\SoftwareDistribution\Download\8d1b90e7ea864690ae5d97f698e77d8f\sp2gdr\mshtml.dll
[-] 2006-05-19 . 45238B7C25255430091DA44A2485CBA4 . 3076096 . . [6.00.2900.2912] . . c:\windows\SoftwareDistribution\Download\8d1b90e7ea864690ae5d97f698e77d8f\sp2qfe\mshtml.dll

[-] 2009-10-29 . 70FF3306B3B5CBE84993881BD647CE67 . 907264 . . [8.00.6001.18854] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2009-10-29 . 70FF3306B3B5CBE84993881BD647CE67 . 907264 . . [8.00.6001.18854] . . c:\windows\system32\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 37CFE7928711C8157CF4D191F0EF5F69 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3QFE\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\SoftwareDistribution\Download\18d13bb9bde28e941246ff93fbfd24ab\SP3GDR\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\SoftwareDistribution\Download\b8d526d04b664905f601c694eaa9eabc\SP3GDR\wininet.dll
[7] 2009-06-26 . 6B6948F5A8E5951821681E54513E19B5 . 669184 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[-] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-03-08 . 97C2DC4A0C6F8068424A6CED25983006 . 981504 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2006-05-10 . 249006609C731D37878898D3441B19A2 . 664576 . . [6.00.2900.2904] . . c:\windows\SoftwareDistribution\Download\8d1b90e7ea864690ae5d97f698e77d8f\sp2qfe\wininet.dll

[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2007-08-17 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EM-DATE"="c:\program files\Em-date.exe" [2002-12-27 104960]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"OutlookFriend"="outinst.exe" [2005-02-25 29184]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Utility Tray.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Utility Tray.lnk
backup=c:\windows\pss\Utility Tray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^RocketDock.lnk]
path=c:\documents and settings\Miroslav\Nabídka Start\Programy\Po spuštění\RocketDock.lnk
backup=c:\windows\pss\RocketDock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^TransBar.lnk]
path=c:\documents and settings\Miroslav\Nabídka Start\Programy\Po spuštění\TransBar.lnk
backup=c:\windows\pss\TransBar.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Miroslav^Nabídka Start^Programy^Po spuštění^Y'z Shadow.lnk]
path=c:\documents and settings\Miroslav\Nabídka Start\Programy\Po spuštění\Y'z Shadow.lnk
backup=c:\windows\pss\Y'z Shadow.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2009-10-07 03:58 7927640 ----a-w- c:\program files\Innovative Solutions\DriverMax\PatchWise.bak\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
2006-03-09 01:04 49152 ----a-w- c:\windows\system32\SiSPower.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2]
2004-06-10 09:54 286720 -c--a-w- c:\windows\vsnpstd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UberIcon]
2007-08-17 17:10 159744 ----a-w- c:\program files\UberIcon\UberIcon Manager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 15:47 731840]
S0 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys --> c:\windows\system32\drivers\Partizan.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.8.2009 8:11 721904]
S2 gupdate1c9df3897dbb800;Služba Google Update (gupdate1c9df3897dbb800);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [21.4.2007 13:54 52080]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [16.10.2009 19:41 23600]
S3 uir1100a;UIR1100A;c:\windows\system32\drivers\uir1100a.sys [27.5.2009 20:07 31048]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Miroslav\Data aplikací\Mozilla\Firefox\Profiles\rm2h2vwo.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-04 21:18
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3484)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\outlfrnd.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
Celkový čas: 2010-01-04 21:22:16
ComboFix-quarantined-files.txt 2010-01-04 20:22
ComboFix2.txt 2010-01-04 20:04
ComboFix3.txt 2010-01-03 20:10

Před spuštěním: 3 360 808 960
Po spuštění: 3 340 783 616

Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - F38587F86A6BA7D5C2B2274A6ACFB9A5

Log vypadá OK. Nastala nějaká změna?

V podstate se zrychlilo nacitani firefoxu i prace s thunderbitem,ale stejne jeste skace k 90% a nektere procesy treba firefox zustavaji viset

Zkuste obnovu systému k datu, kdy korektně fungoval.

Jo tak datum nevim a bod bohuzel nemam,ale zrychleni je znatelne.Mel jsem tu nejakou havet?

Pár AdWarů, jinak nic zvláštního.

Ale jak vidim tak podobne problemy s timto procesem ma dost lidi

On řídí veškeré spuštěné služby. proto je také vícekrát spuštěn.

Mam to jeste necim procistit?

Můžete zkusit CCleaner: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478

jj ten mam,procistim.Zatim diky

VIRY.CZ

Proces svchost.exe a 100% CPU

Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU

Re: Proces svchost.exe a 100% CPU