Pomalý NTB - komunikace po ethernetu, firefox - LOGY

[petypety]

Zdravím Vás,

prosím Vás o kontrolu logů - 1. RSIT a 2. ComboFix

počítač není můj, dle informací majitele se problém projevuje cca 14 dnů
začalo to problémy při psaní mailů přes firefox - zasekávání při psaní textů
pomalá odezva prohlížeče, následovaly problémy a potom nefunkčnost síťového
tisku. V exploreru se problém neprojevuje tak zásadně.

Vždy při zaseknutí se zvýší vytížení CPU - položka systém

Předen děkuji za pomoc

RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by host at 2010-01-31 11:15:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 266 GB (91%) free of 294 GB
Total RAM: 3032 MB (79% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-11-08 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll [2010-01-22 340848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL [2010-01-22 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-03 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-03 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-03 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll [2010-01-22 340848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"=C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe [2008-09-23 83240]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"TPFNF7"=C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2008-07-30 60192]
"TPWAUDAP"=C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe [2008-03-11 54560]
"SmartAudio"=C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE [2008-07-21 2701880]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-10-16 1368064]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2008-10-16 1191936]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-08-15 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-08-15 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-08-15 150040]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-11-24 487424]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"LPManager"=C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe [2007-04-26 120368]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2008-04-25 244208]
"AMSG"=C:\Program Files\ThinkVantage\AMSG\Amsg.exe [2008-12-20 449088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-03 136600]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe [2009-06-08 433480]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-07-10 188416]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-07 77824]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-11-08 198160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"Kalendar"=C:\Documents and Settings\host\Dokumenty\Programy\Kalendar\kalendar.exe [2005-11-04 579584]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Enable Labtec NumPad.lnk - C:\Program Files\Labtec NumPad\Magickey.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-08-11 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\Program Files\Lenovo\HOTKEY\tphklock.dll [2008-08-08 28672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-01-31 11:15:50 ----D---- C:\Program Files\trend micro
2010-01-31 11:15:49 ----D---- C:\rsit
2010-01-22 09:19:58 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-01-22 09:19:57 ----D---- C:\Program Files\Symantec
2010-01-22 09:19:57 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-22 09:19:02 ----D---- C:\Program Files\Norton Internet Security
2010-01-22 09:19:01 ----D---- C:\Program Files\Windows Sidebar
2010-01-22 09:19:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-01-19 18:26:17 ----A---- C:\WINDOWS\hpqcopy.INI
2010-01-14 11:07:20 ----D---- C:\Program Files\Alwil Software
2010-01-14 11:05:50 ----A---- C:\Program Files\setupcze.exe
2010-01-13 18:49:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 18:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$

======List of files/folders modified in the last 1 months======

2010-01-31 11:15:50 ----RD---- C:\Program Files
2010-01-31 11:15:01 ----D---- C:\WINDOWS\Prefetch
2010-01-31 11:12:37 ----D---- C:\WINDOWS\Temp
2010-01-31 08:44:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-31 08:32:37 ----A---- C:\sysiclog.txt
2010-01-31 08:31:45 ----AD---- C:\WINDOWS\system32
2010-01-31 08:30:31 ----A---- C:\WINDOWS\system32\ICAutoUpdate.log.bak
2010-01-31 02:23:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-30 22:31:26 ----D---- C:\Program Files\Mozilla Firefox
2010-01-30 21:52:22 ----D---- C:\WINDOWS
2010-01-30 21:32:16 ----SHD---- C:\WINDOWS\Installer
2010-01-30 21:31:49 ----D---- C:\Program Files\Google
2010-01-30 21:18:27 ----D---- C:\WINDOWS\system32\Filt
2010-01-30 21:01:23 ----AD---- C:\drivers
2010-01-30 21:00:20 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-30 20:27:38 ----HD---- C:\WINDOWS\inf
2010-01-25 12:47:34 ----D---- C:\WINDOWS\Network Diagnostic
2010-01-23 19:36:39 ----D---- C:\WINDOWS\system32\config
2010-01-22 22:16:18 ----SD---- C:\WINDOWS\Tasks
2010-01-22 21:41:25 ----D---- C:\WINDOWS\system32\drivers
2010-01-22 09:20:22 ----SHD---- C:\System Volume Information
2010-01-22 09:19:57 ----D---- C:\Program Files\Common Files
2010-01-21 23:02:17 ----ASHDC---- C:\WINDOWS\system32\dllcache
2010-01-21 23:02:15 ----D---- C:\Program Files\Internet Explorer
2010-01-21 23:02:04 ----D---- C:\WINDOWS\ie8updates
2010-01-21 23:01:49 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-20 22:28:57 ----A---- C:\WINDOWS\WTRDICT.INI
2010-01-19 21:00:04 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-01-13 18:52:37 ----D---- C:\WINDOWS\AppPatch
2010-01-13 18:49:12 ----A---- C:\WINDOWS\imsins.BAK
2010-01-13 16:30:52 ----A---- C:\WINDOWS\WINTRAN.INI
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-11-07 82380]
R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\ccHPx86.sys []
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100128.002\IDSxpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PMHler;PMHler; C:\WINDOWS\system32\drivers\PMHler.sys [2006-05-24 10240]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 SRTSPX;SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
R1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMTDI.SYS []
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2008-07-30 4608]
R1 tvtumon;tvtumon; C:\WINDOWS\system32\DRIVERS\tvtumon.sys [2008-07-11 46144]
R1 UsbFltr;WayTechMUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2005-02-21 8960]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2007-06-18 35064]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2007-06-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2007-06-18 9400]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2007-06-18 105048]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2007-06-18 26744]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2007-06-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2007-06-18 98136]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2007-06-18 93752]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]
R2 tvtfilter;tvtfilter; C:\WINDOWS\system32\DRIVERS\tvtfilter.sys [2009-11-03 33536]
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-05-20 257432]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 ASWFilt;ASWFilt; \??\C:\WINDOWS\system32\Filt\ASWFilt.dll []
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-12-10 539640]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-11-21 879624]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-06-29 156392]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
R3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-03-23 37280]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-11-27 74688]
R3 Cam5607;Lenovo EasyCamera ; C:\WINDOWS\System32\Drivers\BisonC07.sys [2008-09-10 1132840]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAU32.sys [2008-04-21 737792]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2008-03-25 985472]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2008-03-25 210560]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-08-11 6044864]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2008-06-13 110080]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100130.021\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100130.021\NAVEX15.SYS []
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2009-11-03 30144]
R3 SRTSP;SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
R3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMFW.SYS []
R3 SYMIDS;SYMIDS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMIDS.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2010-01-22 35888]
R3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMNDIS.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
R3 TVTI2C;Lenovo SM bus driver; C:\WINDOWS\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2008-03-25 731264]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-11-29 163328]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2010-01-22 35888]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2008-11-03 327192]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-06-08 1268040]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-01-18 264800]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 FNF5SVC;Fn+F5 Service; C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-03 152984]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [2010-01-22 115560]
R2 PMSveH;PMSveH; C:\Program Files\Lenovo\PMDriver\PMSveH.exe [2006-05-24 57344]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2008-10-16 905216]
R2 SUService;System Update; c:\program files\lenovo\system update\suservice.exe [2008-11-04 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-11-24 520192]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2008-11-24 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-11-24 1155072]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 gupdate1ca605c1c7828d8;Služba Google Update (gupdate1ca605c1c7828d8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-08 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2008-04-25 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-04-25 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-04-25 166384]
S2 SessionLauncher;SessionLauncher; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe []
S2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2008-04-25 313840]
S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-25 1120752]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

ComboFix

ComboFix 10-01-30.05 - host 31.01.2010 11:25:23.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3032.2376 [GMT 1:00]
Spuštěný z: c:\documents and settings\host\Plocha\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Outpost Firewall Pro *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-2760998588-1641774525-3870568111-500
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-28 do 2010-01-31 )))))))))))))))))))))))))))))))
.

2010-01-31 10:15 . 2010-01-31 10:15 -------- d-----w- c:\program files\trend micro
2010-01-31 10:15 . 2010-01-31 10:15 -------- d-----w- C:\rsit
2010-01-22 08:20 . 2010-01-22 08:19 35888 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-01-22 08:19 . 2010-01-22 08:19 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-01-22 08:19 . 2010-01-22 08:19 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-01-22 08:19 . 2010-01-22 21:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-22 08:19 . 2010-01-22 08:19 -------- d-----w- c:\program files\Symantec
2010-01-22 08:19 . 2010-01-22 08:19 -------- d-----w- c:\windows\system32\drivers\NIS
2010-01-22 08:19 . 2010-01-22 08:19 -------- d-----w- c:\program files\Norton Internet Security
2010-01-22 08:19 . 2010-01-22 08:19 -------- d-----w- c:\program files\Windows Sidebar
2010-01-15 18:24 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-01-15 18:24 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-14 10:07 . 2010-01-14 10:07 -------- d-----w- c:\program files\Alwil Software
2010-01-14 10:05 . 2010-01-14 09:58 39502856 ----a-w- c:\program files\setupcze.exe
2010-01-13 11:35 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 20:31 . 2009-11-08 10:13 -------- d-----w- c:\program files\Google
2010-01-22 08:19 . 2010-01-22 08:19 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-01-22 08:19 . 2010-01-22 08:19 10635 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-01-19 16:24 . 2009-11-12 15:54 164 ---ha-w- c:\documents and settings\All Users\hpothb07.dat
2009-12-22 19:39 . 2009-12-22 19:39 -------- d-----w- c:\program files\NortonInstaller
2009-12-21 19:08 . 2008-08-06 13:30 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-21 18:21 . 2009-12-21 18:21 -------- d-----w- c:\program files\IObit
2009-12-18 13:48 . 2008-08-06 13:30 82750 ----a-w- c:\windows\system32\perfc005.dat
2009-12-18 13:48 . 2008-08-06 13:30 438070 ----a-w- c:\windows\system32\perfh005.dat
2009-12-17 17:29 . 2009-11-05 19:51 -------- d-----w- c:\program files\ESET
2009-11-21 16:03 . 2008-08-06 13:29 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-14 13:59 . 2009-11-14 13:59 160 ---ha-w- c:\documents and settings\host\hpothb07.dat
2009-11-08 14:56 . 2009-11-08 14:56 1320 ----a-w- c:\windows\Fonts\ALE.FOT
2009-11-07 20:53 . 2009-11-07 20:53 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-11-07 10:44 . 2009-11-07 10:44 0 ----a-w- c:\windows\nsreg.dat
2009-11-06 18:24 . 2008-08-06 03:44 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-06 18:24 . 2008-08-06 03:43 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-11-06 18:23 . 2008-08-06 03:44 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-11-03 19:51 . 2009-11-03 19:51 33536 ----a-w- c:\windows\system32\drivers\tvtfilter.sys
2009-11-03 19:51 . 2009-11-03 19:41 30144 ----a-w- c:\windows\system32\drivers\psadd.sys
2009-11-03 19:51 . 2009-11-03 19:51 7012 ----a-w- c:\windows\system32\drivers\pmemnt.sys
2009-11-03 19:47 . 2009-11-03 19:47 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-11-03 19:29 . 2009-11-03 19:29 125 ----a-w- c:\windows\xUninstall.bat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"Kalendar"="c:\documents and settings\host\Dokumenty\Programy\Kalendar\kalendar.exe" [2005-11-04 579584]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2008-09-23 83240]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"SmartAudio"="c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE" [2008-07-21 2701880]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-10-16 1368064]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-10-16 1191936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-15 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-15 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-15 150040]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-11-24 487424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2008-04-25 244208]
"AMSG"="c:\program files\ThinkVantage\AMSG\Amsg.exe" [2008-12-20 449088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-03 136600]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2009-06-08 433480]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-07-10 188416]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-07 77824]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-08 198160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-18 576104]
Enable Labtec NumPad.lnk - c:\program files\Labtec NumPad\Magickey.exe [2009-11-8 110592]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2008-08-08 10:14 28672 ----a-w- c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SymEFA.sys [22.1.2010 9:19 309296]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [22.1.2010 9:19 254512]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [22.1.2010 9:19 362544]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100128.002\IDSXpx86.sys [30.1.2010 21:22 329592]
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [24.5.2006 11:48 10240]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [5.11.2009 19:14 704384]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [9.5.2008 17:50 46144]
R1 UsbFltr;WayTechMUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [8.11.2009 0:39 8960]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [5.11.2009 19:13 1268040]
R2 FNF5SVC;Fn+F5 Service;c:\program files\Lenovo\HOTKEY\FnF5svc.exe [11.9.2008 7:49 54560]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [22.1.2010 9:19 115560]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [24.11.2008 15:34 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [9.5.2008 17:50 360448]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [5.11.2009 19:13 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [5.11.2009 19:14 257432]
R3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [5.11.2009 19:14 33920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [31.1.2010 2:00 102448]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [3.11.2009 20:29 97536]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.2.2008 15:54 37312]
S2 gupdate1ca605c1c7828d8;Služba Google Update (gupdate1ca605c1c7828d8);c:\program files\Google\Update\GoogleUpdate.exe [8.11.2009 11:13 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [25.4.2008 8:18 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [25.4.2008 8:16 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [25.4.2008 8:15 166384]
S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [25.4.2008 8:18 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [25.4.2008 8:15 1120752]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-31 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]

2010-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 10:13]

2010-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 10:13]

2009-11-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2008-12-12 23:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {693F261E-DC72-433F-8C2B-253DA44C2341} = 194.228.41.65,194.228.41.113
TCP: {BBBD96CD-E48F-4B78-949E-ADF18999A4E5} = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search Powered by Google
FF - prefs.js: browser.startup.homepage - http://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=2&q=
FF - component: c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\components\FFExternalAlert.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-hp deskjet 3320 series - c:\program files\hp deskjet 3320 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=\\MARTIN\Tiskárna2 -vproduct=3320 -huninstall



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-31 11:33
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1728)
c:\program files\Lenovo\HOTKEY\tphklock.dll

- - - - - - - > 'explorer.exe'(5936)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Lenovo\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\program files\Lenovo\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Lenovo\PMDriver\PMSveH.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\lenovo\system update\suservice.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Apoint2K\Apntex.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-01-31 11:37:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-31 10:37

Před spuštěním: Volných bajtů: 279 258 644 480
Po spuštění: Volných bajtů: 278 872 006 656

- - End Of File - - 3A5E25274446D93D12201CABEE50054D

[petypety]

Jen dodám, že není problém v síťtové kartě, odzkoušeno i přes wifi a situace je shodná.

Předem díky za rady.

[Roli]

Zdravím, nejdříve by bylo dobré si ujasnit co s takovím množstvím zabezpečením.

Máš tam nějaké zbytky po Avastu a NODu, to můžeme společně smazat.

Dva firewalli, jeden v Norton Internet Security a druhý je Outpost Firewall.

Proto možná jsou ty problémy s komunikací.

Tak že písni co z toho budeš používat.

[petypety]

určitě Outpost, NIS tam byl jako zkušební verze z výroby

[Roli]

Tak že Norton Internet Security přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !


Pak nainstaluj nějaký free antivir a dej mi sem nový log z ComboFix.

[petypety]

NIS odinstalován, CCleaner použit dle zadání, nainstalována zkušební verze NOD32

LOG

ComboFix 10-01-30.05 - host 31.01.2010 20:06:23.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3032.2222 [GMT 1:00]
Spuštěný z: c:\documents and settings\host\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Outpost Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-28 do 2010-01-31 )))))))))))))))))))))))))))))))
.

2010-01-31 18:44 . 2010-01-31 18:44 -------- d-----w- c:\windows\LastGood
2010-01-31 18:15 . 2010-01-31 18:15 -------- d-----w- C:\zaloha reg
2010-01-31 18:11 . 2010-01-31 18:11 -------- d-----w- c:\program files\CCleaner
2010-01-31 10:15 . 2010-01-31 10:15 -------- d-----w- c:\program files\trend micro
2010-01-31 10:15 . 2010-01-31 10:15 -------- d-----w- C:\rsit
2010-01-15 18:24 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-01-15 18:24 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-14 10:07 . 2010-01-14 10:07 -------- d-----w- c:\program files\Alwil Software
2010-01-14 10:05 . 2010-01-14 09:58 39502856 ----a-w- c:\program files\setupcze.exe
2010-01-13 11:35 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 20:31 . 2009-11-08 10:13 -------- d-----w- c:\program files\Google
2010-01-19 16:24 . 2009-11-12 15:54 164 ---ha-w- c:\documents and settings\All Users\hpothb07.dat
2009-12-21 19:08 . 2008-08-06 13:30 916480 ------w- c:\windows\system32\wininet.dll
2009-12-21 18:21 . 2009-12-21 18:21 -------- d-----w- c:\program files\IObit
2009-12-18 13:48 . 2008-08-06 13:30 82750 ----a-w- c:\windows\system32\perfc005.dat
2009-12-18 13:48 . 2008-08-06 13:30 438070 ----a-w- c:\windows\system32\perfh005.dat
2009-12-17 17:29 . 2009-11-05 19:51 -------- d-----w- c:\program files\ESET
2009-11-21 16:03 . 2008-08-06 13:29 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-16 08:06 . 2009-11-16 08:06 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-14 13:59 . 2009-11-14 13:59 160 ---ha-w- c:\documents and settings\host\hpothb07.dat
2009-11-08 14:56 . 2009-11-08 14:56 1320 ----a-w- c:\windows\Fonts\ALE.FOT
2009-11-07 20:53 . 2009-11-07 20:53 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-11-07 10:44 . 2009-11-07 10:44 0 ----a-w- c:\windows\nsreg.dat
2009-11-06 18:24 . 2008-08-06 03:44 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-06 18:24 . 2008-08-06 03:43 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-11-06 18:23 . 2008-08-06 03:44 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-11-03 19:51 . 2009-11-03 19:51 33536 ----a-w- c:\windows\system32\drivers\tvtfilter.sys
2009-11-03 19:51 . 2009-11-03 19:41 30144 ----a-w- c:\windows\system32\drivers\psadd.sys
2009-11-03 19:51 . 2009-11-03 19:51 7012 ----a-w- c:\windows\system32\drivers\pmemnt.sys
2009-11-03 19:47 . 2009-11-03 19:47 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-11-03 19:29 . 2009-11-03 19:29 125 ----a-w- c:\windows\xUninstall.bat
.

((((((((((((((((((((((((((((( SnapShot@2010-01-31_10.33.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-31 17:54 . 2010-01-31 17:54 16384 c:\windows\Temp\Perflib_Perfdata_350.dat
+ 2010-01-31 18:44 . 2010-01-31 18:44 10134 c:\windows\Installer\{621EB5F7-B871-47C0-AB53-E1376E71D858}\callmsi.exe
+ 2010-01-31 18:44 . 2010-01-31 18:44 101480 c:\windows\Installer\{621EB5F7-B871-47C0-AB53-E1376E71D858}\egui.exe
+ 2010-01-31 18:44 . 2010-01-31 18:44 1138176 c:\windows\Installer\2e43f1.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"Kalendar"="c:\documents and settings\host\Dokumenty\Programy\Kalendar\kalendar.exe" [2005-11-04 579584]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2008-09-23 83240]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"SmartAudio"="c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE" [2008-07-21 2701880]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-10-16 1368064]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-10-16 1191936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-15 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-15 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-15 150040]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-11-24 487424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2008-04-25 244208]
"AMSG"="c:\program files\ThinkVantage\AMSG\Amsg.exe" [2008-12-20 449088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-03 136600]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2009-06-08 433480]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-07-10 188416]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-07 77824]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-08 198160]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-06-09 1227080]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-18 576104]
Enable Labtec NumPad.lnk - c:\program files\Labtec NumPad\Magickey.exe [2009-11-8 110592]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2008-08-08 10:14 28672 ----a-w- c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 9:06 96408]
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [24.5.2006 11:48 10240]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [5.11.2009 19:14 704384]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [9.5.2008 17:50 46144]
R1 UsbFltr;WayTechMUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [8.11.2009 0:39 8960]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [5.11.2009 19:13 1268040]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 9:04 735960]
R2 FNF5SVC;Fn+F5 Service;c:\program files\Lenovo\HOTKEY\FnF5svc.exe [11.9.2008 7:49 54560]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [24.11.2008 15:34 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [9.5.2008 17:50 360448]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [5.11.2009 19:13 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [5.11.2009 19:14 257432]
R3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [5.11.2009 19:14 33920]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [3.11.2009 20:29 97536]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.2.2008 15:54 37312]
S2 gupdate1ca605c1c7828d8;Služba Google Update (gupdate1ca605c1c7828d8);c:\program files\Google\Update\GoogleUpdate.exe [8.11.2009 11:13 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [25.4.2008 8:18 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [25.4.2008 8:16 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [25.4.2008 8:15 166384]
S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [25.4.2008 8:18 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [25.4.2008 8:15 1120752]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - EKRN
.
Obsah adresáře 'Naplánované úlohy'

2010-01-31 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]

2010-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 10:13]

2010-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 10:13]

2009-11-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2008-12-12 23:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {693F261E-DC72-433F-8C2B-253DA44C2341} = 194.228.41.65,194.228.41.113
TCP: {BBBD96CD-E48F-4B78-949E-ADF18999A4E5} = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search Powered by Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=2&q=
FF - component: c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\components\FFExternalAlert.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-31 20:14
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1224)
c:\program files\Lenovo\HOTKEY\tphklock.dll

- - - - - - - > 'explorer.exe'(484)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-01-31 20:19:10
ComboFix-quarantined-files.txt 2010-01-31 19:19
ComboFix2.txt 2010-01-31 10:37

Před spuštěním: Volných bajtů: 280 292 536 320
Po spuštění: Volných bajtů: 280 244 330 496

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 1DB0FDD050A024632F0829703EC77A96

zatím je to stejné, mám problém se psaním i tohoto textu
trochu mě udivuje, že stále bliká kontrolka disku

[petypety]

doufám, že se na mě nezapomene, přesto to radši posouvám výš

[Roli]

doufám, že se na mě nezapomene, přesto to radši posouvám výš

Nezapomenu, jakmile odpovíš vím o tom jen tu nejsem celý den a tím že to posuneš to neurychlíš.


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::
c:\program files\Alwil Software

FireFox::
FF - ProfilePath - c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[petypety]

Je mi to jasné, proto ta PM

Jen jsem měl trochu strach, když jsem viděl to množství toppiců.
Za to Vám všem, kteří pomáháte, velký dík.

Log bude za chvilinku

[petypety]

ComboFix 10-02-01.02 - host 01.02.2010 21:20:13.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3032.2205 [GMT 1:00]
Spuštěný z: c:\documents and settings\host\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\host\Plocha\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Outpost Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Alwil Software
c:\program files\Alwil Software\Avast4\Setup\setup.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-01 do 2010-02-01 )))))))))))))))))))))))))))))))
.

2010-01-31 18:15 . 2010-01-31 18:15 -------- d-----w- C:\zaloha reg
2010-01-31 18:11 . 2010-01-31 18:11 -------- d-----w- c:\program files\CCleaner
2010-01-31 10:15 . 2010-01-31 10:15 -------- d-----w- c:\program files\trend micro
2010-01-31 10:15 . 2010-01-31 10:15 -------- d-----w- C:\rsit
2010-01-15 18:24 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-01-15 18:24 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-14 10:05 . 2010-01-14 09:58 39502856 ----a-w- c:\program files\setupcze.exe
2010-01-13 11:35 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 20:31 . 2009-11-08 10:13 -------- d-----w- c:\program files\Google
2010-01-19 16:24 . 2009-11-12 15:54 164 ---ha-w- c:\documents and settings\All Users\hpothb07.dat
2009-12-21 19:08 . 2008-08-06 13:30 916480 ------w- c:\windows\system32\wininet.dll
2009-12-21 18:21 . 2009-12-21 18:21 -------- d-----w- c:\program files\IObit
2009-12-18 13:48 . 2008-08-06 13:30 82750 ----a-w- c:\windows\system32\perfc005.dat
2009-12-18 13:48 . 2008-08-06 13:30 438070 ----a-w- c:\windows\system32\perfh005.dat
2009-12-17 17:29 . 2009-11-05 19:51 -------- d-----w- c:\program files\ESET
2009-11-21 16:03 . 2008-08-06 13:29 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-16 08:06 . 2009-11-16 08:06 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-14 13:59 . 2009-11-14 13:59 160 ---ha-w- c:\documents and settings\host\hpothb07.dat
2009-11-08 14:56 . 2009-11-08 14:56 1320 ----a-w- c:\windows\Fonts\ALE.FOT
2009-11-07 20:53 . 2009-11-07 20:53 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-11-07 10:44 . 2009-11-07 10:44 0 ----a-w- c:\windows\nsreg.dat
2009-11-06 18:24 . 2008-08-06 03:44 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-06 18:24 . 2008-08-06 03:43 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-11-06 18:23 . 2008-08-06 03:44 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
.

((((((((((((((((((((((((((((( SnapShot@2010-01-31_10.33.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-01 13:32 . 2010-02-01 13:32 16384 c:\windows\Temp\Perflib_Perfdata_460.dat
+ 2010-01-31 18:44 . 2010-01-31 18:44 10134 c:\windows\Installer\{621EB5F7-B871-47C0-AB53-E1376E71D858}\callmsi.exe
+ 2010-01-31 18:44 . 2010-01-31 18:44 101480 c:\windows\Installer\{621EB5F7-B871-47C0-AB53-E1376E71D858}\egui.exe
+ 2010-01-31 18:44 . 2010-01-31 18:44 1138176 c:\windows\Installer\2e43f1.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"Kalendar"="c:\documents and settings\host\Dokumenty\Programy\Kalendar\kalendar.exe" [2005-11-04 579584]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2008-09-23 83240]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"SmartAudio"="c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE" [2008-07-21 2701880]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-10-16 1368064]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-10-16 1191936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-15 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-15 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-15 150040]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-11-24 487424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2008-04-25 244208]
"AMSG"="c:\program files\ThinkVantage\AMSG\Amsg.exe" [2008-12-20 449088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-03 136600]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2009-06-08 433480]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-07-10 188416]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-07 77824]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-08 198160]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-06-09 1227080]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-18 576104]
Enable Labtec NumPad.lnk - c:\program files\Labtec NumPad\Magickey.exe [2009-11-8 110592]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2008-08-08 10:14 28672 ----a-w- c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 9:06 96408]
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [24.5.2006 11:48 10240]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [5.11.2009 19:14 704384]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [9.5.2008 17:50 46144]
R1 UsbFltr;WayTechMUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [8.11.2009 0:39 8960]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [5.11.2009 19:13 1268040]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 9:04 735960]
R2 FNF5SVC;Fn+F5 Service;c:\program files\Lenovo\HOTKEY\FnF5svc.exe [11.9.2008 7:49 54560]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [24.11.2008 15:34 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [9.5.2008 17:50 360448]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [5.11.2009 19:13 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [5.11.2009 19:14 257432]
R3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [5.11.2009 19:14 33920]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [3.11.2009 20:29 97536]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.2.2008 15:54 37312]
S2 gupdate1ca605c1c7828d8;Služba Google Update (gupdate1ca605c1c7828d8);c:\program files\Google\Update\GoogleUpdate.exe [8.11.2009 11:13 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [25.4.2008 8:18 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [25.4.2008 8:16 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [25.4.2008 8:15 166384]
S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [25.4.2008 8:18 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [25.4.2008 8:15 1120752]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-01 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]

2010-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 10:13]

2010-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 10:13]

2009-11-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2008-12-12 23:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {693F261E-DC72-433F-8C2B-253DA44C2341} = 194.228.41.65,194.228.41.113
TCP: {BBBD96CD-E48F-4B78-949E-ADF18999A4E5} = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\
FF - prefs.js: browser.search.selectedEngine - Search Powered by Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - component: c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\host\Data aplikací\Mozilla\Firefox\Profiles\0guc88zn.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\components\FFExternalAlert.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-01 21:24
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1236)
c:\program files\Lenovo\HOTKEY\tphklock.dll
.
Celkový čas: 2010-02-01 21:30:10
ComboFix-quarantined-files.txt 2010-02-01 20:30
ComboFix2.txt 2010-01-31 19:19
ComboFix3.txt 2010-01-31 10:37

Před spuštěním: Volných bajtů: 280 623 210 496
Po spuštění: Volných bajtů: 280 578 179 072

- - End Of File - - 370B26E8CF6100FB799B658F36B30153

[petypety]

zatím nepozoruji žádnou změnu - tedy pokud už mělo k nějaké dojít

[Roli]

Nepořádek je smazán nyní přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Pak ještě použij Cure It z mého podpisu.

[petypety]

Tak ComboFix jsem odinstaloval, nahodil Cure It - bez nálezu při expresním testu.
Ještě jsem pustil kompletní test, ale ten bude trvat.

[petypety]

Takže ani kompletní sken nic nenašel.

[Roli]

To znamená že šmejdem to nebude, tak že bych se podíval do nastavení firewallu a případně routru přes který to vše jede.

Také by nebylo na škodu defragmentovat disk buď integrovaným windows nástrojem,

nebo jinou aplikací, například Defragglerem