VIRY.CZ

Logfile of random's system information tool 1.06 (written by random/random)
Run by Nicole at 2010-02-01 14:38:40
Systém Microsoft Windows XP Professional Service Pack 2
System drive F: has 9 GB (28%) free of 31 GB
Total RAM: 255 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:41:50, on 1.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\SYSTEM32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\LEXBCES.EXE
F:\WINDOWS\system32\LEXPPS.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\RunDll32.exe
F:\WINDOWS\VM_STI.EXE
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Common Files\Symantec Shared\ccApp.exe
F:\WINDOWS\system32\ctfmon.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
F:\Program Files\Symantec\LiveUpdate\luall.exe
F:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
F:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
F:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
F:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
F:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
F:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
F:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
F:\Documents and Settings\Nicole\Desktop\RSIT.exe
F:\Program Files\trend micro\Nicole.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - F:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6747781e-d68c-420e-a8ce-590484cd5d9d} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Zobrazit panel nástrojů Norton - {90222687-F593-4738-B738-FBEE9C7B26DF} - F:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BigDogPath] F:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "F:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "F:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "F:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://rimmel.ai-media.com/save/makeover.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.tikgames.com/games/en/shapo/shapo.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://217.119.120.186/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5652D06-BC1F-4C77-91B3-887C0CAF0F8E}: NameServer = 217.118.96.203,217.118.96.205
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - F:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - F:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - F:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Zdravím

Na logu se pracuje, prosím o strpení.

diky, cakam

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
- Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
- Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.

OK

Zavřít

Defragmentujte disk.

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary

Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrází stránka s licenčnímy podmínkami, pokračujte stisknutím tlačítka "Ano"

Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna

Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.

Během skenování může být počítač restartován.

diky, Ccleaner hotovo...
ako vypnem Norton antivirus pls?

Otevřete si Norton antivirus a u všech položek nastavte "Vypnuto"

ComboFix 10-01-31.05 - Nicole 01.02.2010 16:31:09.1.1 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.255.108 [GMT 1:00]
Running from: f:\documents and settings\Nicole\Desktop\ComboFix.exe
AV: Norton 360 *On-access scanning disabled* (Outdated) {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton 360 *enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

f:\program files\screensavers.com
f:\program files\screensavers.com\Installer\bin\iebyterange.xml
f:\program files\screensavers.com\Installer\bin\iebyterange.xml.backup
f:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Files Created from 2010-01-01 to 2010-02-01 )))))))))))))))))))))))))))))))
.

2010-02-01 13:39 . 2010-02-01 13:39 -------- d-----w- f:\program files\trend micro
2010-02-01 13:38 . 2010-02-01 13:38 -------- d-----w- F:\rsit
2010-01-29 17:07 . 2010-01-29 17:07 -------- d-----w- F:\FOUND.068
2010-01-21 14:05 . 2010-01-21 14:05 -------- d-----w- F:\e7a4227da19cc23ce412118d656268a4
2010-01-19 20:48 . 2010-01-19 20:48 -------- d-----w- F:\FOUND.067
2010-01-19 20:42 . 2010-01-19 20:42 -------- d-----w- F:\1d6833dc9973cf35c235e38f2e53
2010-01-19 20:38 . 2010-01-19 20:39 -------- d-----w- f:\windows\system32\XPSViewer
2010-01-19 20:38 . 2010-01-19 20:38 -------- d-----w- f:\program files\MSBuild
2010-01-19 20:38 . 2010-01-19 20:38 -------- d-----w- f:\program files\Reference Assemblies
2010-01-19 20:38 . 2008-07-06 12:06 89088 ----a-w- f:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-19 20:37 . 2008-07-06 12:06 89088 ------w- f:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-19 20:37 . 2008-07-06 12:06 117760 ------w- f:\windows\system32\prntvpt.dll
2010-01-19 20:37 . 2008-07-06 10:50 597504 ------w- f:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-19 20:37 . 2008-07-06 10:50 597504 ------w- f:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-19 20:37 . 2008-07-06 12:06 575488 ------w- f:\windows\system32\xpsshhdr.dll
2010-01-19 20:37 . 2008-07-06 12:06 575488 ------w- f:\windows\system32\dllcache\xpsshhdr.dll
2010-01-19 20:37 . 2008-07-06 12:06 1676288 ------w- f:\windows\system32\xpssvcs.dll
2010-01-19 20:37 . 2008-07-06 12:06 1676288 ------w- f:\windows\system32\dllcache\xpssvcs.dll
2010-01-19 20:37 . 2010-01-19 20:37 -------- d-----w- F:\a224f6fbba1c2f660a65d4
2010-01-19 20:32 . 2010-01-19 20:32 -------- d-----w- f:\program files\MSXML 6.0
2010-01-18 17:29 . 2008-07-30 16:42 23888 ----a-w- f:\windows\system32\drivers\COH_Mon.sys
2010-01-18 08:15 . 2010-01-18 08:15 -------- d-----w- F:\2165af0d5943eac054c1
2010-01-18 08:14 . 2010-01-18 08:14 -------- d-----w- F:\1e745368bdd51ef13ff91764ac1470
2010-01-17 17:41 . 2010-01-17 17:41 -------- d-----w- F:\FOUND.066
2010-01-17 10:09 . 2010-01-17 10:09 -------- d-----w- F:\FOUND.065
2010-01-16 20:06 . 2010-01-16 20:06 -------- d-----w- F:\3e485c95dc3af7fc62c5019dd3dae5
2010-01-16 20:04 . 2010-01-16 20:04 -------- d-----w- F:\63c20c2f96c572ebeecac865
2010-01-16 19:50 . 2010-01-16 19:50 -------- d-----w- F:\FOUND.064
2010-01-15 18:00 . 2010-01-15 18:00 -------- d-----w- f:\documents and settings\Nicole\Application Data\Symantec
2010-01-15 17:12 . 2010-01-15 17:12 -------- d-----w- F:\N360_BACKUP
2010-01-15 17:05 . 2010-01-15 17:05 -------- d-----w- f:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2010-01-15 16:26 . 2010-01-15 16:26 -------- d-----w- f:\program files\Norton 360
2010-01-15 16:22 . 2010-01-15 17:08 60808 ----a-w- f:\windows\system32\S32EVNT1.DLL
2010-01-15 16:22 . 2010-01-15 17:08 124464 ----a-w- f:\windows\system32\drivers\SYMEVENT.SYS
2010-01-15 16:18 . 2010-01-15 16:18 -------- d-----w- f:\program files\Symantec
2010-01-15 16:18 . 2010-01-15 16:18 -------- d-----w- f:\documents and settings\All Users\Application Data\Symantec
2010-01-15 16:17 . 2010-01-15 16:17 -------- d-----w- f:\program files\Common Files\Symantec Shared
2010-01-14 09:50 . 2010-01-14 09:50 -------- d-----w- f:\windows\ServicePackFiles
2010-01-13 20:04 . 2010-01-13 20:04 -------- d-----w- F:\FOUND.063
2010-01-13 18:12 . 2010-01-13 18:12 -------- d-----w- F:\FOUND.062
2010-01-13 17:15 . 2010-01-13 17:15 -------- d-----w- f:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-01-07 14:39 . 2010-01-07 14:39 -------- d-----w- f:\documents and settings\Nicole\Local Settings\Application Data\ESET

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-01 14:37 . 2005-02-11 14:06 29488 ----a-w- f:\documents and settings\Nicole\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-15 17:08 . 2010-01-15 16:22 806 ----a-w- f:\windows\system32\drivers\SYMEVENT.INF
2010-01-15 17:08 . 2010-01-15 16:22 10635 ----a-w- f:\windows\system32\drivers\SYMEVENT.CAT
2009-12-22 05:42 . 2004-08-03 23:56 662016 ----a-w- f:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-03 23:56 81920 ----a-w- f:\windows\system32\ieencode.dll
2009-12-06 16:10 . 2009-12-06 16:10 -------- d-----w- f:\documents and settings\All Users\Application Data\TERMINAL Studio
2009-11-21 16:36 . 2004-08-03 23:56 470528 ----a-w- f:\windows\AppPatch\AcLayers.dll
2009-11-07 08:44 . 2009-11-07 08:44 411368 ----a-w- f:\windows\system32\deploytk.dll
2009-11-07 08:42 . 2009-11-07 08:42 152576 ----a-w- f:\documents and settings\Nicole\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BigDogPath"="f:\windows\VM_STI.EXE" [2004-06-09 40960]
"SunJavaUpdateSched"="f:\program files\Java\jre6\bin\jusched.exe" [2009-11-07 149280]
"ccApp"="f:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-07-17 116072]
"Symantec PIF AlertEng"="f:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\System32\CTFMON.EXE" [2004-08-03 15360]

f:\documents and settings\All Users\Ponuka ćtart\Programy\Pri spustenˇ\
Microsoft Office.lnk - f:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Ponuka Štart^Programy^Pri spustení^Adobe Reader Speed Launch.lnk]
path=f:\documents and settings\All Users\Ponuka Štart\Programy\Pri spustení\Adobe Reader Speed Launch.lnk
backup=f:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
2007-02-08 19:43 95800 ----a-w- f:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
2006-01-27 04:37 421888 ----a-w- f:\program files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\WINDOWS\\System32\\dpvsetup.exe"=
"f:\\Program Files\\Messenger\\msmsgs.exe"=
"f:\\Program Files\\Morpheus\\Morpheus.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\WINDOWS\\System32\\LEXPPS.EXE"=
"f:\\Program Files\\TAXI MADNESS LONDON\\LONDON.exe"=
"f:\\WINDOWS\\System32\\dpnsvr.exe"=
"f:\\WINDOWS\\System32\\ftp.exe"=

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;f:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [15.1.2010 18:21 102448]
R3 ZSMC302;VIMICRO USB PC Camera;f:\windows\system32\drivers\usbVM31b.sys [26.8.2005 12:20 91263]
S2 Ca536av;4.0M MPEG4 DV Video Capture;f:\windows\system32\drivers\Ca536av.sys [15.6.2004 17:07 514155]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;f:\windows\system32\DRIVERS\CnxEtP.sys --> f:\windows\system32\DRIVERS\CnxEtP.sys [?]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;f:\windows\system32\DRIVERS\CnxEtU.sys --> f:\windows\system32\DRIVERS\CnxEtU.sys [?]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;f:\windows\system32\DRIVERS\CnxTgNP.sys --> f:\windows\system32\DRIVERS\CnxTgNP.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - f:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {C5652D06-BC1F-4C77-91B3-887C0CAF0F8E} = 217.118.96.203,217.118.96.205
DPF: DirectAnimation Java Classes - file://f:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://f:\windows\Java\classes\xmldso.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://217.119.120.186/activex/AMC.cab
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl
AddRemove-Pracovní kalendáo - f:\program files\Pracovní kalendáo\Uninstal.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-01 16:40
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-02-01 16:44:48
ComboFix-quarantined-files.txt 2010-02-01 15:44

Pre-Run: 8 983 068 672 bytes free
Post-Run: 9 044 525 056 voľných bajtov

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Jak to vypadá s PC

Je to stale pomale.
Este skusim restart.
Ccleaner pouzivam casto.

OK, restartujte PC a potom:

Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

- Nainstalujte, dejte úplný sken.
- Nic nemažte

MBAM má občas falešné detekce
- Log vložte sem

Dejte log z RSIT http://www.viry.cz/forum/viewtopic.php?f=30&t=82744

VIRY.CZ

prosim o kontrolu logu - spomaleny PC

prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC

Re: prosim o kontrolu logu - spomaleny PC