VIRY.CZ

Dobrý den, prosím o pomoct. Antivirový program Avira nasel virus TR/Rootkit.Gen, který nelze odstaranit. Po zapnutí počítače se mi zasekne dolní lišta minimálně na 30 minut. Nefunguje mi zvuk. děkuju za pomoc

Zdravim,

Stahnete RSIT ,

spustte, kliknete na continue, po dokonceni by se mel otevrit textovy soubor - pokud se tak

nestane, nachazi se zde: C:\rsit\log.txt.Obsah logu vlozte sem.V pripade nejasnosti navod

zde

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomáš at 2010-03-07 19:27:35
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 11 GB (55%) free of 20 GB
Total RAM: 503 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:02, on 7.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tomáš\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Tomáš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O24 - Desktop Component 1: Frekvence 1 - http://www.frekvence1.cz/cs/webova_radi ... 2_ad.shtml

--
End of file - 6976 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_PENTIUM_Tomáš.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Soldat\Soldat.exe"="C:\Soldat\Soldat.exe:*:Enabled:Soldat"
"C:\Program Files\Metin2_TESTER\metin2.bin"="C:\Program Files\Metin2_TESTER\metin2.bin:*:Enabled:metin2"
"D:\hry\Enemy Territory\ET.exe"="D:\hry\Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Documents and Settings\Tomáš\Plocha\FOGDownloaderEN-RunesOfMagic.exe"="C:\Documents and Settings\Tomáš\Plocha\FOGDownloaderEN-RunesOfMagic.exe:*:Enabled:FOG Downloader"
"D:\game hry\TrackMania Nations ESWC\TmNationsESWC.exe"="D:\game hry\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\game hry\Wolfenstein - Enemy Territory\ET.exe"="D:\game hry\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\game hry\Wolfenstein - Enemy Territory\Wolfenstein - Enemy Territory\ET.exe"="D:\game hry\Wolfenstein - Enemy Territory\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======List of files/folders created in the last 1 months======

2010-03-07 19:27:36 ----D---- C:\Program Files\trend micro
2010-03-07 19:27:35 ----D---- C:\rsit
2010-03-07 17:17:09 ----D---- C:\WINDOWS\LastGood
2010-03-07 11:07:28 ----D---- C:\Program Files\ESET
2010-03-06 23:18:41 ----D---- C:\Program Files\Common Files\Eye 312
2010-03-06 23:18:41 ----A---- C:\WINDOWS\system32\Remover.ini
2010-03-06 23:18:41 ----A---- C:\WINDOWS\system32\Remove.exe
2010-03-06 23:18:33 ----A---- C:\WINDOWS\system32\SP7302.ini
2010-03-06 23:18:32 ----D---- C:\WINDOWS\PixArt
2010-03-06 23:18:32 ----D---- C:\Program Files\Common Files\Pac7302
2010-03-06 23:18:32 ----A---- C:\WINDOWS\system32\P7302USD.dll
2010-03-06 18:41:52 ----D---- C:\Program Files\Avira
2010-03-06 18:41:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-03-01 20:15:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-02-24 23:18:31 ----D---- C:\Program Files\Easy Video Downloader
2010-02-11 18:06:13 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-11 18:05:48 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-02-10 23:31:48 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 months======

2010-03-07 19:27:40 ----D---- C:\WINDOWS\Prefetch
2010-03-07 19:27:36 ----RD---- C:\Program Files
2010-03-07 19:07:49 ----D---- C:\WINDOWS\Temp
2010-03-07 18:11:16 ----D---- C:\Program Files\Mozilla Firefox
2010-03-07 18:07:39 ----D---- C:\WINDOWS\Help
2010-03-07 17:17:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-07 17:17:09 ----D---- C:\WINDOWS
2010-03-07 15:18:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-07 11:49:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-07 11:05:40 ----D---- C:\Program Files\AskBarDis
2010-03-06 23:39:45 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\Skype
2010-03-06 23:21:38 ----A---- C:\WINDOWS\win.ini
2010-03-06 23:21:00 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-06 23:20:44 ----D---- C:\WINDOWS\system32\drivers
2010-03-06 23:19:05 ----HD---- C:\WINDOWS\inf
2010-03-06 23:18:41 ----D---- C:\WINDOWS\system32
2010-03-06 23:18:41 ----D---- C:\Program Files\Common Files
2010-03-06 23:18:33 ----D---- C:\WINDOWS\twain_32
2010-03-06 19:25:03 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\skypePM
2010-03-06 18:40:34 ----SHD---- C:\WINDOWS\Installer
2010-03-06 18:40:33 ----HD---- C:\Config.Msi
2010-03-06 18:40:33 ----D---- C:\WINDOWS\WinSxS
2010-03-06 18:38:07 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-03-06 17:56:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-06 11:18:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-05 20:14:30 ----D---- C:\WINDOWS\system32\Restore
2010-03-01 21:26:13 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-01 20:15:12 ----D---- C:\Program Files\Alwil Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-04-21 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-05-07 201440]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-05-06 2785582]

-----------------EOF-----------------

Odinstalujte Spybot a nahradte jej napr. Spyware Terminatorem - Spybot ma zastarale jadro.

otestujte na VIRUSTOTALu

C:\WINDOWS\system32\GameMon.des.exe

C:\WINDOWS\system32\GameMon.des

C:\WINDOWS\system32\Remover.ini

C:\WINDOWS\system32\Remove.exe

(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; dejte skenerum nejakych deset minut; vysledek sem vlozte)

Pokud skener napíše, že soubor již byl testován, dejte otestovat znovu.

spybot sem odinstaloval včera. zkoušel sem odebrání programů ale tam se mi to neukazalo. Kontrolu sem jiz provedl, budete chtit zaslat vysledky hledaní tech viru?

jedine co sem nenasel byl soubor C:\WINDOWS\system32\GameMon.des.exe

Vlozte sem linky na ty vysledky tech testu.

ja sem to kopiroval

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.07 -
AhnLab-V3 5.0.0.2 2010.03.07 -
AntiVir 8.2.1.180 2010.03.05 -
Antiy-AVL 2.0.3.7 2010.03.05 -
Authentium 5.2.0.5 2010.03.06 -
Avast 4.8.1351.0 2010.03.07 -
Avast5 5.0.332.0 2010.03.07 -
AVG 9.0.0.787 2010.03.07 -
BitDefender 7.2 2010.03.07 -
CAT-QuickHeal 10.00 2010.03.06 -
ClamAV 0.96.0.0-git 2010.03.06 Trojan.SDBot-12167
Comodo 4091 2010.02.28 Heur.Pck.Themida
DrWeb 5.0.1.12222 2010.03.07 -
eSafe 7.0.17.0 2010.03.04 -
eTrust-Vet 35.2.7342 2010.03.05 -
F-Prot 4.5.1.85 2010.03.06 -
F-Secure 9.0.15370.0 2010.03.07 -
Fortinet 4.0.14.0 2010.03.07 -
GData 19 2010.03.07 -
Ikarus T3.1.1.80.0 2010.03.07 -
Jiangmin 13.0.900 2010.03.07 -
K7AntiVirus 7.10.990 2010.03.04 -
Kaspersky 7.0.0.125 2010.03.07 -
McAfee 5912 2010.03.06 -
McAfee+Artemis 5912 2010.03.06 Artemis!3C6B91E0AF1F
McAfee-GW-Edition 6.8.5 2010.03.07 -
Microsoft 1.5502 2010.03.07 -
NOD32 4922 2010.03.07 -
Norman 6.04.08 2010.03.07 SDBot.gen8
nProtect 2009.1.8.0 2010.03.07 -
Panda 10.0.2.2 2010.03.07 Suspicious file
PCTools 7.0.3.5 2010.03.04 -
Prevx 3.0 2010.03.07 -
Rising 22.37.06.04 2010.03.07 -
Sophos 4.51.0 2010.03.07 -
Sunbelt 5780 2010.03.07 -
Symantec 20091.2.0.41 2010.03.07 -
TheHacker 6.5.1.9.223 2010.03.07 -
TrendMicro 9.120.0.1004 2010.03.07 -
VBA32 3.12.12.2 2010.03.05 -
ViRobot 2010.3.5.2214 2010.03.05 -
VirusBuster 5.0.27.0 2010.03.06 Packed/Themida
Rozšiřující informace
File size: 2785582 bytes
MD5...: 3c6b91e0af1fa0c6585565e868629f5e
SHA1..: 24818029591bc8500945260e6d9a712eff289ea7
SHA256: a282fdbbdf22b2b66f72d25ba212732507d32ffc326e5ca049397f927e90be52
ssdeep: 49152:A57HxYahgc0vE6MGZzJ2gKWaMbwxREb307T8sgfVrcd5fOIajHCw5uSK:A
5jV90vBLaMbg+g8sgNrcb2rjHluH
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xd6014
timedatestamp.....: 0x49fe4c7d (Mon May 04 02:01:33 2009)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0xd2000 0x74000 7.97 9d5bea6688416ef080cbe576db3213bf
.rsrc 0xd3000 0x1c10 0x1000 6.66 14aeed7919cbc165f92e273d9daf2f4a
.idata 0xd5000 0x1000 0x1000 0.24 e7360cce5d1d1ceb80d7440627564bf6
Themida 0xd6000 0x46d000 0x1ed000 7.84 2e11a1b86fa2e31abdd3ee435712dfc5

( 2 imports )
> KERNEL32.dll: CreateFileA, ExitProcess
> COMCTL32.dll: InitCommonControls

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: INCA Internet Co., Ltd.
copyright....: Copyright _ 2000-2007 INCA Internet
product......: nProtect Game Monitor
description..: nProtect Game Monitor Rev 1315
original name: GameMon.des
internal name: GameMon
file version.: 2009, 5, 4, 1
comments.....: nProtect Game Monitor
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): Themida

Soubor Remove.exe přijatý 2010.03.07 19:02:49 (UTC)
Současný stav: Dokončeno
Výsledek: 0/42 (0%)
Formátované
Vytisknout výsledky
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.

Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.07 -
AhnLab-V3 5.0.0.2 2010.03.07 -
AntiVir 8.2.1.180 2010.03.05 -
Antiy-AVL 2.0.3.7 2010.03.05 -
Authentium 5.2.0.5 2010.03.06 -
Avast 4.8.1351.0 2010.03.07 -
Avast5 5.0.332.0 2010.03.07 -
AVG 9.0.0.787 2010.03.07 -
BitDefender 7.2 2010.03.07 -
CAT-QuickHeal 10.00 2010.03.06 -
ClamAV 0.96.0.0-git 2010.03.06 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.07 -
eSafe 7.0.17.0 2010.03.04 -
eTrust-Vet 35.2.7342 2010.03.05 -
F-Prot 4.5.1.85 2010.03.06 -
F-Secure 9.0.15370.0 2010.03.07 -
Fortinet 4.0.14.0 2010.03.07 -
GData 19 2010.03.07 -
Ikarus T3.1.1.80.0 2010.03.07 -
Jiangmin 13.0.900 2010.03.07 -
K7AntiVirus 7.10.990 2010.03.04 -
Kaspersky 7.0.0.125 2010.03.07 -
McAfee 5912 2010.03.06 -
McAfee+Artemis 5912 2010.03.06 -
McAfee-GW-Edition 6.8.5 2010.03.07 -
Microsoft 1.5502 2010.03.07 -
NOD32 4922 2010.03.07 -
Norman 6.04.08 2010.03.07 -
nProtect 2009.1.8.0 2010.03.07 -
Panda 10.0.2.2 2010.03.07 -
PCTools 7.0.3.5 2010.03.04 -
Prevx 3.0 2010.03.07 -
Rising 22.37.06.04 2010.03.07 -
Sophos 4.51.0 2010.03.07 -
Sunbelt 5780 2010.03.07 -
Symantec 20091.2.0.41 2010.03.07 -
TheHacker 6.5.1.9.223 2010.03.07 -
TrendMicro 9.120.0.1004 2010.03.07 -
VBA32 3.12.12.2 2010.03.05 -
ViRobot 2010.3.5.2214 2010.03.05 -
VirusBuster 5.0.27.0 2010.03.06 -
Rozšiřující informace
File size: 48128 bytes
MD5...: 2d3145f88a60d4d7e90a82a558ed5c16
SHA1..: da369827f4a68771df6b7fd5a4b0ef7c31bbb928
SHA256: ab4d3cb8b6f6f64ea3fec2cfce48049bb2abbadf7474ec444d41943f8fc7f24f
ssdeep: 768:ovC9A5nBD69BqsEJUAlkW9lecovV7SSGbCueJdpR6Qy0siFCvJ4V7wmdUm1a
8k:ovC98nBD6LqDigkW9letSSGbdmDMMFCT
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x554d
timedatestamp.....: 0x4704b56b (Thu Oct 04 09:42:03 2007)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x555e 0x5600 6.15 8690f396a7a844a64e6b0b9ab3f08385
.data 0x7000 0x20c 0x200 2.65 75244f4f71816628fc953e7ed9382d78
.rsrc 0x8000 0x5f10 0x6000 5.96 120d706f4e8a7b426c6b9d47d337a8d8

( 8 imports )
> MFC42.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> msvcrt.dll: _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _initterm, __getmainargs, _acmdln, exit, __1type_info@@UAE@XZ, __dllonexit, _onexit, _controlfp, _terminate@@YAXXZ, __setusermatherr, _cexit, _XcptFilter, _exit, _c_exit, sprintf, atoi, strchr, _stricmp, __CxxFrameHandler, _setmbcp
> ADVAPI32.dll: RegCloseKey, DeleteService, RegQueryValueExA, CloseServiceHandle, QueryServiceConfigA, OpenServiceA, OpenSCManagerA
> KERNEL32.dll: GetVersionExA, GetEnvironmentVariableA, DeleteFileA, GetLastError, GetWindowsDirectoryA, GetCurrentThreadId, TerminateProcess, GetCurrentProcess, GetProcAddress, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, GetStartupInfoA, GetCommandLineA, GetPrivateProfileStringA, LocalFree, OutputDebugStringA, FormatMessageA, GetPrivateProfileSectionA
> USER32.dll: LoadCursorA, GetSystemMetrics, EnableWindow, LoadIconA, GetClientRect, DrawIcon, AppendMenuA, SendMessageA, PostMessageA, GetSystemMenu, IsIconic, SetCursor
> COMCTL32.dll: -
> SHLWAPI.dll: SHDeleteKeyA, StrChrA, StrTrimA, StrStrA, StrStrIA
> SETUPAPI.dll: SetupDiDestroyDeviceInfoList, SetupDiEnumDeviceInfo, SetupDiGetClassDevsA, SetupDiCallClassInstaller, SetupDiGetDeviceRegistryPropertyA, SetupDiOpenDevRegKey

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: PixArt Imaging Incorporation
copyright....: Copyright (c) 1998-2007 PixArt Imaging Incorporation. All rights reserved.
product......: Driver Remover
description..: Driver Remover
original name: Driver Remover.exe
internal name: Driver Remover
file version.: 0003.0004.2007.1004
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Soubor Remover.ini přijatý 2010.03.07 19:06:12 (UTC)
Současný stav: Dokončeno
Výsledek: 0/42 (0%)
Formátované
Vytisknout výsledky
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.

Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.07 -
AhnLab-V3 5.0.0.2 2010.03.07 -
AntiVir 8.2.1.180 2010.03.05 -
Antiy-AVL 2.0.3.7 2010.03.05 -
Authentium 5.2.0.5 2010.03.06 -
Avast 4.8.1351.0 2010.03.07 -
Avast5 5.0.332.0 2010.03.07 -
AVG 9.0.0.787 2010.03.07 -
BitDefender 7.2 2010.03.07 -
CAT-QuickHeal 10.00 2010.03.06 -
ClamAV 0.96.0.0-git 2010.03.06 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.07 -
eSafe 7.0.17.0 2010.03.04 -
eTrust-Vet 35.2.7342 2010.03.05 -
F-Prot 4.5.1.85 2010.03.06 -
F-Secure 9.0.15370.0 2010.03.07 -
Fortinet 4.0.14.0 2010.03.07 -
GData 19 2010.03.07 -
Ikarus T3.1.1.80.0 2010.03.07 -
Jiangmin 13.0.900 2010.03.07 -
K7AntiVirus 7.10.990 2010.03.04 -
Kaspersky 7.0.0.125 2010.03.07 -
McAfee 5912 2010.03.06 -
McAfee+Artemis 5912 2010.03.06 -
McAfee-GW-Edition 6.8.5 2010.03.07 -
Microsoft 1.5502 2010.03.07 -
NOD32 4922 2010.03.07 -
Norman 6.04.08 2010.03.07 -
nProtect 2009.1.8.0 2010.03.07 -
Panda 10.0.2.2 2010.03.07 -
PCTools 7.0.3.5 2010.03.04 -
Prevx 3.0 2010.03.07 -
Rising 22.37.06.04 2010.03.07 -
Sophos 4.51.0 2010.03.07 -
Sunbelt 5780 2010.03.07 -
Symantec 20091.2.0.41 2010.03.07 -
TheHacker 6.5.1.9.223 2010.03.07 -
TrendMicro 9.120.0.1004 2010.03.07 -
VBA32 3.12.12.2 2010.03.05 -
ViRobot 2010.3.5.2214 2010.03.05 -
VirusBuster 5.0.27.0 2010.03.06 -
Rozšiřující informace
File size: 302 bytes
MD5...: b9bb69d234613be4ab05de2666c0c204
SHA1..: 1df02e5bd2e04aa23dad3e6d24e0810895a9a807
SHA256: ed85ada5f99ab4d8aead41897c5c77deab82fc9fa7caee113e151ab3a397d1a5
ssdeep: 6:ieZWojavLSu8u+fsEL5G5L95qMR4OSla4Lwxy6MLxJXa:AHvWNjUE1wn29fsyL
3q
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Generic INI configuration (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

jestli potebujete linky, tak to zkusim znova

Stahnete si OTMoveIt3 , spustte (pokud mate vistu spuste run as administrator) a
do leveho policka se zlutym hornim okrajem Paste Instructions for Items to be Moved zkopirujte toto:

Kód: Vybrat vše

:processes
explorer.exe
:files
C:\WINDOWS\system32\GameMon.des
:services
npggsvc
nProtect GameGuard Service
:reg
:commands
[emptytemp]
[resethosts]
[start explorer]
[reboot]

Kliknete na MoveIt, v okne se zelenym hornim okrajem Results se objevi vysledek,obsah okna zkopirujte sem. Kdyby OTMoveIt vyzadoval restart - povolit. Nasledujici log najdete v C:\_OTMoveIt\MovedFiles\xxxxx.log (x je zastupny znak) ktery otevrete v poznamkovem bloku.

mam ty odkazy

http://www.virustotal.com/cs/analisis/a ... 1267991194

http://www.virustotal.com/cs/analisis/e ... 1267991367

http://www.virustotal.com/cs/analisis/a ... 1267991464

vše sem provedl, chtělo to restart systému, musel sem čekat než systém naběhne. opět se sekla lišta a musel sem počkat než mi z lišty vyskočí ikonka že automatické aktualizace jsou vypnuty. když tu bublinu zavřu, vše funguje, i internetovy prohlizec, krome zvuku a web kamery.

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\WINDOWS\system32\GameMon.des moved successfully.
========== SERVICES/DRIVERS ==========
Service npggsvc stopped successfully!
Service npggsvc deleted successfully!
Error: No service named nProtect GameGuard Service was found to stop!
Service\Driver key nProtect GameGuard Service not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Hosti
->Temp folder emptied: 59809508 bytes
->Temporary Internet Files folder emptied: 17479552 bytes
->Java cache emptied: 94032 bytes
->FireFox cache emptied: 62894918 bytes
->Flash cache emptied: 177822 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 348 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1526785 bytes

User: Tomáš
->Temp folder emptied: 18610241 bytes
->Temporary Internet Files folder emptied: 54494678 bytes
->Java cache emptied: 13932669 bytes
->FireFox cache emptied: 69442647 bytes
->Flash cache emptied: 12466487 bytes

User: yfl

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2698721 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 301,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.10.0 log created on 03072010_205519

Files moved on Reboot...
C:\Documents and Settings\Tomáš\Local Settings\Temp\Word8.0\MSForms.exd moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\mso352C.wmf moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\mso59CB7.wmf moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\mso83ECF.wmf moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\mso9A9A2.wmf moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\msoA0B6.wmf moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\msoAF07A.wmf moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\msoD5C0D.wmf moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\msoF0F1C.wmf moved successfully.
File C:\Documents and Settings\Tomáš\Local Settings\Temp\~DF86B4.tmp not found!
File C:\Documents and Settings\Tomáš\Local Settings\Temp\~DF97.tmp not found!
C:\Documents and Settings\Tomáš\Local Settings\Temp\~WRD0000.doc moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\~WRF0001.tmp moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp\~WRS0002.tmp moved successfully.

Registry entries deleted on Reboot...

jinak mi po restartu probehla avira a ten vir odstranila..ale co stou sekající se lištou a zvukem?

Automaticke aktualizace by mely byt zapnuty,jinak hrozi zvysene riziko nakazy sitovym cervem,ktery vyuzije bezpecnostni mezeru v nezazaplatovanem systemu.

Mate v Ovladacich panelech - Spravce zarizeni - spravne nainstalovany ovladace zvuku + ovladac k webkamere?

:arrow:Doinstalujte Service Pack 3

Provedte nekolikrat po sobe defragmentaci systemoveho disku C:

Pro zrychleni startu Windows stahnete a spustte program StartUpLite

Program vypise seznam zbytecnych programu spoustejicich se pri startu Windows .

K vypnuti spousteni techto programu zaskrtnete u prislusnych radku Disable a kliknete na Continue.

Stahnete GMER , rozbalte a spustte

probehne sken, po jehoz ukonceni na vas vyskoci vysledky

pote kliknete na Save a ulozite tak log, jehoz obsah sem vlozte

pote dle tohoto navodu

absolvujte druhy sken a opet obsah logu sem.

VIRY.CZ

antivir nasel TR/Rootkit.gen

antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen

Re: antivir nasel TR/Rootkit.gen