PC-HELP.CZ

dnes ráno mě avgčko hodilo několik hlášek o viru a sou to soubory v system 32 -.- projel sem to hijackthis mno tak se na to prosím někdo koukněte
Logfile of HijackThis v1.99.1
Scan saved at 9:05:02, on 13.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Mouse\Amoumain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\jonas\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - C:\WINDOWS\system32\cbXPghEU.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {AEEA8000-2ED7-4A22-B045-F7B4C798D27B} - C:\WINDOWS\system32\cbXRlkHa.dll (file missing)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [BMbb46fe31] Rundll32.exe "C:\WINDOWS\system32\iryappir.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [AVG Control Center] C:\Program Files\Grisoft\AVG7\avgcc.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: Realtek HD Sound Effect Manager.lnk = C:\WINDOWS\system32\RTSndMgr.Cpl
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to Ascendo Photos - res://C:\Program Files\Ascendo\Ascendo Photos\PhotosDesktop.exe/178
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9565653109
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://adisepo.mfcr.cz/adis/jepo/epo/bin/capicom.cab
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: cbXPghEU - cbXPghEU.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: Ventrilo - Unknown owner - C:\Program Files\VentSrv\ventrilo_svc.exe (file missing)

někde sem tam viděl hlášku winlogon notify cbXPghEU cbXPghEU.dll - file missing protože to avgčko hodilo do trezoru... co to je za soubor?... jo a nák mě nejedou vyhledávače heh

Tohle fixni:

O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - C:\WINDOWS\system32\cbXPghEU.dll (file missing)
O2 - BHO: (no name) - {AEEA8000-2ED7-4A22-B045-F7B4C798D27B} - C:\WINDOWS\system32\cbXRlkHa.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BMbb46fe31] Rundll32.exe "C:\WINDOWS\system32\iryappir.dll",s
O20 - Winlogon Notify: cbXPghEU - cbXPghEU.dll (file missing)

+ čistka CCleanerem, restart a nový log.

Jak se tak zdá, tak AVG většinu šouplo do trezoru (nebo smazalo).

hmm
Logfile of HijackThis v1.99.1
Scan saved at 11:02:34, on 13.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Mouse\Amoumain.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\jonas\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [BMbb46fe31] Rundll32.exe "C:\WINDOWS\system32\iryappir.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [AVG Control Center] C:\Program Files\Grisoft\AVG7\avgcc.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: Realtek HD Sound Effect Manager.lnk = C:\WINDOWS\system32\RTSndMgr.Cpl
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to Ascendo Photos - res://C:\Program Files\Ascendo\Ascendo Photos\PhotosDesktop.exe/178
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9565653109
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://adisepo.mfcr.cz/adis/jepo/epo/bin/capicom.cab
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: Ventrilo - Unknown owner - C:\Program Files\VentSrv\ventrilo_svc.exe (file missing)

furt mě nefunguje vyhledávač tak co stím mám dělat :(

HJT to všechno neodstranil, takže toto:

Stáhněte a uložte na plochu ComboFix:

Spusťte aplikaci pod účtem Správce počítače - zavřete všechny spuštěné programy(webový prohlížeč, messenger, ...) - následuje licenční ujednání, klikněte na Ano - začne se testovat (celá akce trvá cca. 5-10 minut, někdy i trochu déle) - během skenu se nepokoušejte spouštět žádne jiné aplikace a neklikejte do okna ComboFixu - po dokončení se automaticky otevře okno poznámkového bloku s textem (pokud se tak nestane, log je v C:\ComboFix.txt), který sem pomocí známých klávesových zkratek Ctrl + A (označení celého textu) -> Ctrl + C (uložení do jakési schránky) -> Ctrl + V (vložení textu) zkopírujte - a počkejte na další postup

VAROVÁNÍ: Pokud se vám zobrazí "CRITICAL WARNING !!" nesmíte restartovat počítač, o varování napište.
VAROVÁNÍ2: Je možné, že při testu budou různé bezpečnostní programy hlásit neoprávněný pokus o smazání daného souboru či něco jiného. Povolte jejich případné dotazy nebo na dobu scanu úplně vypněte rezidentní modul daného programu.

geno dík moc už to vyhledává super moc co tohle proto udělalo?
ComboFix 08-04-12.5 - jonas 2008-04-13 11:15:40.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1480 [GMT 2:00]
Running from: C:\Documents and Settings\jonas\Plocha\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
ADS - ntoskrnl.exe: deleted 88 bytes in 2 streams.
TimedOut: progfile.dat

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\hosts
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aHklRXbc.ini
C:\WINDOWS\system32\aHklRXbc.ini2
C:\WINDOWS\system32\iryappir.dll
C:\WINDOWS\system32\mcrh.tmp

.
((((((((((((((((((((((((( Files Created from 2008-03-13 to 2008-04-13 )))))))))))))))))))))))))))))))
.

2008-04-13 10:03 . 2008-04-13 10:03 <DIR> d-------- C:\Program Files\Ubisoft
2008-04-13 09:49 . 2008-04-13 09:49 196,274 --a------ C:\cc_nova.reg
2008-04-13 08:57 . 2008-04-13 08:57 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-04-13 08:05 . 2008-04-13 10:01 101,166 --a------ C:\WINDOWS\BMbb46fe31.xml
2008-04-12 15:29 . 2007-06-29 14:47 34,304 --a------ C:\WINDOWS\system32\drivers\AmdLLD.sys
2008-04-12 15:24 . 2006-07-01 22:42 43,008 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys
2008-04-12 14:54 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-04-12 14:54 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-04-12 14:54 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-04-12 14:54 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-04-12 14:54 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
2008-04-12 13:47 . 2008-04-12 13:47 94,208 --a------ C:\WINDOWS\system32\drivers\ezplay.sys
2008-04-12 13:46 . 2008-04-12 13:46 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-04-01 22:17 . 2002-07-07 23:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm
2008-04-01 22:17 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-04-01 22:17 . 2001-02-25 02:19 287,744 --a------ C:\WINDOWS\system32\divxa32.acm
2008-04-01 22:17 . 2006-10-18 19:05 232,448 --a------ C:\WINDOWS\system32\mp3fhg.acm
2008-04-01 22:17 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-04-01 22:17 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-04-01 22:17 . 2004-05-18 19:16 39,936 --a------ C:\WINDOWS\system32\huffyuv.dll
2008-04-01 22:17 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-04-01 22:16 . 2008-04-01 22:16 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-04-01 22:09 . 2008-04-01 22:09 <DIR> d-------- C:\Program Files\Webteh
2008-04-01 22:07 . 2008-04-01 22:10 <DIR> d-------- C:\Program Files\real
2008-04-01 19:38 . 2008-04-01 19:45 <DIR> d-------- C:\Program Files\DivX
2008-04-01 19:29 . 2008-04-01 19:29 65,536 --a------ C:\WINDOWS\IFinst27.exe
2008-03-25 23:36 . 2008-03-25 23:36 <DIR> d-------- C:\Program Files\ImTOO
2008-03-18 20:59 . 2008-03-18 20:59 172,544 --a------ C:\ICQ.CL.Recovery.exe
2008-03-16 23:55 . 2008-03-16 23:55 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-03-15 12:42 . 2008-03-15 12:57 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2008-03-15 12:42 . 2008-03-15 12:42 <DIR> d-------- C:\Program Files\Autodesk
2008-03-14 22:49 . 2008-03-14 22:49 <DIR> d-------- C:\Program Files\Mouse
2008-03-14 21:04 . 2008-03-14 21:05 <DIR> d-------- C:\Program Files\RivaTuner v2.08
2008-03-13 19:53 . 2008-03-13 19:53 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-03-13 17:37 . 2007-07-19 19:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2008-03-13 17:37 . 2008-03-13 17:37 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-03-13 17:37 . 2007-07-19 19:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2008-03-13 17:37 . 2008-03-16 17:47 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-03-13 17:37 . 2008-03-13 17:37 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-03-13 17:37 . 2008-03-16 17:47 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-13 17:36 . 2007-07-19 19:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-13 07:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-12 17:21 --------- d-----w C:\Program Files\Warcraft III
2008-04-12 13:39 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-12 13:38 --------- d-----w C:\Program Files\AMD
2008-04-12 11:55 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-04-11 16:19 --------- d-----w C:\Program Files\DC++
2008-04-03 14:57 --------- d-----w C:\Program Files\JetAudio
2008-04-01 19:58 --------- d-----w C:\Program Files\Common Files\COWON
2008-03-25 19:12 --------- d-----w C:\Program Files\QIP
2008-03-18 18:36 --------- d-----w C:\Program Files\ICQ6
2008-03-14 20:53 --------- d-----w C:\Program Files\GameSpy Arcade
2008-03-13 18:28 --------- d-----w C:\Program Files\ATI Technologies
2008-03-13 16:06 --------- d-----w C:\Program Files\Electronic Arts
2008-03-09 16:38 --------- d-----w C:\Program Files\FileOpen
2008-03-09 10:01 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-03-09 10:00 --------- d-----w C:\Program Files\Macromedia
2008-03-08 10:42 --------- d-----w C:\Program Files\Java
2008-03-05 18:59 --------- d-----w C:\Program Files\World of Warcraft
2008-02-26 21:02 --------- d-----w C:\Program Files\FlashGet
2008-02-26 20:45 --------- d-----w C:\Program Files\MediaCell Video Converter
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-02-24 19:16 --------- d-----w C:\Program Files\QuickTime
2008-02-24 19:15 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-02-24 18:24 --------- d-----w C:\Program Files\JPEG Resampler
2008-02-24 10:48 --------- d-----w C:\Program Files\Astariel
2008-02-24 07:21 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2008-02-15 14:18 --------- d-----w C:\Program Files\TightVNC
2008-01-22 22:12 348,160 ----a-w C:\WINDOWS\MSVCR71.DLL
2008-01-22 22:12 1,060,864 ----a-w C:\WINDOWS\MFC71.DLL
2007-04-12 19:13 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2006-10-15 20:55 930,267 ----a-w C:\Program Files\rajce_beta32.exe
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25 1961984]
"AVG Control Center"="C:\Program Files\Grisoft\AVG7\avgcc.exe" [2007-12-19 20:31 579072]
"PowerBar"="" []
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:49 110592 C:\WINDOWS\system32\bthprops.cpl]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 20:20 866584]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 13:17 61440]
"WheelMouse"="C:\Program Files\Mouse\Amoumain.exe" [2007-04-19 15:57 196608]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 15:49 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 15:50 219136]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\xchat\\xchat.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Codemasters\\Operation Flashpoint\\FlashpointResistance.exe"=
"C:\\Program Files\\DC++\\DCPlusPlus.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\Warcraft III\\war3.exe"=
"C:\\Program Files\\Codemasters\\Operation Flashpoint\\OPERATIONFLASHPOINT.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Team17\\Worms World Party\\wwp.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Ocean Technology\\GG E-Sports Platform\\GGclient.exe"=
"C:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"C:\\Program Files\\EA Sports\\FIFA 08\\FIFA08.exe"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"C:\\Program Files\\Hamachi\\hamachi.exe"=
"C:\\Program Files\\Counter-Strike\\hl.exe"=
"C:\\Program Files\\Half Life 2\\root\\hl2.exe"=
"C:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
"C:\\mobil\\webkamera\\SEWebCam.exe"=
"C:\\Program Files\\TightVNC\\WinVNC.exe"=
"C:\\Program Files\\TightVNC\\vncviewer.exe"=
"C:\\Program Files\\14 Degrees East\\Fallout Tactics\\BOS.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Ocean Technology\\GG E-Sports Platform\\Garena.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:w3
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"2302:TCP"= 2302:TCP:ofp

R0 m5288;m5288;C:\WINDOWS\system32\DRIVERS\m5288.sys [2005-12-23 22:54]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-17 15:49]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 14:36]
R3 usbhub;Ovladač standardního rozbočovače USB;C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 23:08]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 23:08]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S3 AmdTools;AMD Special Tools Driver;C:\WINDOWS\system32\DRIVERS\AmdTools.sys []
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-04-19 15:45]
S3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2003-07-31 02:05]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2003-07-31 02:05]
S3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2003-11-01 23:54]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2007-11-05 23:11]
S3 ldiskl;ldiskl;C:\DOCUME~1\jonas\LOCALS~1\Temp\ldiskl.sys []
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 00:08]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\wd_windows_tools\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6779940-088a-11dd-a0e6-0016179264cd}]
\Shell\AutoRun\command - E:\autorun.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-04-11 15:16:28 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-04-13 09:26:56 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-13 11:24:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
C:\WINDOWS\RTHDCPL.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Completion time: 2008-04-13 11:37:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-13 09:37:37
Adresářů: 20, Volných bajtů: 18,655,350,784
Adres ý…: 24, Volněch bajt…: 18,569,658,368
.
2008-04-12 21:33:01 --- E O F ---

Ok, ještě bych udělal tohle (možná by to smazal i CCleaner, ale pro jistotu):

Přesuňte Combofix na plochu (pokud ho tam ještě nemáte) - otevřete si poznámkový blok - do něj zkopírujte text z nasledujícího okna:



Text uložte jako CFScript.txt na plochu - po uložení uchopte vámi vytvořený soubor .txt levým tlačítkem myši a přesuňte jej nad ikonu ComboFixu - nad ikonou ComboFixu soubor .txt upusťte - spustí se ComboFix - a CF začne znova scanovat, nakonci scanování se pokusí CF smazat zadané soubory či něco jiného, co jsme mu zadali - po provedení akce se opět zobrazí okno poznámkového bloku s textem, který sem zkopírujte a vyčkejte prosím na další rady :)

ComboFix 08-04-12.5 - jonas 2008-04-13 12:49:07.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1352 [GMT 2:00]
Running from: C:\Documents and Settings\jonas\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\jonas\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-03-13 to 2008-04-13 )))))))))))))))))))))))))))))))
.

2008-04-13 10:03 . 2008-04-13 10:03 <DIR> d-------- C:\Program Files\Ubisoft
2008-04-13 09:49 . 2008-04-13 09:49 196,274 --a------ C:\cc_nova.reg
2008-04-13 08:57 . 2008-04-13 08:57 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-04-13 08:05 . 2008-04-13 10:01 101,166 --a------ C:\WINDOWS\BMbb46fe31.xml
2008-04-12 16:56 . 2008-04-12 16:56 <DIR> d-------- C:\Documents and Settings\jonas\Data aplikací\Ubisoft
2008-04-12 16:56 . 2008-04-12 16:56 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2008-04-12 15:58 . 2008-04-12 15:58 <DIR> d-------- C:\Documents and Settings\jonas\Data aplikací\DAEMON Tools Pro
2008-04-12 15:29 . 2007-06-29 14:47 34,304 --a------ C:\WINDOWS\system32\drivers\AmdLLD.sys
2008-04-12 15:24 . 2006-07-01 22:42 43,008 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys
2008-04-12 14:54 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-04-12 14:54 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-04-12 14:54 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-04-12 14:54 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-04-12 14:54 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
2008-04-12 13:55 . 2008-04-12 13:55 <DIR> d-------- C:\Documents and Settings\jonas\Data aplikací\DAEMON Tools
2008-04-12 13:47 . 2008-04-12 13:47 94,208 --a------ C:\WINDOWS\system32\drivers\ezplay.sys
2008-04-12 13:47 . 2008-04-12 13:51 94,208 --a------ C:\Documents and Settings\jonas\Data aplikací\ezplay.sys
2008-04-12 13:46 . 2008-04-12 13:51 <DIR> d-------- C:\Documents and Settings\jonas\Data aplikací\Vso
2008-04-12 13:46 . 2008-04-12 13:51 87,608 --a------ C:\Documents and Settings\jonas\Data aplikací\inst.exe
2008-04-12 13:46 . 2008-04-12 13:46 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-04-12 13:46 . 2008-04-12 13:51 47,360 --a------ C:\Documents and Settings\jonas\Data aplikací\pcouffin.sys
2008-04-09 19:06 . 2008-04-09 19:06 <DIR> d-------- C:\Documents and Settings\petr\Data aplikací\COWON
2008-04-01 22:17 . 2002-07-07 23:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm
2008-04-01 22:17 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-04-01 22:17 . 2001-02-25 02:19 287,744 --a------ C:\WINDOWS\system32\divxa32.acm
2008-04-01 22:17 . 2006-10-18 19:05 232,448 --a------ C:\WINDOWS\system32\mp3fhg.acm
2008-04-01 22:17 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-04-01 22:17 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-04-01 22:17 . 2004-05-18 19:16 39,936 --a------ C:\WINDOWS\system32\huffyuv.dll
2008-04-01 22:17 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-04-01 22:16 . 2008-04-01 22:16 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-04-01 22:09 . 2008-04-01 22:09 <DIR> d-------- C:\Program Files\Webteh
2008-04-01 22:07 . 2008-04-01 22:10 <DIR> d-------- C:\Program Files\real
2008-04-01 19:45 . 2008-04-01 19:45 <DIR> d-------- C:\Documents and Settings\jonas\Data aplikací\DivX
2008-04-01 19:38 . 2008-04-01 19:45 <DIR> d-------- C:\Program Files\DivX
2008-04-01 19:29 . 2008-04-01 19:29 65,536 --a------ C:\WINDOWS\IFinst27.exe
2008-03-25 23:36 . 2008-03-25 23:36 <DIR> d-------- C:\Program Files\ImTOO
2008-03-18 20:59 . 2008-03-18 20:59 172,544 --a------ C:\ICQ.CL.Recovery.exe
2008-03-18 16:22 . 2008-03-18 16:25 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\YoGen
2008-03-16 23:55 . 2008-03-16 23:55 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-03-15 12:42 . 2008-03-15 12:57 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2008-03-15 12:42 . 2008-03-15 12:42 <DIR> d-------- C:\Program Files\Autodesk
2008-03-14 22:49 . 2008-03-14 22:49 <DIR> d-------- C:\Program Files\Mouse
2008-03-14 21:04 . 2008-03-14 21:05 <DIR> d-------- C:\Program Files\RivaTuner v2.08
2008-03-14 11:43 . 2008-03-14 11:43 <DIR> d-------- C:\Documents and Settings\hanka\Data aplikací\FileOpen
2008-03-13 20:41 . 2008-03-13 20:41 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\ATI
2008-03-13 19:53 . 2008-03-13 19:53 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-03-13 17:37 . 2007-07-19 19:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2008-03-13 17:37 . 2008-03-13 17:37 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-03-13 17:37 . 2007-07-19 19:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2008-03-13 17:37 . 2008-03-16 17:47 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-03-13 17:37 . 2008-03-13 17:37 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-03-13 17:37 . 2008-03-16 17:47 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-13 17:37 . 2008-03-13 17:37 22,328 --a------ C:\Documents and Settings\jonas\Data aplikací\PnkBstrK.sys
2008-03-13 17:36 . 2007-07-19 19:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-13 09:45 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\X-Chat 2
2008-04-13 09:25 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\OpenOffice.org2
2008-04-13 07:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-13 07:24 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\AVG7
2008-04-12 23:26 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\uTorrent
2008-04-12 17:21 --------- d-----w C:\Program Files\Warcraft III
2008-04-12 13:39 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-12 13:38 --------- d-----w C:\Program Files\AMD
2008-04-12 11:55 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-04-11 16:19 --------- d-----w C:\Program Files\DC++
2008-04-11 09:37 --------- d-----w C:\Documents and Settings\eva\Data aplikací\VoipDiscount
2008-04-09 18:34 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\Skype
2008-04-09 12:11 --------- d-----w C:\Documents and Settings\hanka\Data aplikací\Skype
2008-04-03 14:57 --------- d-----w C:\Program Files\JetAudio
2008-04-02 09:53 --------- d-----w C:\Documents and Settings\hanka\Data aplikací\VoipDiscount
2008-04-01 19:58 --------- d-----w C:\Program Files\Common Files\COWON
2008-03-29 18:03 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\VoipDiscount
2008-03-29 12:30 --------- d-----w C:\Documents and Settings\petr\Data aplikací\Skype
2008-03-29 09:47 --------- d-----w C:\Documents and Settings\petr\Data aplikací\AVG7
2008-03-26 14:46 --------- d-----w C:\Documents and Settings\eva\Data aplikací\AVG7
2008-03-25 19:12 --------- d-----w C:\Program Files\QIP
2008-03-22 16:30 2,085,376 ----a-w C:\WINDOWS\system32\x264vfw.dll
2008-03-22 13:36 --------- d-----w C:\Documents and Settings\hanka\Data aplikací\AVG7
2008-03-20 20:54 --------- d-----w C:\Documents and Settings\petr\Data aplikací\ATI
2008-03-20 08:09 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 10:21 --------- d-----w C:\Documents and Settings\veronika\Data aplikací\ATI
2008-03-18 18:36 --------- d-----w C:\Program Files\ICQ6
2008-03-17 08:13 --------- d-----w C:\Documents and Settings\eva\Data aplikací\ATI
2008-03-16 16:09 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\Hamachi
2008-03-14 20:53 --------- d-----w C:\Program Files\GameSpy Arcade
2008-03-14 06:44 --------- d-----w C:\Documents and Settings\hanka\Data aplikací\ATI
2008-03-13 18:41 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\ATI
2008-03-13 18:28 --------- d-----w C:\Program Files\ATI Technologies
2008-03-13 17:40 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-03-13 16:06 --------- d-----w C:\Program Files\Electronic Arts
2008-03-11 20:25 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\FileOpen
2008-03-10 08:08 --------- d-----w C:\Documents and Settings\eva\Data aplikací\FileOpen
2008-03-09 16:39 --------- d-----w C:\Documents and Settings\petr\Data aplikací\FileOpen
2008-03-09 16:38 --------- d-----w C:\Program Files\FileOpen
2008-03-09 16:38 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\FileOpen
2008-03-09 10:01 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-03-09 10:00 --------- d-----w C:\Program Files\Macromedia
2008-03-08 10:42 --------- d-----w C:\Program Files\Java
2008-03-05 18:59 --------- d-----w C:\Program Files\World of Warcraft
2008-03-04 17:40 --------- d-----w C:\Documents and Settings\veronika\Data aplikací\ICQ
2008-03-04 10:33 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-26 21:02 --------- d-----w C:\Program Files\FlashGet
2008-02-26 20:45 --------- d-----w C:\Program Files\MediaCell Video Converter
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-02-25 19:05 593,920 ----a-w C:\WINDOWS\system32\ati2sgag.exe
2008-02-24 19:16 --------- d-----w C:\Program Files\QuickTime
2008-02-24 19:15 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-02-24 19:07 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2008-02-24 18:59 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Apple
2008-02-24 18:24 --------- d-----w C:\Program Files\JPEG Resampler
2008-02-24 18:20 --------- d-----w C:\Documents and Settings\jonas\Data aplikací\Jpeg Resampler
2008-02-24 12:54 98,304 ----a-w C:\WINDOWS\system32\qttask.exe
2008-02-24 10:48 --------- d-----w C:\Program Files\Astariel
2008-02-24 07:21 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2008-02-21 02:03 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:38 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-19 20:00 --------- d-----w C:\Documents and Settings\petr\Data aplikací\VoipDiscount
2008-02-15 14:18 --------- d-----w C:\Program Files\TightVNC
2008-01-22 22:12 348,160 ----a-w C:\WINDOWS\MSVCR71.DLL
2008-01-22 22:12 1,060,864 ----a-w C:\WINDOWS\MFC71.DLL
2007-04-12 19:13 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2006-10-15 20:55 930,267 ----a-w C:\Program Files\rajce_beta32.exe
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( snapshot@2008-04-13_11.37.26.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-13 09:03:06 78,000 ----a-w C:\WINDOWS\system32\perfc005.dat
+ 2008-04-13 09:28:23 78,000 ----a-w C:\WINDOWS\system32\perfc005.dat
- 2008-04-13 09:03:06 65,894 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-13 09:28:23 65,894 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-13 09:03:06 410,162 ----a-w C:\WINDOWS\system32\perfh005.dat
+ 2008-04-13 09:28:23 410,162 ----a-w C:\WINDOWS\system32\perfh005.dat
- 2008-04-13 09:03:06 412,186 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-13 09:28:23 412,186 ----a-w C:\WINDOWS\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25 1961984]
"AVG Control Center"="C:\Program Files\Grisoft\AVG7\avgcc.exe" [2007-12-19 20:31 579072]
"PowerBar"="" []
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:49 110592 C:\WINDOWS\system32\bthprops.cpl]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 20:20 866584]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 13:17 61440]
"WheelMouse"="C:\Program Files\Mouse\Amoumain.exe" [2007-04-19 15:57 196608]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 15:49 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 15:50 219136]

C:\Documents and Settings\jonas\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-09-11 06:43:54 393216]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\xchat\\xchat.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Codemasters\\Operation Flashpoint\\FlashpointResistance.exe"=
"C:\\Program Files\\DC++\\DCPlusPlus.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\Warcraft III\\war3.exe"=
"C:\\Program Files\\Codemasters\\Operation Flashpoint\\OPERATIONFLASHPOINT.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Team17\\Worms World Party\\wwp.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Ocean Technology\\GG E-Sports Platform\\GGclient.exe"=
"C:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"C:\\Program Files\\EA Sports\\FIFA 08\\FIFA08.exe"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"C:\\Program Files\\Hamachi\\hamachi.exe"=
"C:\\Program Files\\Counter-Strike\\hl.exe"=
"C:\\Program Files\\Half Life 2\\root\\hl2.exe"=
"C:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
"C:\\mobil\\webkamera\\SEWebCam.exe"=
"C:\\Program Files\\TightVNC\\WinVNC.exe"=
"C:\\Program Files\\TightVNC\\vncviewer.exe"=
"C:\\Program Files\\14 Degrees East\\Fallout Tactics\\BOS.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Ocean Technology\\GG E-Sports Platform\\Garena.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:w3
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"2302:TCP"= 2302:TCP:ofp

R0 m5288;m5288;C:\WINDOWS\system32\DRIVERS\m5288.sys [2005-12-23 22:54]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-17 15:49]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 14:36]
R3 usbhub;Ovladač standardního rozbočovače USB;C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 23:08]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 23:08]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S3 AmdTools;AMD Special Tools Driver;C:\WINDOWS\system32\DRIVERS\AmdTools.sys []
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-04-19 15:45]
S3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2003-07-31 02:05]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2003-07-31 02:05]
S3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2003-11-01 23:54]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2007-11-05 23:11]
S3 ldiskl;ldiskl;C:\DOCUME~1\jonas\LOCALS~1\Temp\ldiskl.sys []
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 00:08]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\wd_windows_tools\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6779940-088a-11dd-a0e6-0016179264cd}]
\Shell\AutoRun\command - E:\autorun.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-04-11 15:16:28 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-04-13 09:26:56 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-13 12:50:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\Amhooker.dll
.
Completion time: 2008-04-13 12:51:04
ComboFix-quarantined-files.txt 2008-04-13 10:50:40
ComboFix2.txt 2008-04-13 09:37:43
Adresářů: 20, Volných bajtů: 25,835,532,288
Adresářů: 24, Volných bajtů: 25,814,482,944
.
2008-04-12 21:33:01 --- E O F ---

Pročisti CCleanerem a mělo by to být v pořádku. Problémy nemáš?

nn vypadá to v pohodě tak fakt dík za pomoc :)

Ok, kdyby něco dej vědět.