PC-HELP.CZ

Mám v počítači nainstalovaný ESET Smart Security a stále mi píše hlášku, že mám infikovanou operační paměť a chod počítače je pomalý. Nejde to vyléčit ESETem. Přikládám log a prosím o jeho kontrolu případně co dál dělat. Děkuji

ComboFix 09-04-04.01 - Administrator 2009-04-08 18:52:06.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.767.443 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *disabled*
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-03-08 do 2009-04-08 )))))))))))))))))))))))))))))))
.

2009-04-08 18:39 . 2009-04-08 18:39 155 --a------ c:\windows\system32\SelfDel.bat
2009-04-08 18:38 . 2009-04-08 18:39 84,045 --a------ c:\windows\system32\ftp_non_crp.exe
2009-04-05 11:24 . 2009-04-05 11:24 <DIR> d-------- c:\program files\ESET
2009-04-05 10:31 . 2009-04-08 18:54 105,170 --a------ c:\windows\system32\drivers\14d595e7.sys
2009-04-05 10:28 . 2009-04-05 10:28 50,632 --a------ c:\windows\system32\drivers\MiniIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 <DIR> d--hs---- C:\#GDATA.Trash.Store#
2009-04-05 10:25 . 2009-04-05 10:25 51,016 --a------ c:\windows\system32\drivers\GDTdiIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 22,272 --a------ c:\windows\system32\drivers\GDNdisIc.sys
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\program files\G DATA
2009-04-05 10:24 . 2009-04-05 10:47 <DIR> d-------- c:\program files\Common Files\G DATA
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\G DATA
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\program files\Common Files\Symantec Shared
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Symantec
2009-03-29 15:28 . 2009-03-29 15:28 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Search
2009-03-28 23:48 . 2009-03-28 23:48 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Azureus
2009-03-28 23:48 . 2009-03-29 00:17 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Azureus
2009-03-28 23:47 . 2009-03-28 23:48 <DIR> d-------- c:\program files\Vuze
2009-03-28 23:46 . 2009-03-28 23:45 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-28 23:46 . 2009-03-28 23:45 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-28 23:45 . 2009-03-28 23:45 <DIR> d-------- c:\program files\Java
2009-03-28 09:26 . 2008-03-03 15:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg
2009-03-28 09:26 . 2008-03-03 19:21 568 --ah----- c:\windows\nod32fixtemdono.reg
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-21 16:27 . 2009-03-21 16:27 <DIR> d-------- c:\windows\zy_tmp
2009-03-21 16:27 . 2004-08-17 12:23 5,120 --a------ c:\windows\system32\tcusbdrv.dll
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-03-21 12:00 . 2009-03-21 12:00 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-20 23:28 . 2009-03-20 23:28 4,263 --a------ c:\windows\system32\FLSINSTU.INI
2009-03-20 23:05 . 2009-03-20 23:05 2,331,008 --a------ c:\windows\system32\TUKernel.exe
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d-------- c:\program files\Stardock
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d--h-c--- c:\documents and settings\All Users\Data aplikací\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-03-20 23:02 . 2009-03-20 23:02 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-20 23:02 . 2009-03-20 23:02 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-20 23:02 . 2008-12-11 14:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-20 23:01 . 2009-03-20 23:02 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-20 22:40 . 2009-03-20 22:40 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Styler
2009-03-20 22:37 . 2009-03-20 22:40 <DIR> d-------- c:\program files\Styler
2009-03-20 21:23 . 2002-08-12 17:20 27,264 --a------ c:\windows\system32\drivers\rndismpk.sys
2009-03-20 21:23 . 2002-08-12 17:20 11,136 --a------ c:\windows\system32\drivers\usb8023k.sys
2009-03-20 17:30 . 2009-03-20 17:30 256 --a------ C:\dk2.mem
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\Nokia
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\DESkey
2009-03-20 17:02 . 2009-03-20 17:02 2,325,304 --a------ c:\windows\system32\DK2INST.DLL
2009-03-20 17:01 . 2009-03-20 23:26 <DIR> d-------- c:\program files\Nokia
2009-03-20 17:01 . 2008-02-01 17:17 90,624 --a------ c:\windows\system32\nmwcdcls.dll
2009-03-20 17:00 . 2009-03-20 17:00 <DIR> d-------- c:\program files\MSXML 6.0
2009-03-20 16:53 . 2008-04-14 08:52 219,648 --a------ c:\windows\system32\uxtheme.uxtender
2009-03-19 11:45 . 2009-03-19 11:45 131,976 --a------ c:\windows\system32\drivers\epfw.sys
2009-03-19 11:45 . 2009-03-19 11:45 55,768 --a------ c:\windows\system32\drivers\epfwtdi.sys
2009-03-19 11:45 . 2009-03-19 11:45 33,096 --a------ c:\windows\system32\drivers\epfwndis.sys
2009-03-19 11:44 . 2009-03-19 11:44 107,256 --a------ c:\windows\system32\drivers\ehdrv.sys
2009-03-19 11:41 . 2009-03-19 11:41 113,960 --a------ c:\windows\system32\drivers\eamon.sys
2009-03-15 10:17 . 2009-03-15 11:05 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\BMC
2009-03-15 10:15 . 2009-03-20 23:28 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-15 10:15 . 2009-03-15 10:15 91,136 --a------ c:\windows\system32\drivers\susbser.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-03-12 19:20 . 2009-03-12 19:20 <DIR> d-------- c:\program files\WinSCP
2009-03-12 18:12 . 2009-03-12 18:12 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\OpenOffice.org
2009-03-12 17:51 . 2009-03-12 17:53 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\vlc
2009-03-12 17:51 . 2009-03-14 19:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\dvdcss
2009-03-11 14:41 . 2009-03-11 14:41 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-03-11 14:40 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-11 14:30 . 2009-03-11 14:40 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-11 14:29 . 2009-03-11 14:29 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-11 14:28 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-11 14:28 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-11 14:22 . 2009-03-11 14:22 <DIR> d-------- c:\program files\Microsoft
2009-03-11 14:21 . 2009-03-11 14:21 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Desktop Search
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\windows\system32\GroupPolicy
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\program files\Windows Desktop Search
2009-03-11 14:18 . 2009-03-11 14:18 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-03-11 14:16 . 2009-03-11 14:16 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-11 14:16 . 2009-03-11 14:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-03-11 14:13 . 2009-03-11 14:14 <DIR> d-------- c:\windows\system32\URTTemp
2009-03-11 09:00 . 2008-12-21 01:03 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-11 09:00 . 2007-04-17 11:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-11 09:00 . 2007-03-08 07:09 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-11 09:00 . 2008-12-21 01:03 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-11 09:00 . 2008-12-21 01:03 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-11 09:00 . 2008-12-21 01:03 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-11 09:00 . 2008-12-21 01:03 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-11 09:00 . 2008-12-21 01:03 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-11 09:00 . 2008-12-19 11:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-09 07:42 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-09 07:42 . 2008-10-16 15:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-09 07:42 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-08 22:16 . 2009-03-29 15:12 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\gtk-2.0
2009-03-08 22:16 . 2009-03-08 22:16 <DIR> d-------- c:\documents and settings\Administrator\.thumbnails
2009-03-08 22:15 . 2009-03-29 15:12 <DIR> d-------- c:\documents and settings\Administrator\.gimp-2.6
2009-03-08 22:15 . 2009-03-08 22:15 <DIR> d-------- c:\documents and settings\Administrator\.gegl-0.0
2009-03-08 22:13 . 2009-03-08 22:13 <DIR> d-------- c:\program files\GIMP-2.0
2009-03-08 11:34 . 2008-04-14 01:15 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-06 19:41 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Skype
2009-04-06 18:44 --------- d-----w c:\documents and settings\Administrator\Data aplikací\skypePM
2009-04-05 13:31 --------- d-----w c:\program files\foobar2000
2009-04-05 08:56 --------- d-----w c:\documents and settings\All Users\Data aplikací\ESET
2009-04-05 07:13 --------- d-----w c:\program files\Krteček 2.1.3
2009-03-29 12:42 --------- d-----w c:\program files\QIP Infium
2009-03-21 14:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-21 14:27 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\DNClnt32.dll
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\dkcpanel.exe
2009-03-20 15:02 89,400 ----a-w c:\windows\system32\DNCP32.DLL
2009-03-20 15:02 76,600 ----a-w c:\windows\system32\dk2cp32.dll
2009-03-20 15:02 64,312 ----a-w c:\windows\system32\vercp32.dll
2009-03-20 15:02 49,720 ----a-w c:\windows\system32\drivers\dk2drv.sys
2009-03-20 15:02 32,208 ----a-w c:\windows\system32\dk2win16.dll
2009-03-20 15:02 30,520 ----a-w c:\windows\system32\DK2UInst.exe
2009-03-20 15:02 24,488 ----a-w c:\windows\system32\dk2vdd.dll
2009-03-20 15:02 18,360 ----a-w c:\windows\system32\drivers\DK2USB.sys
2009-03-20 15:02 14,856 ----a-w c:\windows\system32\drivers\dkpccard.sys
2009-03-20 15:02 11,576 ----a-w c:\windows\system32\DKCLINST.DLL
2009-03-20 14:53 219,648 ----a-w c:\windows\system32\uxtheme.dll
2009-03-17 18:02 --------- d-----w c:\program files\ICQ6.5
2009-03-17 18:02 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ICQ
2009-03-11 12:29 --------- d-----w c:\program files\MSBuild
2009-03-11 06:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-03-07 21:24 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Media Player Classic
2009-03-07 10:40 --------- d-----w c:\program files\VideoLAN
2009-03-07 10:37 --------- d-----w c:\program files\Common Files\Skype
2009-03-07 10:37 --------- d-----w c:\documents and settings\All Users\Data aplikací\Skype
2009-03-07 10:37 --------- d-----r c:\program files\Skype
2009-03-07 10:25 --------- d-----w c:\documents and settings\Administrator\Data aplikací\PSpad
2009-03-07 10:24 --------- d-----w c:\program files\PSPad editor
2009-03-07 10:16 --------- d-----w c:\program files\OpenOffice.org 3
2009-03-07 09:52 --------- d-----w c:\program files\Microsoft Works
2009-03-07 09:20 --------- d--h--w c:\program files\CanonBJ
2009-03-07 09:20 --------- d--h--w c:\documents and settings\All Users\Data aplikací\CanonBJ
2009-03-07 09:16 --------- d-----w c:\documents and settings\Administrator\Data aplikací\QIP
2009-03-07 09:06 --------- d-----w c:\documents and settings\All Users\Data aplikací\ashampoo
2009-03-07 09:06 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Ashampoo
2009-03-07 09:05 --------- d-----w c:\program files\Ashampoo
2009-03-07 09:04 --------- d-----w c:\program files\Foxit Software
2009-03-07 09:04 --------- d-----w c:\program files\AskBarDis
2009-03-07 09:04 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Foxit
2009-03-07 08:51 --------- d-----w c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2009-03-07 08:50 --------- d-sh--w c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-07 08:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-07 08:36 --------- d-----w c:\program files\SpeedProject
2009-03-07 08:36 --------- d-----w c:\documents and settings\Administrator\Data aplikací\SpeedProject
2009-03-07 08:13 --------- d-----w c:\program files\VIA
2009-03-07 08:05 --------- d-----w c:\program files\Opera
2009-03-07 07:18 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ESET
2009-03-07 07:13 --------- d-----w c:\program files\7-Zip
2009-03-07 06:33 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-04 05:57 11,702,272 ----a-w c:\windows\system32\atioglxx.dll
2009-02-04 05:03 290,816 ----a-w c:\windows\system32\atiok3x2.dll
2009-02-04 04:56 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-02-04 04:55 324,096 ----a-w c:\windows\system32\ati2dvag.dll
2009-02-04 04:44 196,608 ----a-w c:\windows\system32\atipdlxx.dll
2009-02-04 04:44 155,648 ----a-w c:\windows\system32\Oemdspif.dll
2009-02-04 04:43 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2009-02-04 04:43 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-02-04 04:43 155,648 ----a-w c:\windows\system32\ati2evxx.dll
2009-02-04 04:41 602,112 ----a-w c:\windows\system32\ati2evxx.exe
2009-02-04 04:40 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-02-04 04:30 3,884,768 ----a-w c:\windows\system32\ati3duag.dll
2009-02-04 04:14 2,645,504 ----a-w c:\windows\system32\ativvaxx.dll
2009-02-04 03:58 49,664 ----a-w c:\windows\system32\amdpcom32.dll
2009-02-04 03:54 471,040 ----a-w c:\windows\system32\atikvmag.dll
2009-02-04 03:53 122,880 ----a-w c:\windows\system32\atiadlxx.dll
2009-02-04 03:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2009-02-04 03:46 626,688 ----a-w c:\windows\system32\ati2cqag.dll
2009-02-04 03:44 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-02-04 02:43 45,056 ----a-w c:\windows\system32\aticalrt.dll
2009-02-04 02:42 45,056 ----a-w c:\windows\system32\aticalcl.dll
2009-02-04 02:40 3,244,032 ----a-w c:\windows\system32\aticaldd.dll
2009-02-03 20:05 593,920 ------w c:\windows\system32\ati2sgag.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 13:58 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FLSDeviceControlPanel"="c:\windows\system32\FLSDEVCP.EXE" [2009-03-20 91696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TSS Instrument API Tray Utility.lnk - c:\program files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [2007-12-07 77824]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Tss\\Instrument API\\bin\\root.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [2009-03-20 49720]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-03-19 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-03-19 731840]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [2009-03-20 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [2009-03-20 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [2009-03-20 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [2009-03-20 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [2009-03-20 34048]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [2009-03-20 10454]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-20 603904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2002-12-05 3584]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe --> c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-04-08 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-08 18:54:06
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ovfsthtpdwqpqxumfasrnvpfyfsjwcdovphowf]
"imagepath"="\systemroot\system32\drivers\ovfsthssxckbmwoofbmkllnhlraddlkrdrwyqw.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\14d595e7]
"ImagePath"="\SystemRoot\System32\drivers\14d595e7.sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\s-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\s-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-04-08 18:55:49
ComboFix-quarantined-files.txt 2009-04-08 16:55:46

Před spuštěním: 9 309 700 096
Po spuštění: 9,725,366,272

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=K9V8AX /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=K9V8AX-BAK

306 --- E O F --- 2009-03-21 10:00:44

Malwarebytes' Anti-Malware 1.36
Verze databáze: 1952
Windows 5.1.2600 Service Pack 3

8.4.2009 20:11:17
mbam-log-2009-04-08 (20-11-17).txt

Typ skenu: Rychlý sken
Objektu skenováno: 70526
Uplynulý cas: 4 minute(s), 26 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)

Krok1*
Stáhni tento program:Flash Disinfector (by sUBs)
-Spusť Flash Disinfector a počkej až tě program bude informovat o ukončení své činnosti.

Krok2*
Stáhni si SuperAntiSpywyare:
http://www.superantispyware.com/downloa ... PYWAREFREE
proveď sken a odstraň nákazy.

Krok3*
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\system32\drivers\14d595e7.sys

Folder::
c:\program files\AskBarDis

Driver::
14d595e7

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ovfsthtpdwqpqxumfasrnvpfyfsjwcdovphowf]
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\14d595e7]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Toto otestuj na Virustotal
c:\windows\system32\ftp_non_crp.exe
Vlož sem pak odkaz výsledku.
Ten cracklý NOD32 si odinstaluj , po odvirování si stáhni free antivir Avira, Avast nebo AVG....
Podívám se zítra..

Při testování uvedeného souboru na virusportal mi vyšla tato chyba: "0 bytes size received / Se ha recibido un archivo vacio".
Teď du odinstalovat ESET a nainstalovat tu aviru. Čekám na odpověď. Díky

Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.767.370 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *disabled*
* Vytvořen nový Bod Obnovení

FILE ::
c:\windows\system32\drivers\14d595e7.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\0010BA18
c:\program files\AskBarDis\bar\Cache\0010C15E
c:\program files\AskBarDis\bar\Cache\0010C41B.bin
c:\program files\AskBarDis\bar\Cache\0010C5B6.bin
c:\program files\AskBarDis\bar\Cache\0010C82D.bin
c:\program files\AskBarDis\bar\Cache\0010C995.bin
c:\program files\AskBarDis\bar\Cache\0010CBA8.bin
c:\program files\AskBarDis\bar\Cache\0010CD1B.bin
c:\program files\AskBarDis\bar\Cache\0010CE83.bin
c:\program files\AskBarDis\bar\Cache\0010D064.bin
c:\program files\AskBarDis\bar\Cache\0010D29F.bin
c:\program files\AskBarDis\bar\Cache\0010D494.bin
c:\program files\AskBarDis\bar\Cache\00142FF0.bin
c:\program files\AskBarDis\bar\Cache\001432A3.bin
c:\program files\AskBarDis\bar\Cache\00143401.bin
c:\program files\AskBarDis\bar\Cache\00143560.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\windows\system32\ovfsthexjkqnjktxvmyqvpaclkymexetymykmr.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-03-09 do 2009-04-09 )))))))))))))))))))))))))))))))
.

2009-04-09 07:49 . 2009-04-09 07:49 0 --a------ c:\windows\system32\drivers\ovfsth.sys
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:03 . 2009-04-09 07:03 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-04-08 20:27 . 2009-04-08 20:27 747 --a------ c:\windows\system32\ovfsthlog.dat
2009-04-08 18:56 . 2009-04-08 20:05 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-08 18:56 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-08 18:39 . 2009-04-08 18:39 155 --a------ c:\windows\system32\SelfDel.bat
2009-04-05 11:24 . 2009-04-05 11:24 <DIR> d-------- c:\program files\ESET
2009-04-05 10:29 . 2009-04-05 10:29 0 --a------ c:\windows\system32\drivers\ovfsthueqxotbeonoiqaykmvimkgpjovydtltv.sys
2009-04-05 10:28 . 2009-04-05 10:28 50,632 --a------ c:\windows\system32\drivers\MiniIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 <DIR> d--hs---- C:\#GDATA.Trash.Store#
2009-04-05 10:25 . 2009-04-05 10:25 51,016 --a------ c:\windows\system32\drivers\GDTdiIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 22,272 --a------ c:\windows\system32\drivers\GDNdisIc.sys
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\program files\G DATA
2009-04-05 10:24 . 2009-04-05 10:47 <DIR> d-------- c:\program files\Common Files\G DATA
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\G DATA
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\program files\Common Files\Symantec Shared
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Symantec
2009-04-05 10:01 . 2009-04-09 06:56 43 --a------ c:\windows\system32\ovfsthogeuimivmfidedxkgoeskhghoprxxljx.dat
2009-04-05 09:55 . 2009-04-09 07:01 70,215 --a------ c:\windows\system32\ovfsthonbodpblbjlirhmuvfhnyysuxdrctasx.dat
2009-04-05 09:55 . 2009-04-05 09:55 18,944 --a------ c:\windows\system32\ovfsthdfimtesrguisxjrltfmotfvittwniwwb.dll
2009-04-05 09:55 . 2009-04-05 09:55 18,432 --a------ c:\windows\system32\ovfsthasmfpiwsmbicbtqsebmrcesruewvanvp.dll
2009-03-29 15:28 . 2009-03-29 15:28 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Search
2009-03-28 23:48 . 2009-03-28 23:48 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Azureus
2009-03-28 23:48 . 2009-03-29 00:17 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Azureus
2009-03-28 23:47 . 2009-03-28 23:48 <DIR> d-------- c:\program files\Vuze
2009-03-28 23:46 . 2009-03-28 23:45 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-28 23:46 . 2009-03-28 23:45 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-28 23:45 . 2009-03-28 23:45 <DIR> d-------- c:\program files\Java
2009-03-28 09:26 . 2008-03-03 15:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg
2009-03-28 09:26 . 2008-03-03 19:21 568 --ah----- c:\windows\nod32fixtemdono.reg
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-21 16:27 . 2009-03-21 16:27 <DIR> d-------- c:\windows\zy_tmp
2009-03-21 16:27 . 2004-08-17 12:23 5,120 --a------ c:\windows\system32\tcusbdrv.dll
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-03-21 12:00 . 2009-03-21 12:00 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-20 23:28 . 2009-03-20 23:28 4,263 --a------ c:\windows\system32\FLSINSTU.INI
2009-03-20 23:05 . 2009-03-20 23:05 2,331,008 --a------ c:\windows\system32\TUKernel.exe
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d-------- c:\program files\Stardock
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d--h-c--- c:\documents and settings\All Users\Data aplikací\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-03-20 23:02 . 2009-03-20 23:02 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-20 23:02 . 2009-03-20 23:02 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-20 23:02 . 2008-12-11 14:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-20 23:01 . 2009-03-20 23:02 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-20 22:40 . 2009-03-20 22:40 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Styler
2009-03-20 22:37 . 2009-03-20 22:40 <DIR> d-------- c:\program files\Styler
2009-03-20 21:23 . 2002-08-12 17:20 27,264 --a------ c:\windows\system32\drivers\rndismpk.sys
2009-03-20 21:23 . 2002-08-12 17:20 11,136 --a------ c:\windows\system32\drivers\usb8023k.sys
2009-03-20 17:30 . 2009-03-20 17:30 256 --a------ C:\dk2.mem
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\Nokia
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\DESkey
2009-03-20 17:02 . 2009-03-20 17:02 2,325,304 --a------ c:\windows\system32\DK2INST.DLL
2009-03-20 17:01 . 2009-03-20 23:26 <DIR> d-------- c:\program files\Nokia
2009-03-20 17:01 . 2008-02-01 17:17 90,624 --a------ c:\windows\system32\nmwcdcls.dll
2009-03-20 17:00 . 2009-03-20 17:00 <DIR> d-------- c:\program files\MSXML 6.0
2009-03-20 16:53 . 2008-04-14 08:52 219,648 --a------ c:\windows\system32\uxtheme.uxtender
2009-03-19 11:45 . 2009-03-19 11:45 131,976 --a------ c:\windows\system32\drivers\epfw.sys
2009-03-19 11:45 . 2009-03-19 11:45 55,768 --a------ c:\windows\system32\drivers\epfwtdi.sys
2009-03-19 11:45 . 2009-03-19 11:45 33,096 --a------ c:\windows\system32\drivers\epfwndis.sys
2009-03-19 11:44 . 2009-03-19 11:44 107,256 --a------ c:\windows\system32\drivers\ehdrv.sys
2009-03-19 11:41 . 2009-03-19 11:41 113,960 --a------ c:\windows\system32\drivers\eamon.sys
2009-03-15 10:17 . 2009-03-15 11:05 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\BMC
2009-03-15 10:15 . 2009-03-20 23:28 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-15 10:15 . 2009-03-15 10:15 91,136 --a------ c:\windows\system32\drivers\susbser.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-03-12 19:20 . 2009-03-12 19:20 <DIR> d-------- c:\program files\WinSCP
2009-03-12 18:12 . 2009-03-12 18:12 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\OpenOffice.org
2009-03-12 17:51 . 2009-03-12 17:53 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\vlc
2009-03-12 17:51 . 2009-03-14 19:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\dvdcss
2009-03-11 14:41 . 2009-03-11 14:41 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-03-11 14:40 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-11 14:30 . 2009-03-11 14:40 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-11 14:29 . 2009-03-11 14:29 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-11 14:28 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-11 14:28 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-11 14:22 . 2009-03-11 14:22 <DIR> d-------- c:\program files\Microsoft
2009-03-11 14:21 . 2009-03-11 14:21 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Desktop Search
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\windows\system32\GroupPolicy
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\program files\Windows Desktop Search
2009-03-11 14:18 . 2009-03-11 14:18 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-03-11 14:16 . 2009-03-11 14:16 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-11 14:16 . 2009-03-11 14:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-03-11 14:13 . 2009-03-11 14:14 <DIR> d-------- c:\windows\system32\URTTemp
2009-03-11 09:00 . 2008-12-21 01:03 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-11 09:00 . 2007-04-17 11:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-11 09:00 . 2007-03-08 07:09 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-11 09:00 . 2008-12-21 01:03 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-11 09:00 . 2008-12-21 01:03 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-11 09:00 . 2008-12-21 01:03 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-11 09:00 . 2008-12-21 01:03 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-11 09:00 . 2008-12-21 01:03 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-11 09:00 . 2008-12-19 11:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-09 07:42 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-09 07:42 . 2008-10-16 15:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-09 07:42 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-08 18:46 --------- d-----w c:\program files\Krteček 2.1.3
2009-04-06 19:41 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Skype
2009-04-06 18:44 --------- d-----w c:\documents and settings\Administrator\Data aplikací\skypePM
2009-04-05 13:31 --------- d-----w c:\program files\foobar2000
2009-04-05 08:56 --------- d-----w c:\documents and settings\All Users\Data aplikací\ESET
2009-03-29 13:12 --------- d-----w c:\documents and settings\Administrator\Data aplikací\gtk-2.0
2009-03-29 12:42 --------- d-----w c:\program files\QIP Infium
2009-03-21 14:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-21 14:27 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\DNClnt32.dll
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\dkcpanel.exe
2009-03-20 15:02 89,400 ----a-w c:\windows\system32\DNCP32.DLL
2009-03-20 15:02 76,600 ----a-w c:\windows\system32\dk2cp32.dll
2009-03-20 15:02 64,312 ----a-w c:\windows\system32\vercp32.dll
2009-03-20 15:02 49,720 ----a-w c:\windows\system32\drivers\dk2drv.sys
2009-03-20 15:02 32,208 ----a-w c:\windows\system32\dk2win16.dll
2009-03-20 15:02 30,520 ----a-w c:\windows\system32\DK2UInst.exe
2009-03-20 15:02 24,488 ----a-w c:\windows\system32\dk2vdd.dll
2009-03-20 15:02 18,360 ----a-w c:\windows\system32\drivers\DK2USB.sys
2009-03-20 15:02 14,856 ----a-w c:\windows\system32\drivers\dkpccard.sys
2009-03-20 15:02 11,576 ----a-w c:\windows\system32\DKCLINST.DLL
2009-03-20 14:53 219,648 ----a-w c:\windows\system32\uxtheme.dll
2009-03-17 18:02 --------- d-----w c:\program files\ICQ6.5
2009-03-17 18:02 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ICQ
2009-03-11 12:29 --------- d-----w c:\program files\MSBuild
2009-03-11 06:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-03-08 20:13 --------- d-----w c:\program files\GIMP-2.0
2009-03-07 21:24 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Media Player Classic
2009-03-07 10:40 --------- d-----w c:\program files\VideoLAN
2009-03-07 10:37 --------- d-----w c:\program files\Common Files\Skype
2009-03-07 10:37 --------- d-----w c:\documents and settings\All Users\Data aplikací\Skype
2009-03-07 10:37 --------- d-----r c:\program files\Skype
2009-03-07 10:25 --------- d-----w c:\documents and settings\Administrator\Data aplikací\PSpad
2009-03-07 10:24 --------- d-----w c:\program files\PSPad editor
2009-03-07 10:16 --------- d-----w c:\program files\OpenOffice.org 3
2009-03-07 09:52 --------- d-----w c:\program files\Microsoft Works
2009-03-07 09:20 --------- d--h--w c:\program files\CanonBJ
2009-03-07 09:20 --------- d--h--w c:\documents and settings\All Users\Data aplikací\CanonBJ
2009-03-07 09:16 --------- d-----w c:\documents and settings\Administrator\Data aplikací\QIP
2009-03-07 09:06 --------- d-----w c:\documents and settings\All Users\Data aplikací\ashampoo
2009-03-07 09:06 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Ashampoo
2009-03-07 09:05 --------- d-----w c:\program files\Ashampoo
2009-03-07 09:04 --------- d-----w c:\program files\Foxit Software
2009-03-07 09:04 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Foxit
2009-03-07 08:51 --------- d-----w c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2009-03-07 08:50 --------- d-sh--w c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-07 08:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-07 08:36 --------- d-----w c:\program files\SpeedProject
2009-03-07 08:36 --------- d-----w c:\documents and settings\Administrator\Data aplikací\SpeedProject
2009-03-07 08:13 --------- d-----w c:\program files\VIA
2009-03-07 08:05 --------- d-----w c:\program files\Opera
2009-03-07 07:18 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ESET
2009-03-07 07:13 --------- d-----w c:\program files\7-Zip
2009-03-07 06:33 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-04 05:57 11,702,272 ----a-w c:\windows\system32\atioglxx.dll
2009-02-04 05:03 290,816 ----a-w c:\windows\system32\atiok3x2.dll
2009-02-04 04:56 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-02-04 04:55 324,096 ----a-w c:\windows\system32\ati2dvag.dll
2009-02-04 04:44 196,608 ----a-w c:\windows\system32\atipdlxx.dll
2009-02-04 04:44 155,648 ----a-w c:\windows\system32\Oemdspif.dll
2009-02-04 04:43 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2009-02-04 04:43 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-02-04 04:43 155,648 ----a-w c:\windows\system32\ati2evxx.dll
2009-02-04 04:41 602,112 ----a-w c:\windows\system32\ati2evxx.exe
2009-02-04 04:40 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-02-04 04:30 3,884,768 ----a-w c:\windows\system32\ati3duag.dll
2009-02-04 04:14 2,645,504 ----a-w c:\windows\system32\ativvaxx.dll
2009-02-04 03:58 49,664 ----a-w c:\windows\system32\amdpcom32.dll
2009-02-04 03:54 471,040 ----a-w c:\windows\system32\atikvmag.dll
2009-02-04 03:53 122,880 ----a-w c:\windows\system32\atiadlxx.dll
2009-02-04 03:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2009-02-04 03:46 626,688 ----a-w c:\windows\system32\ati2cqag.dll
2009-02-04 03:44 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-02-04 02:43 45,056 ----a-w c:\windows\system32\aticalrt.dll
2009-02-04 02:42 45,056 ----a-w c:\windows\system32\aticalcl.dll
2009-02-04 02:40 3,244,032 ----a-w c:\windows\system32\aticaldd.dll
2009-02-03 20:05 593,920 ------w c:\windows\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-04-08_18.54.40,34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-09 05:04:05 18,944 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2009-04-09 05:04:05 65,024 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
- 2009-04-08 16:39:08 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-04-09 04:55:29 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-04-08 16:39:08 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-09 04:55:29 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-09 05:50:44 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_26c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-03-23 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FLSDeviceControlPanel"="c:\windows\system32\FLSDEVCP.EXE" [2009-03-20 91696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TSS Instrument API Tray Utility.lnk - c:\program files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [2007-12-07 77824]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
2008-12-22 12:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Tss\\Instrument API\\bin\\root.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [2009-03-20 49720]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-03-19 107256]
R1 sasdifsv;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-03-23 9968]
R1 saskutil;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-03-23 72944]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-03-19 731840]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [2009-03-20 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [2009-03-20 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [2009-03-20 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [2009-03-20 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [2009-03-20 34048]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [2009-03-20 10454]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-20 603904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
R3 sasenum;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2002-12-05 3584]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe --> c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-04-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 07:56:36
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(864)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-04-09 7:58:42
ComboFix-quarantined-files.txt 2009-04-09 05:58:34
ComboFix2.txt 2009-04-08 16:55:52

Před spuštěním: 9 642 704 896
Po spuštění: 9,637,167,104

342 --- E O F --- 2009-03-21 10:00:44

Malwarebytes' Anti-Malware 1.36
Verze databáze: 1952
Windows 5.1.2600 Service Pack 3

9.4.2009 8:03:50
mbam-log-2009-04-09 (08-03-47).txt

Typ skenu: Rychlý sken
Objektu skenováno: 70366
Uplynulý cas: 4 minute(s), 12 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 7

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
C:\WINDOWS\system32\drivers\ovfsth.sys (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\ovfsthueqxotbeonoiqaykmvimkgpjovydtltv.sys (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ovfsthasmfpiwsmbicbtqsebmrcesruewvanvp.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ovfsthdfimtesrguisxjrltfmotfvittwniwwb.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ovfsthlog.dat (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ovfsthogeuimivmfidedxkgoeskhghoprxxljx.dat (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ovfsthonbodpblbjlirhmuvfhnyysuxdrctasx.dat (Trojan.Agent) -> No action taken.

Zase se Ti tam něco dostalo.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log z MbAM.
Potom zase nový log z CF.

ComboFix 09-04-04.01 - Administrator 2009-04-09 10:20:04.3 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.767.470 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-03-09 do 2009-04-09 )))))))))))))))))))))))))))))))
.

2009-04-09 08:33 . 2009-04-09 08:33 <DIR> d-------- c:\program files\Avira
2009-04-09 08:33 . 2009-04-09 08:33 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Avira
2009-04-09 08:33 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:03 . 2009-04-09 07:03 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-04-08 18:56 . 2009-04-08 20:05 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-08 18:56 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-08 18:39 . 2009-04-08 18:39 155 --a------ c:\windows\system32\SelfDel.bat
2009-04-05 10:28 . 2009-04-05 10:28 50,632 --a------ c:\windows\system32\drivers\MiniIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 <DIR> d--hs---- C:\#GDATA.Trash.Store#
2009-04-05 10:25 . 2009-04-05 10:25 51,016 --a------ c:\windows\system32\drivers\GDTdiIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 22,272 --a------ c:\windows\system32\drivers\GDNdisIc.sys
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\program files\G DATA
2009-04-05 10:24 . 2009-04-05 10:47 <DIR> d-------- c:\program files\Common Files\G DATA
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\G DATA
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\program files\Common Files\Symantec Shared
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Symantec
2009-03-29 15:28 . 2009-03-29 15:28 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Search
2009-03-28 23:48 . 2009-03-28 23:48 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Azureus
2009-03-28 23:48 . 2009-03-29 00:17 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Azureus
2009-03-28 23:47 . 2009-03-28 23:48 <DIR> d-------- c:\program files\Vuze
2009-03-28 23:46 . 2009-03-28 23:45 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-28 23:46 . 2009-03-28 23:45 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-28 23:45 . 2009-03-28 23:45 <DIR> d-------- c:\program files\Java
2009-03-28 09:26 . 2008-03-03 15:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg
2009-03-28 09:26 . 2008-03-03 19:21 568 --ah----- c:\windows\nod32fixtemdono.reg
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-21 16:27 . 2009-03-21 16:27 <DIR> d-------- c:\windows\zy_tmp
2009-03-21 16:27 . 2004-08-17 12:23 5,120 --a------ c:\windows\system32\tcusbdrv.dll
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-03-21 12:00 . 2009-03-21 12:00 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-20 23:28 . 2009-03-20 23:28 4,263 --a------ c:\windows\system32\FLSINSTU.INI
2009-03-20 23:05 . 2009-03-20 23:05 2,331,008 --a------ c:\windows\system32\TUKernel.exe
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d-------- c:\program files\Stardock
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d--h-c--- c:\documents and settings\All Users\Data aplikací\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-03-20 23:02 . 2009-03-20 23:02 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-20 23:02 . 2009-03-20 23:02 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-20 23:02 . 2008-12-11 14:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-20 23:01 . 2009-03-20 23:02 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-20 22:40 . 2009-03-20 22:40 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Styler
2009-03-20 22:37 . 2009-03-20 22:40 <DIR> d-------- c:\program files\Styler
2009-03-20 21:23 . 2002-08-12 17:20 27,264 --a------ c:\windows\system32\drivers\rndismpk.sys
2009-03-20 21:23 . 2002-08-12 17:20 11,136 --a------ c:\windows\system32\drivers\usb8023k.sys
2009-03-20 17:30 . 2009-03-20 17:30 256 --a------ C:\dk2.mem
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\Nokia
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\DESkey
2009-03-20 17:02 . 2009-03-20 17:02 2,325,304 --a------ c:\windows\system32\DK2INST.DLL
2009-03-20 17:01 . 2009-03-20 23:26 <DIR> d-------- c:\program files\Nokia
2009-03-20 17:01 . 2008-02-01 17:17 90,624 --a------ c:\windows\system32\nmwcdcls.dll
2009-03-20 17:00 . 2009-03-20 17:00 <DIR> d-------- c:\program files\MSXML 6.0
2009-03-20 16:53 . 2008-04-14 08:52 219,648 --a------ c:\windows\system32\uxtheme.uxtender
2009-03-15 10:17 . 2009-03-15 11:05 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\BMC
2009-03-15 10:15 . 2009-03-20 23:28 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-15 10:15 . 2009-03-15 10:15 91,136 --a------ c:\windows\system32\drivers\susbser.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-03-12 19:20 . 2009-03-12 19:20 <DIR> d-------- c:\program files\WinSCP
2009-03-12 18:12 . 2009-03-12 18:12 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\OpenOffice.org
2009-03-12 17:51 . 2009-03-12 17:53 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\vlc
2009-03-12 17:51 . 2009-03-14 19:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\dvdcss
2009-03-11 14:41 . 2009-03-11 14:41 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-03-11 14:40 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-11 14:30 . 2009-03-11 14:40 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-11 14:29 . 2009-03-11 14:29 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-11 14:28 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-11 14:28 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-11 14:22 . 2009-03-11 14:22 <DIR> d-------- c:\program files\Microsoft
2009-03-11 14:21 . 2009-03-11 14:21 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Desktop Search
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\windows\system32\GroupPolicy
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\program files\Windows Desktop Search
2009-03-11 14:18 . 2009-03-11 14:18 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-03-11 14:16 . 2009-03-11 14:16 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-11 14:16 . 2009-03-11 14:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-03-11 14:13 . 2009-03-11 14:14 <DIR> d-------- c:\windows\system32\URTTemp
2009-03-11 09:00 . 2008-12-21 01:03 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-11 09:00 . 2007-04-17 11:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-11 09:00 . 2007-03-08 07:09 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-11 09:00 . 2008-12-21 01:03 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-11 09:00 . 2008-12-21 01:03 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-11 09:00 . 2008-12-21 01:03 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-11 09:00 . 2008-12-21 01:03 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-11 09:00 . 2008-12-21 01:03 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-11 09:00 . 2008-12-19 11:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-09 07:42 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-09 07:42 . 2008-10-16 15:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-09 07:42 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 08:09 --------- d-----w c:\program files\foobar2000
2009-04-08 18:46 --------- d-----w c:\program files\Krteček 2.1.3
2009-04-06 19:41 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Skype
2009-04-06 18:44 --------- d-----w c:\documents and settings\Administrator\Data aplikací\skypePM
2009-04-05 08:56 --------- d-----w c:\documents and settings\All Users\Data aplikací\ESET
2009-03-29 13:12 --------- d-----w c:\documents and settings\Administrator\Data aplikací\gtk-2.0
2009-03-29 12:42 --------- d-----w c:\program files\QIP Infium
2009-03-21 14:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-21 14:27 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\DNClnt32.dll
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\dkcpanel.exe
2009-03-20 15:02 89,400 ----a-w c:\windows\system32\DNCP32.DLL
2009-03-20 15:02 76,600 ----a-w c:\windows\system32\dk2cp32.dll
2009-03-20 15:02 64,312 ----a-w c:\windows\system32\vercp32.dll
2009-03-20 15:02 49,720 ----a-w c:\windows\system32\drivers\dk2drv.sys
2009-03-20 15:02 32,208 ----a-w c:\windows\system32\dk2win16.dll
2009-03-20 15:02 30,520 ----a-w c:\windows\system32\DK2UInst.exe
2009-03-20 15:02 24,488 ----a-w c:\windows\system32\dk2vdd.dll
2009-03-20 15:02 18,360 ----a-w c:\windows\system32\drivers\DK2USB.sys
2009-03-20 15:02 14,856 ----a-w c:\windows\system32\drivers\dkpccard.sys
2009-03-20 15:02 11,576 ----a-w c:\windows\system32\DKCLINST.DLL
2009-03-20 14:53 219,648 ----a-w c:\windows\system32\uxtheme.dll
2009-03-17 18:02 --------- d-----w c:\program files\ICQ6.5
2009-03-17 18:02 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ICQ
2009-03-11 12:29 --------- d-----w c:\program files\MSBuild
2009-03-11 06:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-03-08 20:13 --------- d-----w c:\program files\GIMP-2.0
2009-03-07 21:24 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Media Player Classic
2009-03-07 10:40 --------- d-----w c:\program files\VideoLAN
2009-03-07 10:37 --------- d-----w c:\program files\Common Files\Skype
2009-03-07 10:37 --------- d-----w c:\documents and settings\All Users\Data aplikací\Skype
2009-03-07 10:37 --------- d-----r c:\program files\Skype
2009-03-07 10:25 --------- d-----w c:\documents and settings\Administrator\Data aplikací\PSpad
2009-03-07 10:24 --------- d-----w c:\program files\PSPad editor
2009-03-07 10:16 --------- d-----w c:\program files\OpenOffice.org 3
2009-03-07 09:52 --------- d-----w c:\program files\Microsoft Works
2009-03-07 09:20 --------- d--h--w c:\program files\CanonBJ
2009-03-07 09:20 --------- d--h--w c:\documents and settings\All Users\Data aplikací\CanonBJ
2009-03-07 09:16 --------- d-----w c:\documents and settings\Administrator\Data aplikací\QIP
2009-03-07 09:06 --------- d-----w c:\documents and settings\All Users\Data aplikací\ashampoo
2009-03-07 09:06 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Ashampoo
2009-03-07 09:05 --------- d-----w c:\program files\Ashampoo
2009-03-07 09:04 --------- d-----w c:\program files\Foxit Software
2009-03-07 09:04 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Foxit
2009-03-07 08:51 --------- d-----w c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2009-03-07 08:50 --------- d-sh--w c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-07 08:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-07 08:36 --------- d-----w c:\program files\SpeedProject
2009-03-07 08:36 --------- d-----w c:\documents and settings\Administrator\Data aplikací\SpeedProject
2009-03-07 08:13 --------- d-----w c:\program files\VIA
2009-03-07 08:05 --------- d-----w c:\program files\Opera
2009-03-07 07:18 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ESET
2009-03-07 07:13 --------- d-----w c:\program files\7-Zip
2009-03-07 06:33 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-04 05:57 11,702,272 ----a-w c:\windows\system32\atioglxx.dll
2009-02-04 05:03 290,816 ----a-w c:\windows\system32\atiok3x2.dll
2009-02-04 04:56 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-02-04 04:55 324,096 ----a-w c:\windows\system32\ati2dvag.dll
2009-02-04 04:44 196,608 ----a-w c:\windows\system32\atipdlxx.dll
2009-02-04 04:44 155,648 ----a-w c:\windows\system32\Oemdspif.dll
2009-02-04 04:43 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2009-02-04 04:43 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-02-04 04:43 155,648 ----a-w c:\windows\system32\ati2evxx.dll
2009-02-04 04:41 602,112 ----a-w c:\windows\system32\ati2evxx.exe
2009-02-04 04:40 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-02-04 04:30 3,884,768 ----a-w c:\windows\system32\ati3duag.dll
2009-02-04 04:14 2,645,504 ----a-w c:\windows\system32\ativvaxx.dll
2009-02-04 03:58 49,664 ----a-w c:\windows\system32\amdpcom32.dll
2009-02-04 03:54 471,040 ----a-w c:\windows\system32\atikvmag.dll
2009-02-04 03:53 122,880 ----a-w c:\windows\system32\atiadlxx.dll
2009-02-04 03:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2009-02-04 03:46 626,688 ----a-w c:\windows\system32\ati2cqag.dll
2009-02-04 03:44 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-02-04 02:43 45,056 ----a-w c:\windows\system32\aticalrt.dll
2009-02-04 02:42 45,056 ----a-w c:\windows\system32\aticalcl.dll
2009-02-04 02:40 3,244,032 ----a-w c:\windows\system32\aticaldd.dll
2009-02-03 20:05 593,920 ------w c:\windows\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-04-08_18.54.40,34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-09 05:04:05 18,944 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2009-04-09 05:04:05 65,024 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
- 2009-04-08 16:39:08 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-04-09 04:55:29 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-04-08 16:39:08 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-09 04:55:29 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-02-13 09:17:49 45,416 ----a-w c:\windows\system32\drivers\avgntdd.sys
+ 2009-02-13 09:29:11 22,360 ----a-w c:\windows\system32\drivers\avgntmgr.sys
+ 2009-02-13 12:22:54 95,576 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2009-02-13 09:50:02 28,376 ----a-w c:\windows\system32\drivers\ssmdrv.sys
+ 2009-04-09 08:17:18 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_608.dat
+ 2008-07-29 06:05:06 161,784 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2008-07-29 01:54:08 225,280 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 06:05:08 572,928 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 06:05:08 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 06:05:08 3,768,312 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2008-07-29 06:05:10 3,783,672 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 04:07:42 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2008-07-29 04:07:42 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 06:05:08 66,560 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 06:05:08 56,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 06:05:06 65,024 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 06:05:08 65,024 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 06:05:06 66,048 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 06:05:06 38,912 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 06:05:06 39,936 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 06:05:08 64,512 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 06:05:08 46,592 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 06:05:08 46,080 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 06:05:08 62,976 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2007-11-07 00:19:20 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-03-23 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FLSDeviceControlPanel"="c:\windows\system32\FLSDEVCP.EXE" [2009-03-20 91696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TSS Instrument API Tray Utility.lnk - c:\program files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [2007-12-07 77824]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
2008-12-22 12:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Tss\\Instrument API\\bin\\root.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [2009-03-20 49720]
R1 sasdifsv;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-03-23 9968]
R1 saskutil;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-03-23 72944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-04-09 108289]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [2009-03-20 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [2009-03-20 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [2009-03-20 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [2009-03-20 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [2009-03-20 34048]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [2009-03-20 10454]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-20 603904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
R3 sasenum;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2002-12-05 3584]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe --> c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-04-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 10:22:09
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(516)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-04-09 10:24:05
ComboFix-quarantined-files.txt 2009-04-09 08:23:59
ComboFix2.txt 2009-04-09 05:58:44
ComboFix3.txt 2009-04-08 16:55:52

Před spuštěním: 9 813 438 464
Po spuštění: 9,806,962,688

325 --- E O F --- 2009-03-21 10:00:44

Malwarebytes' Anti-Malware 1.36
Verze databáze: 1952
Windows 5.1.2600 Service Pack 3

9.4.2009 10:15:10
mbam-log-2009-04-09 (10-15-10).txt

Typ skenu: Rychlý sken
Objektu skenováno: 70540
Uplynulý cas: 6 minute(s), 39 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 5

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
C:\WINDOWS\system32\drivers\ovfsth.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\ovfsthueqxotbeonoiqaykmvimkgpjovydtltv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovfsthlog.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovfsthogeuimivmfidedxkgoeskhghoprxxljx.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovfsthonbodpblbjlirhmuvfhnyysuxdrctasx.dat (Trojan.Agent) -> Quarantined and deleted successfully.

Po tom výmazu MbAM jsem ještě vlož zase nový log z CF.

Napřed jsem udělal výmaz v MbAM a pak jsem udělal log v ComboFix a ten jsem sem již vložil je te můj předchozí příspěvek. Pokud tedy správně chápu CF = ComboFix. Udělám v něm tedy ještě jeden log a pošlu.

ComboFix 09-04-04.01 - Administrator 2009-04-09 15:57:55.4 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.767.396 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-03-09 do 2009-04-09 )))))))))))))))))))))))))))))))
.

2009-04-09 13:47 . 2009-04-09 13:47 <DIR> d-------- c:\program files\Avira
2009-04-09 10:48 . 2009-04-09 13:47 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Avira
2009-04-09 08:33 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:03 . 2009-04-09 07:03 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-04-08 18:56 . 2009-04-08 20:05 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-08 18:56 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-08 18:39 . 2009-04-08 18:39 155 --a------ c:\windows\system32\SelfDel.bat
2009-04-05 10:28 . 2009-04-05 10:28 50,632 --a------ c:\windows\system32\drivers\MiniIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 <DIR> d--hs---- C:\#GDATA.Trash.Store#
2009-04-05 10:25 . 2009-04-05 10:25 51,016 --a------ c:\windows\system32\drivers\GDTdiIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 22,272 --a------ c:\windows\system32\drivers\GDNdisIc.sys
2009-04-05 10:24 . 2009-04-05 10:47 <DIR> d-------- c:\program files\Common Files\G DATA
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\G DATA
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\program files\Common Files\Symantec Shared
2009-04-05 10:07 . 2009-04-05 10:07 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Symantec
2009-03-29 15:28 . 2009-03-29 15:28 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Search
2009-03-28 23:48 . 2009-03-28 23:48 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Azureus
2009-03-28 23:48 . 2009-03-29 00:17 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Azureus
2009-03-28 23:47 . 2009-03-28 23:48 <DIR> d-------- c:\program files\Vuze
2009-03-28 23:46 . 2009-03-28 23:45 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-28 23:46 . 2009-03-28 23:45 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-28 23:45 . 2009-03-28 23:45 <DIR> d-------- c:\program files\Java
2009-03-28 09:26 . 2008-03-03 15:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg
2009-03-28 09:26 . 2008-03-03 19:21 568 --ah----- c:\windows\nod32fixtemdono.reg
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-28 09:14 . 2009-03-28 09:14 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\ESET
2009-03-21 16:27 . 2009-03-21 16:27 <DIR> d-------- c:\windows\zy_tmp
2009-03-21 16:27 . 2004-08-17 12:23 5,120 --a------ c:\windows\system32\tcusbdrv.dll
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-03-21 12:00 . 2009-03-21 12:00 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-20 23:28 . 2009-03-20 23:28 4,263 --a------ c:\windows\system32\FLSINSTU.INI
2009-03-20 23:05 . 2009-03-20 23:05 2,331,008 --a------ c:\windows\system32\TUKernel.exe
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d-------- c:\program files\Stardock
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d--h-c--- c:\documents and settings\All Users\Data aplikací\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-03-20 23:02 . 2009-03-20 23:02 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-20 23:02 . 2009-03-20 23:02 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-20 23:02 . 2008-12-11 14:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-20 23:01 . 2009-03-20 23:02 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-20 22:40 . 2009-03-20 22:40 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Styler
2009-03-20 22:37 . 2009-03-20 22:40 <DIR> d-------- c:\program files\Styler
2009-03-20 21:23 . 2002-08-12 17:20 27,264 --a------ c:\windows\system32\drivers\rndismpk.sys
2009-03-20 21:23 . 2002-08-12 17:20 11,136 --a------ c:\windows\system32\drivers\usb8023k.sys
2009-03-20 17:30 . 2009-03-20 17:30 256 --a------ C:\dk2.mem
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\Nokia
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\DESkey
2009-03-20 17:02 . 2009-03-20 17:02 2,325,304 --a------ c:\windows\system32\DK2INST.DLL
2009-03-20 17:01 . 2009-03-20 23:26 <DIR> d-------- c:\program files\Nokia
2009-03-20 17:01 . 2008-02-01 17:17 90,624 --a------ c:\windows\system32\nmwcdcls.dll
2009-03-20 17:00 . 2009-03-20 17:00 <DIR> d-------- c:\program files\MSXML 6.0
2009-03-20 16:53 . 2008-04-14 08:52 219,648 --a------ c:\windows\system32\uxtheme.uxtender
2009-03-15 10:17 . 2009-03-15 11:05 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\BMC
2009-03-15 10:15 . 2009-03-20 23:28 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-15 10:15 . 2009-03-15 10:15 91,136 --a------ c:\windows\system32\drivers\susbser.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-03-12 19:20 . 2009-03-12 19:20 <DIR> d-------- c:\program files\WinSCP
2009-03-12 18:12 . 2009-03-12 18:12 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\OpenOffice.org
2009-03-12 17:51 . 2009-03-12 17:53 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\vlc
2009-03-12 17:51 . 2009-03-14 19:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\dvdcss
2009-03-11 14:41 . 2009-03-11 14:41 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-03-11 14:40 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-11 14:30 . 2009-03-11 14:40 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-11 14:29 . 2009-03-11 14:29 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-11 14:28 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-11 14:28 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-11 14:22 . 2009-03-11 14:22 <DIR> d-------- c:\program files\Microsoft
2009-03-11 14:21 . 2009-03-11 14:21 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Desktop Search
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\windows\system32\GroupPolicy
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\program files\Windows Desktop Search
2009-03-11 14:18 . 2009-03-11 14:18 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-03-11 14:16 . 2009-03-11 14:16 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-11 14:16 . 2009-03-11 14:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-03-11 14:13 . 2009-03-11 14:14 <DIR> d-------- c:\windows\system32\URTTemp
2009-03-11 09:00 . 2008-12-21 01:03 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-11 09:00 . 2007-04-17 11:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-11 09:00 . 2007-03-08 07:09 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-11 09:00 . 2008-12-21 01:03 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-11 09:00 . 2008-12-21 01:03 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-11 09:00 . 2008-12-21 01:03 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-11 09:00 . 2008-12-21 01:03 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-11 09:00 . 2008-12-21 01:03 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-11 09:00 . 2008-12-19 11:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-09 07:42 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-09 07:42 . 2008-10-16 15:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-09 07:42 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 08:09 --------- d-----w c:\program files\foobar2000
2009-04-08 18:46 --------- d-----w c:\program files\Krteček 2.1.3
2009-04-06 19:41 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Skype
2009-04-06 18:44 --------- d-----w c:\documents and settings\Administrator\Data aplikací\skypePM
2009-04-05 08:56 --------- d-----w c:\documents and settings\All Users\Data aplikací\ESET
2009-03-29 13:12 --------- d-----w c:\documents and settings\Administrator\Data aplikací\gtk-2.0
2009-03-29 12:42 --------- d-----w c:\program files\QIP Infium
2009-03-21 14:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-21 14:27 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\DNClnt32.dll
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\dkcpanel.exe
2009-03-20 15:02 89,400 ----a-w c:\windows\system32\DNCP32.DLL
2009-03-20 15:02 76,600 ----a-w c:\windows\system32\dk2cp32.dll
2009-03-20 15:02 64,312 ----a-w c:\windows\system32\vercp32.dll
2009-03-20 15:02 49,720 ----a-w c:\windows\system32\drivers\dk2drv.sys
2009-03-20 15:02 32,208 ----a-w c:\windows\system32\dk2win16.dll
2009-03-20 15:02 30,520 ----a-w c:\windows\system32\DK2UInst.exe
2009-03-20 15:02 24,488 ----a-w c:\windows\system32\dk2vdd.dll
2009-03-20 15:02 18,360 ----a-w c:\windows\system32\drivers\DK2USB.sys
2009-03-20 15:02 14,856 ----a-w c:\windows\system32\drivers\dkpccard.sys
2009-03-20 15:02 11,576 ----a-w c:\windows\system32\DKCLINST.DLL
2009-03-20 14:53 219,648 ----a-w c:\windows\system32\uxtheme.dll
2009-03-17 18:02 --------- d-----w c:\program files\ICQ6.5
2009-03-17 18:02 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ICQ
2009-03-11 12:29 --------- d-----w c:\program files\MSBuild
2009-03-11 06:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-03-08 20:13 --------- d-----w c:\program files\GIMP-2.0
2009-03-07 21:24 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Media Player Classic
2009-03-07 10:40 --------- d-----w c:\program files\VideoLAN
2009-03-07 10:37 --------- d-----w c:\program files\Common Files\Skype
2009-03-07 10:37 --------- d-----w c:\documents and settings\All Users\Data aplikací\Skype
2009-03-07 10:37 --------- d-----r c:\program files\Skype
2009-03-07 10:25 --------- d-----w c:\documents and settings\Administrator\Data aplikací\PSpad
2009-03-07 10:24 --------- d-----w c:\program files\PSPad editor
2009-03-07 10:16 --------- d-----w c:\program files\OpenOffice.org 3
2009-03-07 09:52 --------- d-----w c:\program files\Microsoft Works
2009-03-07 09:20 --------- d--h--w c:\program files\CanonBJ
2009-03-07 09:20 --------- d--h--w c:\documents and settings\All Users\Data aplikací\CanonBJ
2009-03-07 09:16 --------- d-----w c:\documents and settings\Administrator\Data aplikací\QIP
2009-03-07 09:06 --------- d-----w c:\documents and settings\All Users\Data aplikací\ashampoo
2009-03-07 09:06 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Ashampoo
2009-03-07 09:05 --------- d-----w c:\program files\Ashampoo
2009-03-07 09:04 --------- d-----w c:\program files\Foxit Software
2009-03-07 09:04 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Foxit
2009-03-07 08:51 --------- d-----w c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2009-03-07 08:50 --------- d-sh--w c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-07 08:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-07 08:36 --------- d-----w c:\program files\SpeedProject
2009-03-07 08:36 --------- d-----w c:\documents and settings\Administrator\Data aplikací\SpeedProject
2009-03-07 08:13 --------- d-----w c:\program files\VIA
2009-03-07 08:05 --------- d-----w c:\program files\Opera
2009-03-07 07:18 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ESET
2009-03-07 07:13 --------- d-----w c:\program files\7-Zip
2009-03-07 06:33 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-04 05:57 11,702,272 ----a-w c:\windows\system32\atioglxx.dll
2009-02-04 05:03 290,816 ----a-w c:\windows\system32\atiok3x2.dll
2009-02-04 04:56 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-02-04 04:55 324,096 ----a-w c:\windows\system32\ati2dvag.dll
2009-02-04 04:44 196,608 ----a-w c:\windows\system32\atipdlxx.dll
2009-02-04 04:44 155,648 ----a-w c:\windows\system32\Oemdspif.dll
2009-02-04 04:43 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2009-02-04 04:43 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-02-04 04:43 155,648 ----a-w c:\windows\system32\ati2evxx.dll
2009-02-04 04:41 602,112 ----a-w c:\windows\system32\ati2evxx.exe
2009-02-04 04:40 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-02-04 04:30 3,884,768 ----a-w c:\windows\system32\ati3duag.dll
2009-02-04 04:14 2,645,504 ----a-w c:\windows\system32\ativvaxx.dll
2009-02-04 03:58 49,664 ----a-w c:\windows\system32\amdpcom32.dll
2009-02-04 03:54 471,040 ----a-w c:\windows\system32\atikvmag.dll
2009-02-04 03:53 122,880 ----a-w c:\windows\system32\atiadlxx.dll
2009-02-04 03:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2009-02-04 03:46 626,688 ----a-w c:\windows\system32\ati2cqag.dll
2009-02-04 03:44 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-02-04 02:43 45,056 ----a-w c:\windows\system32\aticalrt.dll
2009-02-04 02:42 45,056 ----a-w c:\windows\system32\aticalcl.dll
2009-02-04 02:40 3,244,032 ----a-w c:\windows\system32\aticaldd.dll
2009-02-03 20:05 593,920 ------w c:\windows\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((( SnapShot_2009-04-09_10.22.45,05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-09 12:00:34 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_90.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FLSDeviceControlPanel"="c:\windows\system32\FLSDEVCP.EXE" [2009-03-20 91696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TSS Instrument API Tray Utility.lnk - c:\program files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [2007-12-07 77824]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
2008-12-22 12:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2009-03-23 14:07 1830128 c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Tss\\Instrument API\\bin\\root.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [2009-03-20 49720]
R1 sasdifsv;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-03-23 9968]
R1 saskutil;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-03-23 72944]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-04-09 186625]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-04-09 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [2009-04-09 432897]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [2009-03-20 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [2009-03-20 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [2009-03-20 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [2009-03-20 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [2009-03-20 34048]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [2009-03-20 10454]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-20 603904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2002-12-05 3584]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe --> c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe [?]
S3 sasenum;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-04-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 16:00:00
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(608)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(664)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Celkový čas: 2009-04-09 16:01:55
ComboFix-quarantined-files.txt 2009-04-09 14:01:52
ComboFix2.txt 2009-04-09 08:24:07
ComboFix3.txt 2009-04-09 05:58:44
ComboFix4.txt 2009-04-08 16:55:52

Před spuštěním: 9 807 101 952
Po spuštění: 9,796,460,544

299 --- E O F --- 2009-03-21 10:00:44

Moje chyba , bral jsem to podle minulého logu..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

sc config NOD32FiXTemDono start= disabled
sc stop NOD32FiXTemDono
sc delete NOD32FiXTemDono

ulož si ho na plochu jako-název remove.bat a ulož ho jako typ všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.Otevře se Dosovské okno a zavře. Restartuj comp.
*****************************************************************************************************************************************
Ještě pročistíme od ESET, Symantec..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\nod32restoretemdono.reg
c:\windows\nod32fixtemdono.reg

Folder::
c:\program files\Common Files\Symantec Shared
c:\documents and settings\All Users\Data aplikací\Symantec
c:\windows\system32\config\systemprofile\Data aplikací\ESET
c:\windows\system32\config\systemprofile\Data aplikací\ESET
c:\documents and settings\All Users\Data aplikací\ESET

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Snad je to ten správny log co jsi chtěl. Díky moc, že mi pomáháš. Čekám na odpověď.

ComboFix 09-04-04.01 - Administrator 2009-04-09 19:49:49.5 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.767.472 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
* Vytvořen nový Bod Obnovení

FILE ::
c:\windows\nod32fixtemdono.reg
c:\windows\nod32restoretemdono.reg
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\ESET
c:\documents and settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus\EpfwUser.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus\Stats\disk200904a.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus\Stats\disk200904b.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Antispam\asdata.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Antispam\sc1.bin.full.2009.01.12.21.11.19
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Antispam\sc2.bin.full.2005.02.11.04.44.13
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Antispam\sc5.bin.full.2007.01.28.16.09.00
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\httpblk.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\disk200903a.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\disk200903b.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\disk200904a.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\disk200904b.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\net200903a.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\net200903b.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\net200904a.dat
c:\documents and settings\All Users\Data aplikací\ESET\ESET Smart Security\Stats\net200904b.dat
c:\documents and settings\All Users\Data aplikací\Symantec
c:\documents and settings\All Users\Data aplikací\Symantec\ErrLogs\99fa1080.zip
c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242Temp\Lang\09\01\Setup.loc
c:\program files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242Temp\Lang\Fallback.dat
c:\program files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242Temp\Setup.exe
c:\program files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242Temp\SymHTML.dll
c:\program files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242Temp\SymTheme.dll
c:\windows\nod32fixtemdono.reg
c:\windows\nod32restoretemdono.reg
c:\windows\system32\config\systemprofile\Data aplikací\ESET

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-03-09 do 2009-04-09 )))))))))))))))))))))))))))))))
.

2009-04-09 13:47 . 2009-04-09 13:47 <DIR> d-------- c:\program files\Avira
2009-04-09 10:48 . 2009-04-09 13:47 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Avira
2009-04-09 08:33 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:04 . 2009-04-09 07:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2009-04-09 07:03 . 2009-04-09 07:03 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-04-08 18:56 . 2009-04-08 20:05 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-08 18:56 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2009-04-08 18:56 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-08 18:56 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-08 18:39 . 2009-04-08 18:39 155 --a------ c:\windows\system32\SelfDel.bat
2009-04-05 10:28 . 2009-04-05 10:28 50,632 --a------ c:\windows\system32\drivers\MiniIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 <DIR> d--hs---- C:\#GDATA.Trash.Store#
2009-04-05 10:25 . 2009-04-05 10:25 51,016 --a------ c:\windows\system32\drivers\GDTdiIcpt.sys
2009-04-05 10:25 . 2009-04-05 10:25 22,272 --a------ c:\windows\system32\drivers\GDNdisIc.sys
2009-04-05 10:24 . 2009-04-05 10:47 <DIR> d-------- c:\program files\Common Files\G DATA
2009-04-05 10:24 . 2009-04-05 10:45 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\G DATA
2009-03-29 15:28 . 2009-03-29 15:28 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Search
2009-03-28 23:48 . 2009-03-28 23:48 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Azureus
2009-03-28 23:48 . 2009-03-29 00:17 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Azureus
2009-03-28 23:47 . 2009-03-28 23:48 <DIR> d-------- c:\program files\Vuze
2009-03-28 23:46 . 2009-03-28 23:45 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-28 23:46 . 2009-03-28 23:45 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-28 23:45 . 2009-03-28 23:45 <DIR> d-------- c:\program files\Java
2009-03-21 16:27 . 2009-03-21 16:27 <DIR> d-------- c:\windows\zy_tmp
2009-03-21 16:27 . 2004-08-17 12:23 5,120 --a------ c:\windows\system32\tcusbdrv.dll
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-03-21 13:31 . 2001-10-24 12:54 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-03-21 13:30 . 2008-04-14 01:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-03-21 12:00 . 2009-03-21 12:00 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-20 23:28 . 2009-03-20 23:28 4,263 --a------ c:\windows\system32\FLSINSTU.INI
2009-03-20 23:05 . 2009-03-20 23:05 2,331,008 --a------ c:\windows\system32\TUKernel.exe
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d-------- c:\program files\Stardock
2009-03-20 23:03 . 2009-03-20 23:03 <DIR> d--h-c--- c:\documents and settings\All Users\Data aplikací\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-03-20 23:02 . 2009-03-20 23:02 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-20 23:02 . 2009-03-20 23:02 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-20 23:02 . 2008-12-11 14:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-20 23:01 . 2009-03-20 23:02 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-20 22:40 . 2009-03-20 22:40 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Styler
2009-03-20 22:37 . 2009-03-20 22:40 <DIR> d-------- c:\program files\Styler
2009-03-20 21:23 . 2002-08-12 17:20 27,264 --a------ c:\windows\system32\drivers\rndismpk.sys
2009-03-20 21:23 . 2002-08-12 17:20 11,136 --a------ c:\windows\system32\drivers\usb8023k.sys
2009-03-20 17:30 . 2009-03-20 17:30 256 --a------ C:\dk2.mem
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\Nokia
2009-03-20 17:02 . 2009-03-20 17:02 <DIR> d-------- c:\program files\Common Files\DESkey
2009-03-20 17:02 . 2009-03-20 17:02 2,325,304 --a------ c:\windows\system32\DK2INST.DLL
2009-03-20 17:01 . 2009-03-20 23:26 <DIR> d-------- c:\program files\Nokia
2009-03-20 17:01 . 2008-02-01 17:17 90,624 --a------ c:\windows\system32\nmwcdcls.dll
2009-03-20 17:00 . 2009-03-20 17:00 <DIR> d-------- c:\program files\MSXML 6.0
2009-03-20 16:53 . 2008-04-14 08:52 219,648 --a------ c:\windows\system32\uxtheme.uxtender
2009-03-15 10:17 . 2009-03-15 11:05 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\BMC
2009-03-15 10:15 . 2009-03-20 23:28 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-15 10:15 . 2009-03-15 10:15 91,136 --a------ c:\windows\system32\drivers\susbser.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-15 10:15 . 2008-04-14 01:15 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-03-12 19:20 . 2009-03-12 19:20 <DIR> d-------- c:\program files\WinSCP
2009-03-12 18:12 . 2009-03-12 18:12 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\OpenOffice.org
2009-03-12 17:51 . 2009-03-12 17:53 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\vlc
2009-03-12 17:51 . 2009-03-14 19:04 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\dvdcss
2009-03-11 14:41 . 2009-03-11 14:41 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-03-11 14:40 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-11 14:30 . 2009-03-11 14:40 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-11 14:29 . 2009-03-11 14:29 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-11 14:28 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-11 14:28 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-11 14:28 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-11 14:28 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-11 14:22 . 2009-03-11 14:22 <DIR> d-------- c:\program files\Microsoft
2009-03-11 14:21 . 2009-03-11 14:21 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Windows Desktop Search
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\windows\system32\GroupPolicy
2009-03-11 14:20 . 2009-03-11 14:20 <DIR> d-------- c:\program files\Windows Desktop Search
2009-03-11 14:18 . 2009-03-11 14:18 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-03-11 14:16 . 2009-03-11 14:16 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-11 14:16 . 2009-03-11 14:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-03-11 14:13 . 2009-03-11 14:14 <DIR> d-------- c:\windows\system32\URTTemp
2009-03-11 09:00 . 2008-12-21 01:03 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-11 09:00 . 2007-04-17 11:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-11 09:00 . 2007-03-08 07:09 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-11 09:00 . 2008-12-21 01:03 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-11 09:00 . 2008-12-21 01:03 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-11 09:00 . 2008-12-21 01:03 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-11 09:00 . 2008-12-21 01:03 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-11 09:00 . 2008-12-21 01:03 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-11 09:00 . 2008-12-19 11:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-09 07:42 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-09 07:42 . 2008-10-16 15:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-09 07:42 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 08:09 --------- d-----w c:\program files\foobar2000
2009-04-08 18:46 --------- d-----w c:\program files\Krteček 2.1.3
2009-04-06 19:41 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Skype
2009-04-06 18:44 --------- d-----w c:\documents and settings\Administrator\Data aplikací\skypePM
2009-03-29 13:12 --------- d-----w c:\documents and settings\Administrator\Data aplikací\gtk-2.0
2009-03-29 12:42 --------- d-----w c:\program files\QIP Infium
2009-03-21 14:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-21 14:27 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\DNClnt32.dll
2009-03-20 15:02 92,984 ----a-w c:\windows\system32\dkcpanel.exe
2009-03-20 15:02 89,400 ----a-w c:\windows\system32\DNCP32.DLL
2009-03-20 15:02 76,600 ----a-w c:\windows\system32\dk2cp32.dll
2009-03-20 15:02 64,312 ----a-w c:\windows\system32\vercp32.dll
2009-03-20 15:02 49,720 ----a-w c:\windows\system32\drivers\dk2drv.sys
2009-03-20 15:02 32,208 ----a-w c:\windows\system32\dk2win16.dll
2009-03-20 15:02 30,520 ----a-w c:\windows\system32\DK2UInst.exe
2009-03-20 15:02 24,488 ----a-w c:\windows\system32\dk2vdd.dll
2009-03-20 15:02 18,360 ----a-w c:\windows\system32\drivers\DK2USB.sys
2009-03-20 15:02 14,856 ----a-w c:\windows\system32\drivers\dkpccard.sys
2009-03-20 15:02 11,576 ----a-w c:\windows\system32\DKCLINST.DLL
2009-03-20 14:53 219,648 ----a-w c:\windows\system32\uxtheme.dll
2009-03-17 18:02 --------- d-----w c:\program files\ICQ6.5
2009-03-17 18:02 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ICQ
2009-03-11 12:29 --------- d-----w c:\program files\MSBuild
2009-03-11 06:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-03-08 20:13 --------- d-----w c:\program files\GIMP-2.0
2009-03-07 21:24 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Media Player Classic
2009-03-07 10:40 --------- d-----w c:\program files\VideoLAN
2009-03-07 10:37 --------- d-----w c:\program files\Common Files\Skype
2009-03-07 10:37 --------- d-----w c:\documents and settings\All Users\Data aplikací\Skype
2009-03-07 10:37 --------- d-----r c:\program files\Skype
2009-03-07 10:25 --------- d-----w c:\documents and settings\Administrator\Data aplikací\PSpad
2009-03-07 10:24 --------- d-----w c:\program files\PSPad editor
2009-03-07 10:16 --------- d-----w c:\program files\OpenOffice.org 3
2009-03-07 09:52 --------- d-----w c:\program files\Microsoft Works
2009-03-07 09:20 --------- d--h--w c:\program files\CanonBJ
2009-03-07 09:20 --------- d--h--w c:\documents and settings\All Users\Data aplikací\CanonBJ
2009-03-07 09:16 --------- d-----w c:\documents and settings\Administrator\Data aplikací\QIP
2009-03-07 09:06 --------- d-----w c:\documents and settings\All Users\Data aplikací\ashampoo
2009-03-07 09:06 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Ashampoo
2009-03-07 09:05 --------- d-----w c:\program files\Ashampoo
2009-03-07 09:04 --------- d-----w c:\program files\Foxit Software
2009-03-07 09:04 --------- d-----w c:\documents and settings\Administrator\Data aplikací\Foxit
2009-03-07 08:51 --------- d-----w c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2009-03-07 08:50 --------- d-sh--w c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-07 08:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-07 08:36 --------- d-----w c:\program files\SpeedProject
2009-03-07 08:36 --------- d-----w c:\documents and settings\Administrator\Data aplikací\SpeedProject
2009-03-07 08:13 --------- d-----w c:\program files\VIA
2009-03-07 08:05 --------- d-----w c:\program files\Opera
2009-03-07 07:18 --------- d-----w c:\documents and settings\Administrator\Data aplikací\ESET
2009-03-07 07:13 --------- d-----w c:\program files\7-Zip
2009-03-07 06:33 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-04 05:57 11,702,272 ----a-w c:\windows\system32\atioglxx.dll
2009-02-04 05:03 290,816 ----a-w c:\windows\system32\atiok3x2.dll
2009-02-04 04:56 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-02-04 04:55 324,096 ----a-w c:\windows\system32\ati2dvag.dll
2009-02-04 04:44 196,608 ----a-w c:\windows\system32\atipdlxx.dll
2009-02-04 04:44 155,648 ----a-w c:\windows\system32\Oemdspif.dll
2009-02-04 04:43 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2009-02-04 04:43 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-02-04 04:43 155,648 ----a-w c:\windows\system32\ati2evxx.dll
2009-02-04 04:41 602,112 ----a-w c:\windows\system32\ati2evxx.exe
2009-02-04 04:40 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-02-04 04:30 3,884,768 ----a-w c:\windows\system32\ati3duag.dll
2009-02-04 04:14 2,645,504 ----a-w c:\windows\system32\ativvaxx.dll
2009-02-04 03:58 49,664 ----a-w c:\windows\system32\amdpcom32.dll
2009-02-04 03:54 471,040 ----a-w c:\windows\system32\atikvmag.dll
2009-02-04 03:53 122,880 ----a-w c:\windows\system32\atiadlxx.dll
2009-02-04 03:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2009-02-04 03:46 626,688 ----a-w c:\windows\system32\ati2cqag.dll
2009-02-04 03:44 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-02-04 02:43 45,056 ----a-w c:\windows\system32\aticalrt.dll
2009-02-04 02:42 45,056 ----a-w c:\windows\system32\aticalcl.dll
2009-02-04 02:40 3,244,032 ----a-w c:\windows\system32\aticaldd.dll
2009-02-03 20:05 593,920 ------w c:\windows\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((( SnapShot_2009-04-09_10.22.45,05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-09 17:46:42 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7bc.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FLSDeviceControlPanel"="c:\windows\system32\FLSDEVCP.EXE" [2009-03-20 91696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Styler.lnk - c:\documents and settings\Administrator\Data aplikacˇ\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-03-20 15086]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TSS Instrument API Tray Utility.lnk - c:\program files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe [2007-12-07 77824]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
2008-12-22 12:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2009-03-23 14:07 1830128 c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Tss\\Instrument API\\bin\\root.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [2009-03-20 49720]
R1 sasdifsv;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-03-23 9968]
R1 saskutil;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-03-23 72944]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-04-09 186625]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-04-09 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [2009-04-09 432897]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [2009-03-20 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [2009-03-20 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [2009-03-20 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [2009-03-20 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [2009-03-20 34048]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [2009-03-20 10454]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-20 603904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe --> c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe [?]
S3 sasenum;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-04-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 19:52:04
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-515967899-1383384898-1060284298-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(484)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(640)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Celkový čas: 2009-04-09 19:54:00
ComboFix-quarantined-files.txt 2009-04-09 17:53:55
ComboFix2.txt 2009-04-09 14:01:58
ComboFix3.txt 2009-04-09 08:24:07
ComboFix4.txt 2009-04-09 05:58:44
ComboFix5.txt 2009-04-09 17:49:01

Před spuštěním: 9 770 487 808
Po spuštění: 9,756,442,624

323 --- E O F --- 2009-03-21 10:00:44

Ještě vlož nový log z hJT.

Omlouvám se zde je.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:08, on 9.4.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\FLSDEVCP.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FLSDeviceControlPanel] C:\WINDOWS\system32\FLSDEVCP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Styler.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: Styler.lnk = ? (User 'Default user')
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: TSS Instrument API Tray Utility.lnk = C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\tray.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !saswinlogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: G Data Tuner Service - Unknown owner - C:\Program Files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 6677 bytes

PC-HELP.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu