prosím o kontrolu logu

[adrenalinrush]

Dobrý den, prosím o kontrolu logu, hlásí se mi rapimgr a nevím co s tím, mám tam ad-aware a spybot, ale ti nic nenajdou...

Díky
ComboFix 09-08-25.05 - uzivatel 26.08.2009 18:29.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.984 [GMT 2:00]
Spuštěný z: c:\documents and settings\uzivatel\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Data
c:\windows\system32\Drivers\wohot.sys
c:\windows\system32\eumfyfsc.ini
c:\windows\system32\mfc45.dll
c:\windows\system32\nerocheck.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ufgq


((((((((((((((((((((((((( Soubory vytvořené od 2009-07-26 do 2009-08-26 )))))))))))))))))))))))))))))))
.

2009-08-26 15:13 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-26 15:13 . 2009-08-26 15:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-26 15:13 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-25 17:52 . 2009-08-25 17:52 -------- d-----w- c:\program files\Nvu
2009-08-22 05:02 . 2009-08-22 05:03 -------- d-----w- c:\documents and settings\uzivatel\Rossmann Foto-Shop
2009-08-22 04:59 . 2009-08-22 05:00 -------- d-----w- c:\program files\Rossmann Foto-Shop Client
2009-08-21 18:25 . 2009-01-26 15:04 49152 ----a-w- c:\windows\system32\DBQARM.dll
2009-08-21 18:24 . 2009-08-21 18:29 -------- d-----w- c:\program files\dbQwikSite 5
2009-08-21 18:14 . 2009-08-21 18:14 -------- d-----w- c:\program files\FTP Commander
2009-08-20 19:05 . 2009-08-20 19:06 -------- d-----w- C:\Inetpub
2009-08-20 18:30 . 2009-08-20 18:30 -------- d-----w- c:\program files\Windows Script Control
2009-08-20 18:30 . 2009-08-20 18:30 -------- d-----w- c:\program files\Common Files\e.World
2009-08-20 18:30 . 2009-08-20 18:30 -------- d-----w- c:\windows\PHPMaker
2009-08-13 16:57 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-05 09:01 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-29 09:39 . 2009-07-03 16:59 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-29 09:39 . 2009-07-03 16:59 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-26 06:07 . 2008-11-22 14:29 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-21 18:05 . 2004-12-03 20:10 -------- d-----w- c:\program files\SmartFTP
2009-08-18 16:39 . 2007-11-08 09:23 -------- d-----w- c:\program files\Windows Live Safety Center
2009-08-17 20:46 . 2004-08-17 13:49 1248 --sha-w- C:\wj2jaeh0.sys
2009-08-16 06:39 . 2009-05-30 10:11 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-16 06:39 . 2009-05-30 10:10 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-16 06:39 . 2009-05-30 10:10 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-11 05:15 . 2008-01-02 19:29 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-05 21:24 . 2004-08-17 13:49 1248 --sha-w- C:\wj2jaezn.sys
2009-08-05 09:01 . 2004-08-17 13:49 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 19:24 . 2004-12-03 20:07 -------- d-----w- c:\program files\Chameleon
2009-08-04 17:16 . 2004-12-03 20:04 -------- d-----w- c:\program files\Illustrator 8.0 CZ
2009-08-03 19:00 . 2004-12-03 20:08 -------- d-----w- c:\program files\Macromedia
2009-08-03 18:49 . 2004-12-04 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-29 14:08 . 2007-09-19 18:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-07-17 19:04 . 2004-08-17 13:49 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2004-08-17 13:49 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-08 20:30 . 2009-07-08 20:30 0 ----a-w- c:\windows\nsreg.dat
2009-07-06 14:24 . 2009-07-06 10:30 -------- d-----w- c:\program files\Hixus Keyword Inventor
2009-07-06 10:26 . 2009-07-06 10:26 -------- d-----w- c:\program files\BHead
2009-07-03 16:59 . 2004-08-17 13:49 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-28 16:50 . 2004-12-02 23:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-28 16:42 . 2009-06-28 13:37 -------- d-----w- c:\program files\Micropro
2009-06-28 13:49 . 2009-06-28 13:49 -------- d-----w- c:\program files\Common Files\Micropro
2009-06-26 15:34 . 2001-10-25 14:00 47206 ----a-w- c:\windows\system32\perfc005.dat
2009-06-26 15:34 . 2001-10-25 14:00 312970 ----a-w- c:\windows\system32\perfh005.dat
2009-06-16 14:40 . 2004-08-17 13:49 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2001-10-25 14:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 10:45 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:45 . 2004-08-17 13:49 81408 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:15 . 2004-08-17 13:49 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:21 . 2004-12-02 22:56 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:16 . 2004-08-17 13:49 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:11 . 2004-08-17 13:49 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-05-30 11:23 . 2009-05-30 18:35 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-30 11:23 . 2009-03-18 10:43 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-05-30 10:45 . 2004-12-02 23:00 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-30 10:45 . 2004-12-02 23:00 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-05-30 10:11 . 2009-05-30 10:10 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PcSync"="c:\program files\NokiaN70\Nokia PC Suite 6\PcSync2.exe" [2005-06-24 860160]
"Google Update"="c:\documents and settings\uzivatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-08-11 133104]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RCServer"="c:\program files\Remote Control\RCServer.exe" [2003-02-05 196608]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-23 487424]
"PC Suite for Smartphones"="c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-29 520024]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-16 2007832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-29 4620288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-12 286720]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2004-12-3 49254]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\program files\microsoft frontpage\Office\OSA9.EXE [1999-2-17 65588]
Phone Connection Monitor.lnk - c:\program files\Sony Ericsson\Mobile\audevicemgr.exe [2005-10-13 807424]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-16 06:39 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"nwiz"=nwiz.exe /install
"PCSuiteTrayApplication"=c:\program files\NokiaN70\Nokia PC Suite 6\LaunchApplication.exe -onlytray
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"UpdReg"=c:\windows\UpdReg.EXE
"UserFaultCheck"=%systemroot%\system32\dumprep 0 -u
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"DataLayer"=c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe
"CTSysVol"=c:\program files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
"c:\\Program Files\\Sony Ericsson\\Mobile\\DXP SyncML.exe"=
"c:\\Program Files\\microsoft frontpage\\Office\\FRONTPG.EXE"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\uzivatel\\Plocha\\Márovy vjeci\\Mára\\World of warcraft\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe"=
"c:\\Documents and Settings\\uzivatel\\Plocha\\Márovy vjeci\\Mára\\World of warcraft\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Call of Duty\\CoDUOMP.exe"=
"c:\\Program Files\\FTP Commander\\ftpcomm.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3724:TCP"= 3724:TCP:*:Disabled:Blizzard Downloader: 3724

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18.3.2009 12:43 64160]
R0 pnpshark;pnpshark;c:\windows\system32\drivers\pnpshark.sys [2.10.2003 4:16 119552]
R0 st3shark;st3shark;c:\windows\system32\drivers\st3shark.sys [27.9.2003 15:37 5504]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [30.5.2009 12:10 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [30.5.2009 12:10 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [30.5.2009 12:10 297752]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [20.6.2009 21:29 222456]
R2 RCSERVER;Remote Control Server;c:\program files\Remote Control\RCServer.exe [5.2.2003 20:51 196608]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe --> c:\program files\iolo\common\lib\ioloServiceManager.exe [?]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe --> c:\program files\iolo\common\lib\ioloServiceManager.exe [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1029456]
S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [13.10.2005 17:15 6828]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 09:43]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{E1CB53C3-5CA5-4955-B0E0-636EB8E8565B} - (no file)
Notify-tuvVLdbA - tuvVLdbA.dll


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\iavlsp.dll
DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} - hxxp://foto.droxi.cz/snadno-vlozit-foto ... loader.dll
DPF: {BE9B2B7C-6680-44E6-9F51-05384AD9C2FF} - hxxp://navigace.cz.o2.com/MapConnect.ocx
DPF: {EC71A2BE-E211-41F9-BCAF-4EFF13426DFE} - hxxps://shop.rossmanncz.orwonet.de/shop ... upload.cab
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\j6qheelq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
.
------- Asociace souborů -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-26 18:36
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(608)
c:\windows\system32\iavlsp.dll

- - - - - - - > 'explorer.exe'(3276)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\NokiaN70\Nokia PC Suite 6\PhoneBrowser.dll
c:\windows\system32\ConnAPI.DLL
c:\program files\NokiaN70\Nokia PC Suite 6\PCSCM.dll
c:\program files\NokiaN70\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\NokiaN70\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\program files\SmartFTP\smarthook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\wscntfy.exe
c:\documents and settings\uzivatel\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
c:\progra~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\progra~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
c:\progra~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
c:\progra~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
.
**************************************************************************
.
Celkový čas: 2009-08-26 18:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-08-26 16:41

Před spuštěním: Volných bajtů: 49 006 641 152
Po spuštění: Volných bajtů: 48 963 997 696

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

300 --- E O F --- 2009-08-13 19:32

[Reklama]

[Damned]

ComboFix píše hned v prvním okně: NEPOUŽÍVEJ ComboFix pokud mu nerozumíš, může ti poškodit operační systém .

Je to, jako kdyby si na výměnu kola u auta použil hned autogen!!!!

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.