Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

solda1 · Příspěvek od **solda1** » ned 24. srp 2008, 14:18

ComboFix 08-08-14.05 - Administrator 2008-08-24 14:11:54.19 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1794 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-07-24 to 2008-08-24 )))))))))))))))))))))))))))))))
.

2008-08-16 22:27 . 2008-08-16 22:28 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-08-16 18:03 . 2008-08-24 12:42 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-16 18:03 . 2008-08-16 18:03 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-16 07:59 . 2008-05-01 16:33 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-15 20:33 . 2008-08-15 20:33 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-08-15 19:03 . 2008-08-15 19:03 249,856 --------- C:\WINDOWS\Setup1.exe
2008-08-15 19:03 . 2008-08-15 19:03 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2008-08-15 00:30 . 2008-08-15 00:30 94,208 --a------ C:\WINDOWS\DIIUnin.exe
2008-08-15 00:30 . 2008-08-15 18:59 31,110 --a------ C:\WINDOWS\DIIUnin.dat
2008-08-15 00:30 . 2008-08-15 00:30 2,829 --a------ C:\WINDOWS\DIIUnin.pif
2008-08-13 15:48 . 2008-08-13 15:48 <DIR> d-------- C:\Program Files\FDRLab
2008-08-11 17:52 . 2008-08-14 11:05 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2008-08-11 17:52 . 2008-08-14 11:05 <DIR> d-------- C:\Program Files\QuickTime
2008-08-11 17:52 . 2008-08-11 17:52 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\QuickTime
2008-08-11 17:52 . 1999-11-10 11:05 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2008-07-31 19:41 . 2008-08-18 13:28 1,246 --a------ C:\WINDOWS\kaillera.ini
2008-07-30 16:39 . 2008-07-30 16:39 40,960 --a------ C:\WINDOWS\_ds5B.tmp
2008-07-30 16:37 . 2008-07-30 16:39 <DIR> d-------- C:\Program Files\GameSpy Arcade
2008-07-30 16:37 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-07-30 16:37 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-24 12:08 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2008-08-23 11:01 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-08-15 16:46 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
2008-08-15 07:35 --------- d-----w C:\Program Files\WinClamAVShield
2008-08-14 23:13 --------- d-----w C:\Program Files\Spyware Terminator
2008-08-14 09:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-14 09:03 --------- d-----w C:\Program Files\Mv2Player
2008-08-10 10:30 --------- d-----w C:\Program Files\Winamp Toolbar
2008-08-10 10:30 --------- d-----w C:\Program Files\Ulead SmartSaver Pro 3.0
2008-07-31 20:46 --------- d-----w C:\Program Files\VideoLAN
2008-07-14 23:07 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Canneverbe_Limited
2008-07-14 23:06 --------- d-----w C:\Program Files\CDBurnerXP
2008-07-14 23:06 --------- d-----w C:\Program Files\CD to MP3 Freeware
2008-07-10 20:07 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ICQ
2008-07-10 07:41 --------- d-----w C:\Program Files\ICQ6
2008-07-10 07:33 --------- d-----w C:\Program Files\ICQ6Toolbar
2008-07-10 07:33 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ICQ
2008-07-08 15:53 --------- d-----w C:\Program Files\QIP
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:15 --------- d-----w C:\Program Files\ICQToolbar
2008-07-03 11:33 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-06-24 16:24 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:41 660,480 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:42 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-03-24 17:39 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 16:49 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 14:53 32768]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 14:05 486856]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-05-22 11:04 521128]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-02 13:00 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-08-10 10:18 1783808]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-02-11 19:22 1115728]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-03-27 08:35 36352]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-08-11 17:52 77824]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 11:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 13:45 49152 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 16:49 15360]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-02-04 14:53:14 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-04 14:52:38 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Games\\Steam\\SteamApps\\rickard_bjerk@hotmail.com\\counter-strike\\hl.exe"=
"C:\\Games\\Warcraft III\\war3.exe"=
"C:\\Games\\Steam\\SteamApps\\rickard_bjerk@hotmail.com\\half-life\\hl.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"20987:TCP"= 20987:TCP:BitComet 20987 TCP
"20987:UDP"= 20987:UDP:BitComet 20987 UDP

R0 MPRIFL;MPRIFL;C:\WINDOWS\system32\DRIVERS\MPRIFL.SYS [2007-12-13 21:13]
S1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 11:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-05-03 11:04]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
S2 ICQ Service;ICQ Service;C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 19:26]
S2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 15:34]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 23:10]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-04 00:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b77df1c0-d3d6-11dc-8c4c-001d7d948846}]
\Shell\AutoRun\command - F:\SETUP.EXE
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\5hud0uf2.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.atlas.cz/?from=icqhp

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-24 14:14:12
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-24 14:15:17
ComboFix-quarantined-files.txt 2008-08-24 12:15:02

Pre-Run: 4,027,625,472
Post-Run: 4,048,998,400

138 --- E O F --- 2008-08-18 09:31:00

rary · Příspěvek od **rary** » ned 24. srp 2008, 20:44

Log je čistý.
Jsou nějaké problémy?

solda1 · Příspěvek od **solda1** » pon 25. srp 2008, 09:26

Nejsou

Vypadá to cool

děkuju ti..combofix rulezz

Ice69 · Příspěvek od **Ice69** » pon 25. srp 2008, 11:54

Ahoj lidi, nevíte někdo jak se zbavit "Trojan.DesktopHijack.2" a "Adware.Bho.aes". V systému je nainstalovaný Nod32 v 3.0.621.0 a Spywareterminator, firewall pouze integrovaný ve win. Zatím nemůžu postovat žádnej log z Combofixu nebo HijackThis, protože to není na mém PC ale u kámošky a jen tak se k ní nedostanu. dík

Ice69 · Příspěvek od **Ice69** » pon 25. srp 2008, 22:04

Ice69 píše:Ahoj lidi, nevíte někdo jak se zbavit "Trojan.DesktopHijack.2" a "Adware.Bho.aes". V systému je nainstalovaný Nod32 v 3.0.621.0 a Spywareterminator, firewall pouze integrovaný ve win. Zatím nemůžu postovat žádnej log z Combofixu nebo HijackThis, protože to není na mém PC ale u kámošky a jen tak se k ní nedostanu. dík

Tady je log z ComboFixu:
ComboFix 08-08-24.03 - Administrator 2008-08-25 20:39:43.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.130 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Cookies\Administrator@www.careerjet[2].txt
C:\Documents and Settings\Administrator\Oblíbené položky\Error Cleaner.url
C:\Documents and Settings\Administrator\Oblíbené položky\Privacy Protector.url
C:\Documents and Settings\Administrator\Oblíbené položky\Spyware&Malware Protection.url
C:\WINDOWS\system32\avpe32.dll
C:\WINDOWS\system32\clbdll.dll
C:\WINDOWS\system32\Dll.dll
C:\WINDOWS\system32\KernelDrv.exe
C:\WINDOWS\system32\kernelwind32.exe
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\msliksurcredo.dll
C:\WINDOWS\system32\msliksurdns.dll
C:\WINDOWS\system32\ntos.exe
C:\WINDOWS\system32\tcpwrk.dll

.
((((((((((((((((((((((((( Files Created from 2008-07-25 to 2008-08-25 )))))))))))))))))))))))))))))))
.

2008-08-25 20:44 . 2008-08-25 20:44 1,340 --a------ C:\Documents and Settings\Franta catchme.zip
2008-08-25 20:42 . 2008-08-25 20:42 0 --a------ C:\WINDOWS\system32\zopenssl.dll
2008-08-25 20:42 . 2008-08-25 20:42 0 --a------ C:\WINDOWS\system32\se500mdm.dll
2008-08-25 20:42 . 2008-08-25 20:42 0 --a------ C:\WINDOWS\system32\scsiusr4.dll
2008-08-25 20:42 . 2008-08-25 20:42 0 --a------ C:\WINDOWS\system32\pasksa.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\msvcrl.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\ksapgh.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\iesdl4l.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\hpprintx.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\extxerox.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\docent2.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\docent0.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\directut.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\directpt.dll
2008-08-25 20:41 . 2008-08-25 20:41 0 --a------ C:\WINDOWS\system32\bt848rom.dll
2008-08-25 20:40 . 2008-08-25 20:40 0 --a------ C:\WINDOWS\system32\avload32.dll
2008-08-25 20:40 . 2008-08-25 20:40 0 --a------ C:\WINDOWS\system32\arprmdg0.dll
2008-08-25 14:28 . 2008-08-25 14:28 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-08-24 20:08 . 2008-08-24 20:08 <DIR> d-------- C:\Program Files\ICQToolbar
2008-08-23 19:57 . 2008-08-23 19:57 <DIR> d-------- C:\Program Files\1944 - Bitva v Arden ch
2008-08-23 19:56 . 2008-08-23 19:56 <DIR> d-------- C:\Program Files\Winamp Toolbar
2008-08-16 02:26 . 2008-08-23 19:56 <DIR> d-------- C:\Program Files\Winamp Toolbar(2)
2008-08-16 02:09 . 2008-08-23 19:56 <DIR> d-------- C:\Program Files\ICQToolbar(2)
2008-08-14 19:41 . 2008-05-01 16:37 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-14 19:39 . 2008-04-11 21:06 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-06 20:55 . 2008-08-23 19:57 <DIR> d-------- C:\Program Files\Miranda IM
2008-08-04 05:33 . 2008-08-04 05:33 <DIR> d-------- C:\Program Files\GameSpy3D
2008-08-03 08:10 . 2008-08-03 08:10 <DIR> d-------- C:\Program Files\Stardock
2008-07-31 19:30 . 2008-08-24 15:24 1,697 --a------ C:\WINDOWS\eReg.dat
2008-07-30 14:56 . 2008-08-02 09:38 45 --a------ C:\TEST.XML
2008-07-29 10:12 . 2008-07-29 10:12 <DIR> d-------- C:\Program Files\TGTSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-25 17:47 --------- d-----w C:\Program Files\Spyware Terminator
2008-08-25 15:43 --------- d-----w C:\Program Files\WinClamAVShield
2008-08-25 12:14 --------- d-----w C:\Program Files\Crawler
2008-08-25 10:36 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-08-23 17:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-23 17:57 --------- d-----w C:\Program Files\GameSpy Arcade
2008-08-23 17:57 --------- d-----w C:\Program Files\1944 - Bitva v Ardenách
2008-07-15 13:38 --------- d-----w C:\Program Files\Ubi Soft
2008-07-11 15:19 306,432 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-07-07 23:40 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-07-07 23:39 140,288 ----a-w C:\WINDOWS\~GLC0000.TMP
2008-07-07 20:29 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 18:34 --------- d-----w C:\Program Files\directx
2008-07-07 18:28 --------- d-----w C:\Program Files\Common Files\Adobe
2008-07-03 08:20 --------- d-----w C:\Program Files\Bridge Building Game
2008-07-03 08:08 --------- d-----w C:\Program Files\D-Day
2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:42 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:49 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-13 14:28 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-05-28 13:36 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-05-28 13:36 253,952 ------w C:\WINDOWS\Setup1.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 05:22 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 05:22 1695232]
"Steam"="F:\Hry\Steam.exe" [2008-07-22 23:37 1271032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 08:21 1443072]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-20 02:03 1817600]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-03-27 08:35 36352]
"SoundMan"="SOUNDMAN.EXE" [2005-07-26 10:16 77824 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 05:22 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"F:\\Hry\\Valve\\hl.exe"=
"F:\\Hry\\FlatOut2\\FlatOut2.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"F:\\Hry\\battlefield 1942(2)\\BF1942.exe"=

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 08:21]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-05-20 02:03]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-13 20:56]
S3 ddsxeiservice;ddsxeiservice2;F:\Hry\sXe Injected\ddsxei.sys [2008-06-05 08:11]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-11 17:19]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{277bc6c3-2608-11dd-ae65-806d6172696f}]
\Shell\AutoRun\command - D:\setup.exe
.
Contents of the 'Scheduled Tasks' folder

2008-08-15 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe [2008-01-08 13:31]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\fd6k01mo.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-25 20:45:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\rundll32.exe
F:\Moje sloC:\WINDOWS\system32\wuauclt.exe
.
**************************************************************************
.
Completion time: 2008-08-25 20:49:41 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-25 18:49:30

Pre-Run: 993,435,648
Post-Run: 1,468,833,792

157 --- E O F --- 2008-08-24 13:05:53

Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

Re: Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

Re: Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

Re: Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

Re: Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

Re: Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.