Prosím o kontrolu logu

redvo · Příspěvekod **redvo** » 26 led 2009 14:19

hmmm..bohu žiaľ mi nefunguje ani obyčajný skicár, takže nemôžem dať screen..ale aspoň som si to odfotografoval na telefón a dal na imageshack. Ale žiadny avast.exe alebo tak medzi procesmi nemám. čo z toho mám ukončiť ?

Kód: Vybrat vše

http://img89.imageshack.us/my.php?image=dsc01334oq1.jpg

Reklama

Příspěvekod **memphisto** » 26 led 2009 14:23

ty procesy s ash patří AVASTU (ashWebSv, ashServ atd.) pak ještě ukonči TeaTimer.exe to je rezident Spybotu

redvo · Příspěvekod **redvo** » 26 led 2009 14:35

všetky som vypol a aj tak mi to tam stále vyhadzuje..mám ho odinštalovať ? potom si ho môžem stiahnuť a keygen by som mal mať

Příspěvekod **memphisto** » 26 led 2009 14:57

AVAST je free, tak jaký keygen :idea:

Teda pokud ovšem nemáš nelegálně verzi Pro :evil:

Tady se totiž warez neřeší. Tobě teda nejdou žádné exe soubory? ani instalace?

redvo · Příspěvekod **redvo** » 26 led 2009 15:17

hmmm...tak to neviem či mam pro alebo free :roll:

noo..ale k téme

hmm...zakaždým keď idem spustiť nejaký exe súbor z umiestnenia alebo cez zástupcu, tak mi tam vyhodí tú tabuľku ako keď nieje k nemu priradený program. Príklad s ICQ :

Kód: Vybrat vše

http://img230.imageshack.us/my.php?image=dsc01339jc1.jpg

a keď dám vybrať program v zozname > prehľadávať > a vyhľadám jeho umiestnenie napr. v Program Files tak mi to u väčšiny prgramov ide.

EDIT: s inštaláciami mi robí to isté

A ešte k tomu AVASTU..tento čo mám, mi inštaloval jeden kamarát čo robí s PC a ten ho má legálne zakúpený, len mi pred nedávnom posielal nejaký keygen..tak neviem..no ale neriešme to teda :dontgetit:

.

redvo · Příspěvekod **redvo** » 26 led 2009 15:44

No čo vedel by mi niekto pomôcť ?

memphisto : ešte k tomu combofix. Vždy keď ho zapnem tak mi na začiatku vyskočia 2 tie tabuľky (vybrať program v zozname...) pre nejaké grpconv.exe a hidec.exe..lenže nepoznám umiestnenie týchto súborov a po nejakých 5 sekundách mi tieto tabuľky zmiznú.

Příspěvekod **memphisto** » 26 led 2009 17:03

tohle bude chtít první dořešit problém s těmi exe soubory, protože bez toho se nehnem. Nepůjdou spustit žádné čistící programy

Zatím zkus v té jiné sekci dořešit ten problém s tím exe a pak to dočistíme. ještě tam máš nějaké zbytky

Příspěvekod **memphisto** » 26 led 2009 20:20

tak zkusíme tohle:

Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah

redvo · Příspěvekod **redvo** » 26 led 2009 22:44

Logfile of random's system information tool 1.05 (written by random/random)
Run by Lukáš at 2009-01-26 22:41:37
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 129 GB (54%) free of 238 GB
Total RAM: 766 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:12:28, on 26. 1. 2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = "řxn
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\DOCUME~1\LUK~1\LOCALS~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.spele.nl/bodycode.php?url=http://games.spele.nl/spelehost2/2/horse_jump.dcr&width=700&height=350'"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - ?p=ZNfox000
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: jkkHArQk - jkkHArQk.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 9603 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-19 16062464]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-06-16 53248]
"S3Trayp"=C:\WINDOWS\system32\S3Trayp.exe [2005-10-31 163840]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"tsnp325"=C:\WINDOWS\tsnp325.exe [2006-10-10 270336]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2007-12-04 79224]
"Realtime Audio Engine"=mmrtkrnl.exe /i []
"snp325"=C:\WINDOWS\vsnp325.exe [2006-10-10 827392]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"SUPERAntiSpyware"=C:\DOCUME~1\LUK~1\LOCALS~1\Temp\SSUPDATE.EXE [2008-05-21 158960]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Uniblue RegistryBooster 2009"=C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-10 216520]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2008-11-30 172792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-08-06 447928]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Lukáš\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkHArQk]
jkkHArQk.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-21 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Proforient ZS\opppt.exe"="C:\Program Files\Proforient ZS\opppt.exe:*:Enabled:Testovanie"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50f0552f-ea04-11dc-9a65-00016c097a72}]
shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe

======File associations======

.exe - open -

======List of files/folders created in the last 1 months======

2009-01-26 22:41:37 ----D---- C:\rsit
2009-01-26 15:55:28 ----D---- C:\ComboFix
2009-01-26 15:55:26 ----A---- C:\WINDOWS\system32\CF31523.exe
2009-01-26 15:54:15 ----A---- C:\WINDOWS\system32\CF31291.exe
2009-01-26 15:52:32 ----A---- C:\WINDOWS\system32\CF30951.exe
2009-01-26 14:33:50 ----A---- C:\WINDOWS\system32\CF15535.exe
2009-01-26 13:55:35 ----A---- C:\WINDOWS\system32\CF8037.exe
2009-01-26 13:48:38 ----A---- C:\WINDOWS\system32\CF6675.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\zip.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\VFIND.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\SWSC.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\SWREG.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\sed.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\grep.exe
2009-01-26 13:46:30 ----A---- C:\WINDOWS\fdsv.exe
2009-01-26 13:46:14 ----A---- C:\WINDOWS\system32\CF6205.exe
2009-01-26 13:45:45 ----A---- C:\WINDOWS\system32\CF6107.exe
2009-01-26 12:44:33 ----D---- C:\Avenger
2009-01-26 11:50:29 ----D---- C:\Documents and Settings\Lukáš\Application Data\Malwarebytes
2009-01-26 11:50:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-26 11:50:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-26 08:50:21 ----D---- C:\Program Files\Trend Micro
2009-01-19 15:20:52 ----D---- C:\Program Files\TallStick
2009-01-19 14:38:39 ----D---- C:\Documents and Settings\Lukáš\Application Data\Music Recognition
2009-01-19 14:38:24 ----D---- C:\Program Files\WIDI 3.3 Pro
2009-01-14 07:22:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-07 08:24:20 ----D---- C:\Documents and Settings\All Users\Application Data\KeenfinderSrch
2009-01-05 20:14:56 ----D---- C:\Program Files\DAMN NFO Viewer
2009-01-04 12:22:24 ----D---- C:\Program Files\MagicDisc
2009-01-03 08:39:08 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-02 10:23:59 ----D---- C:\Program Files\ASIO4ALL v2
2009-01-01 21:18:29 ----HDC---- C:\Documents and Settings\All Users\Application Data\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
2009-01-01 21:18:23 ----D---- C:\Documents and Settings\All Users\Application Data\Native Instruments
2009-01-01 21:18:15 ----HDC---- C:\Documents and Settings\All Users\Application Data\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
2009-01-01 21:18:08 ----D---- C:\Program Files\Native Instruments
2009-01-01 21:18:08 ----D---- C:\Program Files\Common Files\Native Instruments
2009-01-01 09:09:42 ----D---- C:\Program Files\Counter-Strike 1.6
2008-12-31 17:57:00 ----A---- C:\WINDOWS\system32\psisdecd.dll
2008-12-31 17:56:54 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2008-12-31 17:53:15 ----D---- C:\Program Files\Microsoft Games
2008-12-30 10:03:32 ----D---- C:\Program Files\Doggie Dash
2008-12-29 16:08:20 ----D---- C:\Program Files\Snapshot Adventures
2008-12-29 14:20:21 ----D---- C:\Program Files\Risk
2008-12-29 09:38:46 ----D---- C:\Documents and Settings\All Users\Application Data\FreshGames
2008-12-29 09:37:15 ----D---- C:\Program Files\Ranch Rush
2008-12-28 17:40:43 ----D---- C:\Program Files\Alice Greenfingers 2
2008-12-28 16:24:09 ----D---- C:\Documents and Settings\All Users\Application Data\InterAction studios
2008-12-28 15:50:14 ----D---- C:\Documents and Settings\All Users\Application Data\VirtualFarm
2008-12-28 12:08:57 ----D---- C:\Program Files\Farm Frenzy
2008-12-28 11:35:32 ----D---- C:\Program Files\Jet Jumper
2008-12-28 10:01:13 ----D---- C:\Documents and Settings\Lukáš\Application Data\iWin
2008-12-28 10:00:28 ----D---- C:\Program Files\Family Feud Dream Home
2008-12-27 17:43:28 ----D---- C:\Program Files\Pet Shop Hop
2008-12-27 17:41:19 ----D---- C:\Documents and Settings\All Users\Application Data\Fugazo
2008-12-27 17:40:51 ----D---- C:\Program Files\Cooking Academy
2008-12-27 16:28:16 ----D---- C:\Program Files\Puppy Luv
2008-12-27 14:48:49 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-12-27 10:16:43 ----D---- C:\Program Files\Sallys Salon
2008-12-27 09:10:22 ----D---- C:\Documents and Settings\All Users\Application Data\NevoSoft Games
2008-12-27 09:09:57 ----D---- C:\Program Files\Farm Craft

======List of files/folders modified in the last 1 months======

2009-01-26 22:34:07 ----D---- C:\Documents and Settings\Lukáš\Application Data\Skype
2009-01-26 22:33:33 ----D---- C:\Program Files\Mozilla Firefox
2009-01-26 22:22:07 ----D---- C:\WINDOWS\Prefetch
2009-01-26 22:22:07 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2009-01-26 20:22:33 ----D---- C:\Documents and Settings\Lukáš\Application Data\skypePM
2009-01-26 18:51:52 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-26 15:55:29 ----D---- C:\WINDOWS\system32
2009-01-26 15:54:17 ----D---- C:\QooBox
2009-01-26 13:46:30 ----D---- C:\WINDOWS
2009-01-26 13:16:23 ----D---- C:\WINDOWS\TEMP
2009-01-26 12:44:33 ----D---- C:\WINDOWS\system32\drivers
2009-01-26 12:44:33 ----A---- C:\avenger.txt
2009-01-26 12:31:46 ----D---- C:\Program Files
2009-01-26 09:50:37 ----D---- C:\Program Files\KeenfinderSrch
2009-01-24 22:07:29 ----D---- C:\Program Files\Valve
2009-01-24 19:43:38 ----A---- C:\WINDOWS\win.ini
2009-01-21 22:03:37 ----D---- C:\Documents and Settings\Lukáš\Application Data\uTorrent
2009-01-21 22:00:22 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-21 17:52:11 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-20 16:22:37 ----A---- C:\WINDOWS\wincmd.ini
2009-01-14 07:23:35 ----HD---- C:\Config.Msi
2009-01-14 07:23:34 ----SHD---- C:\WINDOWS\Installer
2009-01-14 07:22:56 ----HD---- C:\WINDOWS\inf
2009-01-14 07:22:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-14 07:22:27 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-12 15:57:45 ----D---- C:\Documents and Settings\Lukáš\Application Data\Zylom
2009-01-12 15:57:45 ----D---- C:\Documents and Settings\Lukáš\Application Data\Identities
2009-01-12 15:56:45 ----D---- C:\Program Files\Zylom Games
2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-05 21:03:57 ----D---- C:\Program Files\EA GAMES
2009-01-05 20:26:57 ----D---- C:\Documents and Settings\Lukáš\Application Data\ICQ
2009-01-04 18:02:59 ----D---- C:\WINDOWS\system32\DirectX
2009-01-04 18:02:58 ----RSD---- C:\WINDOWS\assembly
2009-01-04 14:12:42 ----D---- C:\Program Files\MagicISO
2009-01-02 10:44:40 ----D---- C:\Program Files\Image-Line
2009-01-02 10:44:21 ----D---- C:\Program Files\VstPlugins
2009-01-01 21:18:08 ----D---- C:\Program Files\Common Files
2008-12-31 19:50:43 ----D---- C:\Documents and Settings\Lukáš\Application Data\Microsoft Games
2008-12-31 17:57:37 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-31 17:56:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Games
2008-12-30 15:20:11 ----D---- C:\Program Files\Puzzle Quest
2008-12-30 14:06:11 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-30 13:54:17 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-12-30 13:54:17 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-12-30 10:03:43 ----D---- C:\Documents and Settings\Lukáš\Application Data\PlayFirst
2008-12-30 10:03:43 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-12-28 14:48:15 ----D---- C:\Documents and Settings\Lukáš\Application Data\GetRightToGo
2008-12-27 19:00:13 ----D---- C:\Program Files\Rollercoaster Rush
2008-12-27 19:00:02 ----D---- C:\Program Files\Crazy Penguin Catapult
2008-12-27 18:53:02 ----D---- C:\Program Files\Heavy Weapon
2008-12-27 14:49:01 ----A---- C:\WINDOWS\imsins.BAK
2008-12-27 10:56:04 ----D---- C:\Documents and Settings
2008-12-27 10:29:52 ----D---- C:\Program Files\Bus Driver

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2007-12-04 26624]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2007-12-04 42912]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-12-15 274432]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-12-15 81920]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2007-12-04 94544]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2007-12-04 23152]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-21 4405248]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-28 116736]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-10-13 81664]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-06-22 808448]
R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 a50c2wdm;a50c2wdm; C:\WINDOWS\system32\drivers\a50c2wdm.sys []
S3 azewnh4y;azewnh4y; C:\WINDOWS\system32\drivers\azewnh4y.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FXDrv32;FXDrv32; \??\D:\FXDrv32.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-07 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-07 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2007-12-04 17272]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe [2005-12-19 1368064]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2007-12-04 140664]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2007-12-04 247160]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2007-12-04 345464]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

redvo · Příspěvekod **redvo** » 27 led 2009 09:05

hmmm...takže prblém s EXE súbormi je vyriešený. Chyba bola v tom že ptípona *.EXE nemala priradené v Možnostiach priečinka typ súboru Application. Ale už to ide takže pridávam ten log z ComgoFix :

ComboFix 09-01-21.04 - Lukáš 2009-01-27 8:50:51.4 - NTFSx86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1033.18.766.360 [GMT 1:00]
Running from: c:\documents and settings\Lukáš\Desktop\ComboFix.exe
AV: avast! antivirus 4.7.1098 [VPS 090126-0] *On-access scanning disabled* (Updated)
FW: Kerio Personal Firewall *enabled*
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Lukáš\Application Data\Adssite Advanced Toolbar
c:\documents and settings\Lukáš\Application Data\Adssite Advanced Toolbar\selected.xml
c:\windows\system32\AutoRun.inf
c:\windows\system32\dumphive.exe
c:\windows\system32\kmd.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((( Files Created from 2008-12-27 to 2009-01-27 )))))))))))))))))))))))))))))))
.

2009-01-26 22:41 . 2009-01-26 22:41 <DIR> d-------- C:\rsit
2009-01-26 11:50 . 2009-01-26 11:50 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-26 11:50 . 2009-01-26 11:50 <DIR> d-------- c:\documents and settings\Lukáš\Application Data\Malwarebytes
2009-01-26 11:50 . 2009-01-26 11:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-26 11:50 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-26 11:50 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-26 08:50 . 2009-01-26 08:50 <DIR> d-------- c:\program files\Trend Micro
2009-01-19 15:20 . 2009-01-19 15:20 <DIR> d-------- c:\program files\TallStick
2009-01-19 14:38 . 2009-01-19 14:38 <DIR> d-------- c:\program files\WIDI 3.3 Pro
2009-01-19 14:38 . 2009-01-19 14:38 <DIR> d-------- c:\documents and settings\Lukáš\Application Data\Music Recognition
2009-01-12 15:57 . 2008-08-29 13:59 3,883,008 --a------ c:\windows\system32\Tropix2.scr
2009-01-07 08:24 . 2009-01-12 07:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\KeenfinderSrch
2009-01-05 20:14 . 2009-01-05 20:14 <DIR> d-------- c:\program files\DAMN NFO Viewer
2009-01-04 12:22 . 2009-01-04 15:59 <DIR> d-------- c:\program files\MagicDisc
2009-01-04 12:22 . 2008-07-28 17:19 116,736 --a------ c:\windows\system32\drivers\mcdbus.sys
2009-01-02 10:23 . 2009-01-02 10:23 <DIR> d-------- c:\program files\ASIO4ALL v2
2009-01-02 10:23 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d-------- c:\program files\Native Instruments
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d-------- c:\program files\Common Files\Native Instruments
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Native Instruments
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
2009-01-01 09:09 . 2009-01-21 21:28 <DIR> d-------- c:\program files\Counter-Strike 1.6
2008-12-31 17:57 . 2004-07-09 04:26 1,230,336 --a--c--- c:\windows\system32\dllcache\msvidctl.dll
2008-12-31 17:57 . 2004-07-09 04:26 354,816 --a------ c:\windows\system32\psisdecd.dll
2008-12-31 17:57 . 2004-07-09 04:26 354,816 --a--c--- c:\windows\system32\dllcache\psisdecd.dll
2008-12-31 17:57 . 2004-07-09 04:26 52,224 --a------ c:\windows\system32\msdvbnp.ax
2008-12-31 17:57 . 2004-07-09 04:26 52,224 --a--c--- c:\windows\system32\dllcache\msdvbnp.ax
2008-12-31 17:57 . 2004-07-09 04:26 52,096 --a------ c:\windows\system32\drivers\msdv.sys
2008-12-31 17:57 . 2004-07-09 04:26 52,096 --a--c--- c:\windows\system32\dllcache\msdv.sys
2008-12-31 17:57 . 2004-07-09 04:26 47,104 --a--c--- c:\windows\system32\dllcache\wstdecod.dll
2008-12-31 17:57 . 2004-07-09 04:26 30,208 --a------ c:\windows\system32\psisrndr.ax
2008-12-31 17:57 . 2004-07-09 04:26 30,208 --a--c--- c:\windows\system32\dllcache\psisrndr.ax
2008-12-31 17:53 . 2008-12-31 19:30 <DIR> d-------- c:\program files\Microsoft Games
2008-12-30 10:03 . 2008-12-30 20:54 <DIR> d-------- c:\program files\Doggie Dash
2008-12-29 16:08 . 2008-12-30 20:53 <DIR> d-------- c:\program files\Snapshot Adventures
2008-12-29 14:20 . 2008-12-30 20:53 <DIR> d-------- c:\program files\Risk
2008-12-29 09:38 . 2008-12-29 09:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\FreshGames
2008-12-29 09:37 . 2008-12-29 10:09 <DIR> d-------- c:\program files\Ranch Rush
2008-12-28 17:40 . 2009-01-09 13:04 <DIR> d-------- c:\program files\Alice Greenfingers 2
2008-12-28 16:24 . 2008-12-28 16:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\InterAction studios
2008-12-28 15:50 . 2008-12-28 16:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\VirtualFarm
2008-12-28 12:08 . 2008-12-29 08:31 <DIR> d-------- c:\program files\Farm Frenzy
2008-12-28 11:35 . 2008-12-29 08:31 <DIR> d-------- c:\program files\Jet Jumper
2008-12-28 10:01 . 2008-12-29 14:20 <DIR> d-------- c:\documents and settings\Lukáš\Application Data\iWin
2008-12-28 10:00 . 2008-12-29 08:32 <DIR> d-------- c:\program files\Family Feud Dream Home
2008-12-27 17:43 . 2008-12-29 08:31 <DIR> d-------- c:\program files\Pet Shop Hop
2008-12-27 17:41 . 2008-12-27 17:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Fugazo
2008-12-27 17:40 . 2008-12-27 18:52 <DIR> d-------- c:\program files\Cooking Academy
2008-12-27 16:28 . 2008-12-27 18:51 <DIR> d-------- c:\program files\Puppy Luv
2008-12-27 14:51 . 2008-04-13 20:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys
2008-12-27 14:51 . 2008-04-13 20:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2008-12-27 14:49 . 2008-12-27 14:49 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-27 14:49 . 2008-12-27 14:49 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-27 10:56 . 2008-12-27 10:56 <DIR> d-------- c:\documents and settings\Luk ç
2008-12-27 10:16 . 2008-12-27 18:52 <DIR> d-------- c:\program files\Sallys Salon
2008-12-27 10:16 . 2008-12-27 10:16 4,096 --a------ c:\windows\d3dx.dat
2008-12-27 09:10 . 2008-12-27 09:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\NevoSoft Games
2008-12-27 09:09 . 2008-12-27 18:52 <DIR> d-------- c:\program files\Farm Craft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-26 22:10 --------- d-----w c:\documents and settings\Lukáš\Application Data\Skype
2009-01-26 21:22 --------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-01-26 19:22 --------- d-----w c:\documents and settings\Lukáš\Application Data\skypePM
2009-01-26 08:50 --------- d-----w c:\program files\KeenfinderSrch
2009-01-26 07:53 16,844 ----a-w c:\windows\system32\drivers\fwdrv.err
2009-01-24 21:07 --------- d-----w c:\program files\Valve
2009-01-21 21:03 --------- d-----w c:\documents and settings\Lukáš\Application Data\uTorrent
2009-01-21 21:00 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-12 14:57 --------- d-----w c:\documents and settings\Lukáš\Application Data\Zylom
2009-01-12 14:56 --------- d-----w c:\program files\Zylom Games
2009-01-05 20:03 --------- d-----w c:\program files\EA GAMES
2009-01-05 19:26 --------- d-----w c:\documents and settings\Lukáš\Application Data\ICQ
2009-01-04 13:12 --------- d-----w c:\program files\MagicISO
2009-01-02 09:44 --------- d-----w c:\program files\VstPlugins
2009-01-02 09:44 --------- d-----w c:\program files\Image-Line
2008-12-31 18:50 --------- d-----w c:\documents and settings\Lukáš\Application Data\Microsoft Games
2008-12-31 16:56 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Games
2008-12-30 14:20 --------- d-----w c:\program files\Puzzle Quest
2008-12-30 13:06 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-30 12:54 409,600 ----a-w c:\windows\system32\wrap_oal.dll
2008-12-30 12:54 114,688 ----a-w c:\windows\system32\OpenAL32.dll
2008-12-30 09:03 --------- d-----w c:\documents and settings\Lukáš\Application Data\PlayFirst
2008-12-30 09:03 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst
2008-12-28 13:48 --------- d-----w c:\documents and settings\Lukáš\Application Data\GetRightToGo
2008-12-27 18:00 --------- d-----w c:\program files\Rollercoaster Rush
2008-12-27 18:00 --------- d-----w c:\program files\Crazy Penguin Catapult
2008-12-27 17:53 --------- d-----w c:\program files\Heavy Weapon
2008-12-27 09:29 --------- d-----w c:\program files\Bus Driver
2008-12-26 18:45 --------- d-----w c:\documents and settings\Lukáš\Application Data\Chessmaster Challenge
2008-12-26 13:02 --------- d-----w c:\documents and settings\Lukáš\Application Data\Reflexive Ashtons Family Resort
2008-12-26 13:02 --------- d-----w c:\documents and settings\All Users\Application Data\Reflexive Ashtons Family Resort
2008-12-25 19:45 --------- d-----w c:\program files\Sony Ericsson
2008-12-25 15:26 --------- d-----w c:\program files\QuickTime
2008-12-25 15:25 --------- d-----w c:\program files\Common Files\Apple
2008-12-25 15:25 --------- d-----w c:\program files\Apple Software Update
2008-12-25 15:25 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-24 20:53 --------- d-----w c:\program files\Media Art
2008-12-19 07:04 --------- d-----w c:\program files\OpenAL
2008-12-18 18:15 --------- d-----w c:\program files\uTorrent
2008-12-18 18:06 --------- d-----w c:\documents and settings\Lukáš\Application Data\DAEMON Tools Pro
2008-12-18 18:06 --------- d-----w c:\documents and settings\Lukáš\Application Data\DAEMON Tools Lite
2008-12-18 18:06 --------- d-----w c:\documents and settings\Lukáš\Application Data\DAEMON Tools
2008-12-18 18:05 --------- d-----w c:\program files\DAEMON Tools Lite
2008-12-18 18:05 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2008-12-18 10:23 --------- d-----w c:\program files\Tower Bloxx Deluxe
2008-12-17 19:32 --------- d-----w c:\documents and settings\Lukáš\Application Data\Hide IP NG
2008-12-17 14:33 --------- d-----w c:\program files\Farm Mania
2008-12-17 14:32 1,880 ----a-w c:\documents and settings\Lukáš\Application Data\mindhabits.dat
2008-12-17 14:20 --------- d-----w c:\program files\Got Game Entertainment
2008-12-17 08:19 --------- d-----w c:\documents and settings\All Users\Application Data\DigitalChocolate
2008-12-17 07:50 --------- d-----w c:\program files\Google
2008-12-16 09:35 --------- d-----w c:\program files\Xilisoft
2008-12-15 09:43 --------- d-----w c:\program files\1C
2008-12-15 09:29 --------- d-----w c:\program files\Common Files\InstallShield
2008-12-14 17:53 --------- d-----w c:\program files\DVDVideoSoft
2008-12-14 17:53 --------- d-----w c:\program files\AskBarDis
2008-12-13 08:07 --------- d-----w c:\program files\Eidos
2008-12-12 07:06 --------- d-----w c:\program files\DivX
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 08:21 --------- d-----w c:\program files\Glamus
2008-12-09 16:58 --------- d-----w c:\program files\ICQ6.5
2008-12-08 20:20 --------- d-----w c:\program files\ICQ6Toolbar
2008-12-08 17:36 --------- d-----w c:\documents and settings\Lukáš\Application Data\Uniblue
2008-12-07 15:53 --------- d-----w c:\program files\FileSubmit
2008-12-06 18:39 --------- d-----w c:\program files\IZArc
2008-12-06 17:34 --------- d-----w c:\program files\Windows Media Connect 2
2008-12-06 17:34 --------- d-----w c:\program files\Microsoft Plus! Digital Media Edition
2008-12-06 11:09 --------- d-----w c:\program files\Hewlett-Packard
2008-12-06 11:09 --------- d-----w c:\documents and settings\All Users\Application Data\HP Product Assistant
2008-12-06 11:09 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2008-12-06 10:33 --------- d-----w c:\documents and settings\Lukáš\Application Data\HP
2008-12-06 10:32 --------- d-----w c:\documents and settings\All Users\Application Data\WEBREG
2008-12-06 10:31 --------- d-----w c:\program files\HP
2008-12-06 10:31 --------- d-----w c:\documents and settings\All Users\Application Data\HPSSUPPLY
2008-12-06 10:30 --------- d-----w c:\documents and settings\Lukáš\Application Data\HPAppData
2008-12-06 10:29 --------- d-----w c:\program files\Common Files\HP
2008-12-06 10:29 --------- d-----w c:\program files\Common Files\Hewlett-Packard
2008-12-06 10:27 --------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2008-12-06 07:39 --------- d-----w c:\program files\Arcade Lab
2008-12-04 18:46 --------- d-----w c:\program files\Zoner
2008-12-04 18:45 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-04 16:43 --------- d-----w c:\program files\ICQ620_08_49
2008-12-04 16:35 --------- d-----w c:\program files\Skype
2008-12-04 16:35 --------- d-----w c:\program files\Common Files\Skype
2008-12-04 16:35 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-12-04 16:30 --------- d-----w c:\documents and settings\All Users\Application Data\ICQ
2008-12-04 15:19 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-04 12:49 2,864 ----a-w c:\windows\system32\winsock.dll
2008-12-04 11:19 --------- d-----w c:\program files\Sibelius Software
2008-12-04 11:10 --------- d-----w c:\program files\Macromedia
2008-12-04 11:10 --------- d-----w c:\program files\Common Files\Macromedia
2008-12-04 10:57 --------- d-----w c:\program files\3DO
2008-12-04 10:52 --------- d-----w c:\program files\SlySoft
2008-12-04 10:52 --------- d-----w c:\program files\Elaborate Bytes
2008-12-04 10:51 --------- d-----w c:\program files\Common Files\Adobe
2008-12-02 20:33 --------- d-----w c:\documents and settings\Lukáš\Application Data\My Battle for Middle-earth Files
2008-11-29 09:52 161 ----a-w c:\program files\setuplog.txt
2008-11-27 06:38 --------- d-----w c:\program files\ICQ6
2008-11-21 21:47 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-11-21 21:47 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2007-09-26 15:13 80 --sh--r c:\windows\system32\AEE61F1FA7.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 10:32 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-10 216520]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2008-11-30 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 79224]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 c:\windows\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"VTTimer"="VTTimer.exe" [2006-06-16 c:\windows\system32\VTTimer.exe]
"S3Trayp"="S3Trayp.exe" [2005-10-31 c:\windows\system32\S3Trayp.exe]
"Realtime Audio Engine"="mmrtkrnl.exe" [2007-07-18 c:\windows\system32\mmrtkrnl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Luk ç\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-01-04 575488]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ |„/Řű-Řkt/DţĂÍÖM\0ţĂÚÖM\0DţĂ\ţĂł×M\0DţĂt/0Kl<F

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2007-08-22 11264]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2005-12-15 274432]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2005-12-15 81920]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2006-10-10 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2007-02-27 55024]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2006-02-28 69120]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2007-08-22 808448]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2007-12-24 10251904]
R4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2008-11-27 222456]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\DRIVERS\pfc027.sys --> c:\windows\system32\DRIVERS\pfc027.sys [?]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2008-06-07 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2008-06-07 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2008-06-07 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2008-06-07 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2008-06-07 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2008-06-07 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2008-06-07 98952]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
S3 w200bus;Sony Ericsson W200 driver (WDM);c:\windows\system32\drivers\w200bus.sys [2008-06-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\windows\system32\drivers\w200mdfl.sys [2008-06-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\windows\system32\drivers\w200mdm.sys [2008-06-07 97056]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\windows\system32\drivers\w200obex.sys [2008-06-07 86368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-01-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-01-23 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe []
.
- - - - ORPHANS REMOVED - - - -

BHO-{96E74E0B-9143-4D55-B522-35112296956A} - (no file)
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
HKCU-RunOnce-Shockwave Updater - c:\windows\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET
Notify-jkkHArQk - jkkHArQk.dll

.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
mLocal Page = "řxn
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
uInternet Settings,ProxyServer = socks=
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
IE: &Search - ?p=ZNfox000
FF - ProfilePath - c:\documents and settings\Lukáš\Application Data\Mozilla\Firefox\Profiles\bo8yv69j.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-27 08:57:17
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-861567501-1229272821-725345543-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4d,c9,a8,cb,de,87,cb,49,f6,8b,07,31,db,51,08,49,54,b4,7b,27,d9,2b,02,
88,25,ed,72,bb,c2,9a,aa,ab,e5,eb,b9,b9,77,38,11,a2,17,9a,62,74,e5,9d,80,a9,\
"??"=hex:a6,39,de,02,d4,53,e5,2f,bd,7f,e5,e3,ce,0a,49,e4
.
Completion time: 2009-01-27 9:00:36
ComboFix-quarantined-files.txt 2009-01-27 08:00:32
ComboFix2.txt 2008-02-14 17:06:08
ComboFix3.txt 2008-02-13 20:27:59
ComboFix4.txt 2008-01-11 14:51:44

Pre-Run: 136,264,572,928 bytes free
Post-Run: 20 adresárov, 153,875,955,712 voľných bajtov

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
325 --- E O F --- 2009-01-14 06:23:36

Příspěvekod **memphisto** » 27 led 2009 10:57

Omlouvám se za prodlevy.

Takže:
1) odinstaluj ICQ Toolbar

2) START-spustit-napiš=cmd.exe-dej OK- v dosovém okně vlož myší toto:
Sc stop FXDrv32
Sc delete FXDrv32
exit

3)Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
c:\program files\AskBarDis

File::
d:\FXDrv32.sys

Driver::
FXDrv32

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

4) Toto otestuj na VirusTotalu
c:\windows\system32\AEE61F1FA7.dll
vlož sem pak odkaz s výsledkem

redvo · Příspěvekod **redvo** » 27 led 2009 15:43

takze tu je log z ComboFix :

ComboFix 09-01-21.04 - Lukáš 2009-01-27 15:22:02.5 - NTFSx86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1033.18.766.384 [GMT 1:00]
Running from: c:\documents and settings\Lukáš\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Lukáš\Desktop\CFScript.txt
AV: avast! antivirus 4.7.1098 [VPS 090127-0] *On-access scanning disabled* (Updated)
FW: Kerio Personal Firewall *enabled*
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
d:\FXDrv32.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\00B59EA1
c:\program files\AskBarDis\bar\Cache\00B5A3C1.bin
c:\program files\AskBarDis\bar\Cache\00B5A586.bin
c:\program files\AskBarDis\bar\Cache\00B5A73C.bin
c:\program files\AskBarDis\bar\Cache\00B5A8F1.bin
c:\program files\AskBarDis\bar\Cache\00B5AA39.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FXDRV32

((((((((((((((((((((((((( Files Created from 2008-12-27 to 2009-01-27 )))))))))))))))))))))))))))))))
.

2009-01-26 22:41 . 2009-01-26 22:41 <DIR> d-------- C:\rsit
2009-01-26 11:50 . 2009-01-26 11:50 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-26 11:50 . 2009-01-26 11:50 <DIR> d-------- c:\documents and settings\Lukáš\Application Data\Malwarebytes
2009-01-26 11:50 . 2009-01-26 11:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-26 11:50 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-26 11:50 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-26 08:50 . 2009-01-26 08:50 <DIR> d-------- c:\program files\Trend Micro
2009-01-19 15:20 . 2009-01-19 15:20 <DIR> d-------- c:\program files\TallStick
2009-01-19 14:38 . 2009-01-19 14:38 <DIR> d-------- c:\program files\WIDI 3.3 Pro
2009-01-19 14:38 . 2009-01-19 14:38 <DIR> d-------- c:\documents and settings\Lukáš\Application Data\Music Recognition
2009-01-12 15:57 . 2008-08-29 13:59 3,883,008 --a------ c:\windows\system32\Tropix2.scr
2009-01-07 08:24 . 2009-01-12 07:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\KeenfinderSrch
2009-01-05 20:14 . 2009-01-05 20:14 <DIR> d-------- c:\program files\DAMN NFO Viewer
2009-01-04 12:22 . 2009-01-04 15:59 <DIR> d-------- c:\program files\MagicDisc
2009-01-04 12:22 . 2008-07-28 17:19 116,736 --a------ c:\windows\system32\drivers\mcdbus.sys
2009-01-02 10:23 . 2009-01-02 10:23 <DIR> d-------- c:\program files\ASIO4ALL v2
2009-01-02 10:23 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d-------- c:\program files\Native Instruments
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d-------- c:\program files\Common Files\Native Instruments
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Native Instruments
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
2009-01-01 21:18 . 2009-01-01 21:18 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
2009-01-01 09:09 . 2009-01-21 21:28 <DIR> d-------- c:\program files\Counter-Strike 1.6
2008-12-31 17:57 . 2004-07-09 04:26 1,230,336 --a--c--- c:\windows\system32\dllcache\msvidctl.dll
2008-12-31 17:57 . 2004-07-09 04:26 354,816 --a------ c:\windows\system32\psisdecd.dll
2008-12-31 17:57 . 2004-07-09 04:26 354,816 --a--c--- c:\windows\system32\dllcache\psisdecd.dll
2008-12-31 17:57 . 2004-07-09 04:26 52,224 --a------ c:\windows\system32\msdvbnp.ax
2008-12-31 17:57 . 2004-07-09 04:26 52,224 --a--c--- c:\windows\system32\dllcache\msdvbnp.ax
2008-12-31 17:57 . 2004-07-09 04:26 52,096 --a------ c:\windows\system32\drivers\msdv.sys
2008-12-31 17:57 . 2004-07-09 04:26 52,096 --a--c--- c:\windows\system32\dllcache\msdv.sys
2008-12-31 17:57 . 2004-07-09 04:26 47,104 --a--c--- c:\windows\system32\dllcache\wstdecod.dll
2008-12-31 17:57 . 2004-07-09 04:26 30,208 --a------ c:\windows\system32\psisrndr.ax
2008-12-31 17:57 . 2004-07-09 04:26 30,208 --a--c--- c:\windows\system32\dllcache\psisrndr.ax
2008-12-31 17:53 . 2008-12-31 19:30 <DIR> d-------- c:\program files\Microsoft Games
2008-12-30 10:03 . 2008-12-30 20:54 <DIR> d-------- c:\program files\Doggie Dash
2008-12-29 16:08 . 2008-12-30 20:53 <DIR> d-------- c:\program files\Snapshot Adventures
2008-12-29 14:20 . 2008-12-30 20:53 <DIR> d-------- c:\program files\Risk
2008-12-29 09:38 . 2008-12-29 09:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\FreshGames
2008-12-29 09:37 . 2008-12-29 10:09 <DIR> d-------- c:\program files\Ranch Rush
2008-12-28 17:40 . 2009-01-09 13:04 <DIR> d-------- c:\program files\Alice Greenfingers 2
2008-12-28 16:24 . 2008-12-28 16:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\InterAction studios
2008-12-28 15:50 . 2008-12-28 16:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\VirtualFarm
2008-12-28 12:08 . 2008-12-29 08:31 <DIR> d-------- c:\program files\Farm Frenzy
2008-12-28 11:35 . 2008-12-29 08:31 <DIR> d-------- c:\program files\Jet Jumper
2008-12-28 10:01 . 2008-12-29 14:20 <DIR> d-------- c:\documents and settings\Lukáš\Application Data\iWin
2008-12-28 10:00 . 2008-12-29 08:32 <DIR> d-------- c:\program files\Family Feud Dream Home
2008-12-27 17:43 . 2008-12-29 08:31 <DIR> d-------- c:\program files\Pet Shop Hop
2008-12-27 17:41 . 2008-12-27 17:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Fugazo
2008-12-27 17:40 . 2008-12-27 18:52 <DIR> d-------- c:\program files\Cooking Academy
2008-12-27 16:28 . 2008-12-27 18:51 <DIR> d-------- c:\program files\Puppy Luv
2008-12-27 14:51 . 2008-04-13 20:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys
2008-12-27 14:51 . 2008-04-13 20:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2008-12-27 14:49 . 2008-12-27 14:49 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-27 14:49 . 2008-12-27 14:49 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-27 10:56 . 2008-12-27 10:56 <DIR> d-------- c:\documents and settings\Luk ç
2008-12-27 10:16 . 2008-12-27 18:52 <DIR> d-------- c:\program files\Sallys Salon
2008-12-27 10:16 . 2008-12-27 10:16 4,096 --a------ c:\windows\d3dx.dat
2008-12-27 09:10 . 2008-12-27 09:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\NevoSoft Games
2008-12-27 09:09 . 2008-12-27 18:52 <DIR> d-------- c:\program files\Farm Craft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-26 22:10 --------- d-----w c:\documents and settings\Lukáš\Application Data\Skype
2009-01-26 21:22 --------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-01-26 19:22 --------- d-----w c:\documents and settings\Lukáš\Application Data\skypePM
2009-01-26 08:50 --------- d-----w c:\program files\KeenfinderSrch
2009-01-26 07:53 16,844 ----a-w c:\windows\system32\drivers\fwdrv.err
2009-01-24 21:07 --------- d-----w c:\program files\Valve
2009-01-21 21:03 --------- d-----w c:\documents and settings\Lukáš\Application Data\uTorrent
2009-01-21 21:00 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-12 14:57 --------- d-----w c:\documents and settings\Lukáš\Application Data\Zylom
2009-01-12 14:56 --------- d-----w c:\program files\Zylom Games
2009-01-05 20:03 --------- d-----w c:\program files\EA GAMES
2009-01-05 19:26 --------- d-----w c:\documents and settings\Lukáš\Application Data\ICQ
2009-01-04 13:12 --------- d-----w c:\program files\MagicISO
2009-01-02 09:44 --------- d-----w c:\program files\VstPlugins
2009-01-02 09:44 --------- d-----w c:\program files\Image-Line
2008-12-31 18:50 --------- d-----w c:\documents and settings\Lukáš\Application Data\Microsoft Games
2008-12-31 16:56 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Games
2008-12-30 14:20 --------- d-----w c:\program files\Puzzle Quest
2008-12-30 13:06 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-30 12:54 409,600 ----a-w c:\windows\system32\wrap_oal.dll
2008-12-30 12:54 114,688 ----a-w c:\windows\system32\OpenAL32.dll
2008-12-30 09:03 --------- d-----w c:\documents and settings\Lukáš\Application Data\PlayFirst
2008-12-30 09:03 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst
2008-12-28 13:48 --------- d-----w c:\documents and settings\Lukáš\Application Data\GetRightToGo
2008-12-27 18:00 --------- d-----w c:\program files\Rollercoaster Rush
2008-12-27 18:00 --------- d-----w c:\program files\Crazy Penguin Catapult
2008-12-27 17:53 --------- d-----w c:\program files\Heavy Weapon
2008-12-27 09:29 --------- d-----w c:\program files\Bus Driver
2008-12-26 18:45 --------- d-----w c:\documents and settings\Lukáš\Application Data\Chessmaster Challenge
2008-12-26 13:02 --------- d-----w c:\documents and settings\Lukáš\Application Data\Reflexive Ashtons Family Resort
2008-12-26 13:02 --------- d-----w c:\documents and settings\All Users\Application Data\Reflexive Ashtons Family Resort
2008-12-25 19:45 --------- d-----w c:\program files\Sony Ericsson
2008-12-25 15:26 --------- d-----w c:\program files\QuickTime
2008-12-25 15:25 --------- d-----w c:\program files\Common Files\Apple
2008-12-25 15:25 --------- d-----w c:\program files\Apple Software Update
2008-12-25 15:25 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-24 20:53 --------- d-----w c:\program files\Media Art
2008-12-19 07:04 --------- d-----w c:\program files\OpenAL
2008-12-18 18:15 --------- d-----w c:\program files\uTorrent
2008-12-18 18:06 --------- d-----w c:\documents and settings\Lukáš\Application Data\DAEMON Tools Pro
2008-12-18 18:06 --------- d-----w c:\documents and settings\Lukáš\Application Data\DAEMON Tools Lite
2008-12-18 18:06 --------- d-----w c:\documents and settings\Lukáš\Application Data\DAEMON Tools
2008-12-18 18:05 --------- d-----w c:\program files\DAEMON Tools Lite
2008-12-18 18:05 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2008-12-18 10:23 --------- d-----w c:\program files\Tower Bloxx Deluxe
2008-12-17 19:32 --------- d-----w c:\documents and settings\Lukáš\Application Data\Hide IP NG
2008-12-17 14:33 --------- d-----w c:\program files\Farm Mania
2008-12-17 14:32 1,880 ----a-w c:\documents and settings\Lukáš\Application Data\mindhabits.dat
2008-12-17 14:20 --------- d-----w c:\program files\Got Game Entertainment
2008-12-17 08:19 --------- d-----w c:\documents and settings\All Users\Application Data\DigitalChocolate
2008-12-17 07:50 --------- d-----w c:\program files\Google
2008-12-16 09:35 --------- d-----w c:\program files\Xilisoft
2008-12-15 09:43 --------- d-----w c:\program files\1C
2008-12-15 09:29 --------- d-----w c:\program files\Common Files\InstallShield
2008-12-14 17:53 --------- d-----w c:\program files\DVDVideoSoft
2008-12-13 08:07 --------- d-----w c:\program files\Eidos
2008-12-12 07:06 --------- d-----w c:\program files\DivX
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 08:21 --------- d-----w c:\program files\Glamus
2008-12-09 16:58 --------- d-----w c:\program files\ICQ6.5
2008-12-08 20:20 --------- d-----w c:\program files\ICQ6Toolbar
2008-12-08 17:36 --------- d-----w c:\documents and settings\Lukáš\Application Data\Uniblue
2008-12-07 15:53 --------- d-----w c:\program files\FileSubmit
2008-12-06 18:39 --------- d-----w c:\program files\IZArc
2008-12-06 17:34 --------- d-----w c:\program files\Windows Media Connect 2
2008-12-06 17:34 --------- d-----w c:\program files\Microsoft Plus! Digital Media Edition
2008-12-06 11:09 --------- d-----w c:\program files\Hewlett-Packard
2008-12-06 11:09 --------- d-----w c:\documents and settings\All Users\Application Data\HP Product Assistant
2008-12-06 11:09 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2008-12-06 10:33 --------- d-----w c:\documents and settings\Lukáš\Application Data\HP
2008-12-06 10:32 --------- d-----w c:\documents and settings\All Users\Application Data\WEBREG
2008-12-06 10:31 --------- d-----w c:\program files\HP
2008-12-06 10:31 --------- d-----w c:\documents and settings\All Users\Application Data\HPSSUPPLY
2008-12-06 10:30 --------- d-----w c:\documents and settings\Lukáš\Application Data\HPAppData
2008-12-06 10:29 --------- d-----w c:\program files\Common Files\HP
2008-12-06 10:29 --------- d-----w c:\program files\Common Files\Hewlett-Packard
2008-12-06 10:27 --------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2008-12-06 07:39 --------- d-----w c:\program files\Arcade Lab
2008-12-04 18:46 --------- d-----w c:\program files\Zoner
2008-12-04 18:45 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-04 16:43 --------- d-----w c:\program files\ICQ620_08_49
2008-12-04 16:35 --------- d-----w c:\program files\Skype
2008-12-04 16:35 --------- d-----w c:\program files\Common Files\Skype
2008-12-04 16:35 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-12-04 16:30 --------- d-----w c:\documents and settings\All Users\Application Data\ICQ
2008-12-04 15:19 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-04 12:49 2,864 ----a-w c:\windows\system32\winsock.dll
2008-12-04 11:19 --------- d-----w c:\program files\Sibelius Software
2008-12-04 11:10 --------- d-----w c:\program files\Macromedia
2008-12-04 11:10 --------- d-----w c:\program files\Common Files\Macromedia
2008-12-04 10:57 --------- d-----w c:\program files\3DO
2008-12-04 10:52 --------- d-----w c:\program files\SlySoft
2008-12-04 10:52 --------- d-----w c:\program files\Elaborate Bytes
2008-12-04 10:51 --------- d-----w c:\program files\Common Files\Adobe
2008-12-02 20:33 --------- d-----w c:\documents and settings\Lukáš\Application Data\My Battle for Middle-earth Files
2008-11-29 09:52 161 ----a-w c:\program files\setuplog.txt
2008-11-27 06:38 --------- d-----w c:\program files\ICQ6
2008-11-21 21:47 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-11-21 21:47 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-11-21 21:46 200,704 ----a-w c:\windows\system32\ssldivx.dll
2007-09-26 15:13 80 --sh--r c:\windows\system32\AEE61F1FA7.dll
.

((((((((((((((((((((((((((((( snapshot@2009-01-27_ 8.58.28.93 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2009-01-27 14:29:07 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_538.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-10 216520]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2008-11-30 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 79224]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 c:\windows\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"VTTimer"="VTTimer.exe" [2006-06-16 c:\windows\system32\VTTimer.exe]
"S3Trayp"="S3Trayp.exe" [2005-10-31 c:\windows\system32\S3Trayp.exe]
"Realtime Audio Engine"="mmrtkrnl.exe" [2007-07-18 c:\windows\system32\mmrtkrnl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WMC_0"="c:\windows\inf\unregmp2.exe" [2007-06-26 317440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Luk ç\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-01-04 575488]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ |„/Řű-Řkt/DţĂÍÖM\0ţĂÚÖM\0DţĂ\ţĂł×M\0DţĂt/0Kl<F

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2007-08-22 11264]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2005-12-15 274432]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2005-12-15 81920]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2006-10-10 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2007-02-27 55024]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2006-02-28 69120]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2007-08-22 808448]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2007-12-24 10251904]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\DRIVERS\pfc027.sys --> c:\windows\system32\DRIVERS\pfc027.sys [?]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2008-06-07 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2008-06-07 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2008-06-07 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2008-06-07 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2008-06-07 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2008-06-07 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2008-06-07 98952]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
S3 w200bus;Sony Ericsson W200 driver (WDM);c:\windows\system32\drivers\w200bus.sys [2008-06-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\windows\system32\drivers\w200mdfl.sys [2008-06-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\windows\system32\drivers\w200mdm.sys [2008-06-07 97056]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\windows\system32\drivers\w200obex.sys [2008-06-07 86368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-01-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-01-23 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe []
.
- - - - ORPHANS REMOVED - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\AskBarDis\bar\bin\askBar.dll
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\AskBarDis\bar\bin\askBar.dll
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll

.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
mLocal Page = "řxn
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
uInternet Settings,ProxyServer = socks=
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
IE: &Search - ?p=ZNfox000
FF - ProfilePath - c:\documents and settings\Lukáš\Application Data\Mozilla\Firefox\Profiles\bo8yv69j.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-27 15:30:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-861567501-1229272821-725345543-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4d,c9,a8,cb,de,87,cb,49,f6,8b,07,31,db,51,08,49,54,b4,7b,27,d9,2b,02,
88,25,ed,72,bb,c2,9a,aa,ab,e5,eb,b9,b9,77,38,11,a2,17,9a,62,74,e5,9d,80,a9,\
"??"=hex:a6,39,de,02,d4,53,e5,2f,bd,7f,e5,e3,ce,0a,49,e4
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
c:\program files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\PAStiSvc.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2009-01-27 15:35:28 - machine was rebooted [Lukáš]
ComboFix-quarantined-files.txt 2009-01-27 14:35:22
ComboFix2.txt 2009-01-27 08:00:41
ComboFix3.txt 2008-02-14 17:06:08
ComboFix4.txt 2008-02-13 20:27:59
ComboFix5.txt 2009-01-27 14:07:56

Pre-Run: 153,851,498,496 bytes free
Post-Run: 20 adresárov, 153,757,192,192 voľných bajtov

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
349 --- E O F --- 2009-01-14 06:23:36

tu je log z HJT :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:38:32, on 27. 1. 2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\S3Trayp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\tsnp325.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\mmrtkrnl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = "řxn
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: [WMC_0] C:\WINDOWS\system32\cmd.exe /c """""C:\WINDOWS\inf\unregmp2.exe"" /ShowWMP"""
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - ?p=ZNfox000
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 8933 bytes

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online