PC-HELP.CZ

tak sem mam tabulku z hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:14:16, on 26. 7. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\stbsvc.exe
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\stbsvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\WerFault.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60341
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: GamingHarbor Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\stb0.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BsMnt] C:\Windows\BisonCam\BsMnt.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SmileyApp] C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\stbapp.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11854 bytes

//Odděleno od původního topicu a přesunuto do sekce HJT

//mmm

Toto téma smaž:
viewtopic.php?f=47&t=42954 --křížkem

Odinstaluj:
GamingHarbor Toolbar
DoubleD
Internet Saving Optimizer
System Search Dispatcher

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod: viewtopic.php?f=70&t=5119

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: &amp;Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O3 - Toolbar: GamingHarbor Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\stb0.dll
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &amp;Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O13 - Gopher Prefix:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

gamingharbor toolbar mi nejde odinštalovať stale mi to vyhadzuje
Setup Error

Setup was unable to locate the ProductInfo.dll on your system

čo mam s tym robiť??? a tuto poslednu System Search Dispatcher
ani nemožem najst

Tak to nech a pokračuj Malwarebytes' Anti-Malware, ten to smaže.

Malwarebytes' Anti-Malware 1.39
Verzia databázy: 2504
Windows 6.0.6002 Service Pack 2

26. 7. 2009 10:03:26
mbam-log-2009-07-26 (10-02-22).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 97259
Uplynutý cas: 8 minute(s), 38 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 48
Infikovaných registracných hodnôt: 3
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 22
Infikovaných súborov: 130

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{5297e905-1dfb-4a9c-9871-a4f95fd58945} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{22c12739-c111-44c6-9bb7-f335c2a9be2a} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{edb1a56e-2224-4c79-a4bd-42a39c6e4608} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{27ff1ee8-8ccc-49e1-b801-f212e3744e80} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.

Infikovaných registracných hodnôt:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{872a1c39-df0b-4c8b-ad84-12ba24a3b781} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smileyapp (Adware.DoubleD) -> No action taken.

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290 (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\FFToolbar (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\chrome (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\chrome\locale (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\chrome\locale\en-US (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\components (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\searchplugins (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850 (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\Data (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\content (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\components (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340 (Adware.DoubleD) -> No action taken.

Infikovaných súborov:
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\OEActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.3.20290\stb0.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\AxGifAnimator.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\gdiplus.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\HookAPINT.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\mfc80.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Microsoft.VC80.CRT.manifest (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\msvcr80.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\MyDll.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Riched20Smiley.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\SkinCrafterDll.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbAol.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbapp.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbapp.exe (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbappHelper.exe (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbasst.exe (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbIE.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbMsn.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbOL.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbOLEX.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbsvc.exe (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbYahoo8.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\stbYahoo9.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache\default1.dat (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache\loading.dat (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Cache\loading.gif (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Cursor.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Glitter.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Recipe.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Ringtone.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Screensaver.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Smiley.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\pixel.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\profile.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\chrome.manifest (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\install.rdf (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\components\DDAutoComplete.js (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\components\SmileyCore.dll (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\components\TBFFHelper.js (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\fftoolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\About.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Cursor.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Cursor.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Glitter.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Glitter.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Recipe.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Ringtone.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Screensaver.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Smiley.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\gamingharbor toolbar\4.1.3.20290\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\HPCommon.dll (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\hppx.exe (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\MAHelper.exe (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\unins000.dat (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\unins000.exe (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\Data\config.md (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\install.rdf (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> No action taken.
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> No action taken.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log z MbAM.

Vypni rez. ochranu u NOD32+štít u SpywareTerminatoru.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Budu tady asi za 2h..

ComboFix 09-07-25.04 - martin . 07. 2009 11:20.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.2047.1190 [GMT 2:00]
Running from: c:\users\martin\Desktop\Downloads\ComboFix.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\windows\Installer\17e70d.msi
c:\windows\Installer\fc9477d.msi

.
((((((((((((((((((((((((( Files Created from 2009-06-26 to 2009-07-26 )))))))))))))))))))))))))))))))
.

2009-07-25 03:52 . 2009-07-25 05:43 -------- d-----w- c:\programdata\Spyware Terminator
2009-07-25 03:52 . 2009-07-26 06:05 -------- d-----w- c:\program files\Spyware Terminator
2009-07-24 19:40 . 2009-07-24 19:40 -------- d-----w- c:\users\martin\AppData\Roaming\Uniblue
2009-07-24 19:33 . 2009-07-24 19:37 -------- d-----w- c:\programdata\PrevxCSI
2009-07-17 20:53 . 2009-07-26 09:04 -------- d-----w- c:\users\martin\Tracing
2009-07-17 20:53 . 2009-07-17 20:53 592947 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\HJSetup.exe
2009-07-17 20:53 . 2009-07-17 20:53 595765 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\AdwareSetup.exe
2009-07-17 20:53 . 2009-07-13 10:01 3004139 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\Setup.exe
2009-07-17 20:53 . 2009-07-17 20:53 -------- dc-h--w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}
2009-07-17 17:27 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-17 17:27 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 17:27 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-17 17:27 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-17 17:27 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\ca-ES
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\eu-ES
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\vi-VN
2009-07-07 22:06 . 2009-07-07 22:06 -------- d-----w- c:\windows\system32\EventProviders
2009-07-07 22:00 . 2009-04-11 06:28 670720 ----a-w- c:\windows\system32\mssvp.dll
2009-07-07 21:59 . 2009-04-11 06:28 152576 ----a-w- c:\windows\system32\wbem\wmiprov.dll
2009-07-07 21:58 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-07-07 21:58 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-07-07 21:58 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-07-07 21:58 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-07-07 21:58 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-07-07 21:58 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-07-07 21:58 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-07-07 21:58 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-07-07 21:58 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-07-07 21:58 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-07-07 21:58 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-07-07 05:31 . 2009-07-07 05:31 -------- d-----w- c:\program files\ESET
2009-07-02 12:09 . 2009-07-02 12:09 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-27 08:06 . 2009-06-27 08:06 -------- d-----w- c:\program files\Google
2009-06-27 07:19 . 2009-07-03 07:17 -------- d-----w- c:\users\martin\AppData\Roaming\DivX
2009-06-27 06:57 . 2009-07-02 12:10 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-06-27 06:56 . 2009-07-02 12:10 -------- d-----w- c:\program files\DivX

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-26 09:17 . 2009-07-25 03:52 -------- d-----w- c:\users\martin\AppData\Roaming\Spyware Terminator
2009-07-26 09:10 . 2008-09-07 14:28 7930 ----a-w- c:\windows\system32\perfc01B.dat
2009-07-26 09:10 . 2008-09-07 14:28 28910 ----a-w- c:\windows\system32\perfh01B.dat
2009-07-26 09:04 . 2008-05-16 10:17 -------- d-----w- c:\users\martin\AppData\Roaming\OpenOffice.org2
2009-07-26 09:01 . 2008-09-29 16:26 -------- d-----w- c:\program files\ICQToolbar
2009-07-13 10:01 . 2009-07-17 20:52 262424 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\D5797E3B\3E688669\stbYahoo9.dll
2009-07-13 10:01 . 2009-07-17 20:52 254232 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\6216A4BD\3E688669\stbYahoo8.dll
2009-07-13 10:01 . 2009-07-17 20:52 872728 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\B75FA91E\3E688669\stbsvc.exe
2009-07-13 10:01 . 2009-07-17 20:52 205080 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\stbsh.dll
2009-07-13 10:01 . 2009-07-17 20:52 479512 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\stbpx.exe
2009-07-13 10:01 . 2009-07-17 20:52 229656 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\628759C1\3E688669\stbOLEX.dll
2009-07-13 10:01 . 2009-07-17 20:52 205080 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\A26F7F7\3E688669\stbOL.dll
2009-07-13 10:01 . 2009-07-17 20:52 323864 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\B3AC8875\3E688669\stbMsn.dll
2009-07-13 10:01 . 2009-07-17 20:52 229656 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\C3C6C2CD\3E688669\stbIE.dll
2009-07-13 10:01 . 2009-07-17 20:52 491800 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\BED3DEFB\3E688669\stbasst.exe
2009-07-13 10:01 . 2009-07-17 20:52 94488 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\15D3A7BB\3E688669\stbappHelper.exe
2009-07-13 09:21 . 2009-07-17 20:52 423528 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\SSD.exe
2009-07-09 19:18 . 2008-01-15 14:16 -------- d-----w- c:\program files\Autodesk
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-07-07 23:59 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-07 22:20 . 2006-11-02 12:37 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.CompositeFont
2009-07-02 10:22 . 2008-09-09 06:11 -------- d-----w- c:\users\martin\AppData\Roaming\ICQ
2009-06-28 15:24 . 2008-10-15 20:09 -------- d-----w- c:\programdata\Lx_cats
2009-06-06 11:22 . 2008-05-27 19:12 -------- d-----w- c:\users\martin\AppData\Roaming\dvdcss
2009-06-04 07:06 . 2008-01-15 13:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-30 08:18 . 2009-05-30 08:18 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-30 08:18 . 2009-05-30 08:18 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-05-30 08:16 . 2009-05-30 08:16 -------- d-----w- c:\program files\Microsoft
2009-05-30 08:16 . 2009-05-30 08:16 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-05-30 08:05 . 2009-05-30 08:05 -------- d-----w- c:\program files\Common Files\Windows Live
2009-05-30 01:11 . 2008-01-15 13:33 133792 ----a-w- c:\users\martin\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-30 01:02 . 2009-02-23 08:40 -------- d-----w- c:\program files\Microsoft Works
2009-05-13 21:56 . 2008-05-19 19:21 120056 ------w- c:\windows\system32\PxCpyI64.exe
2009-05-13 21:56 . 2008-05-19 19:21 118520 ------w- c:\windows\system32\PxInsI64.exe
2009-05-09 05:50 . 2009-06-10 15:12 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 15:12 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-07-15 21:16 . 2009-07-25 04:07 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-27 39408]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-07-25 3055616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-01 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-01 8501792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-01 81920]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-01 111928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"lxdxmon.exe"="c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe" [2008-03-20 668328]
"lxdxamon"="c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe" [2008-03-20 16040]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-27 68592]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-06-15 1826816]

c:\users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2005-10-15 61440]
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-5-19 344064]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-18 2752512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):1f,24,8c,5b,a6,ff,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C3BD0920-C8C1-4CA8-B666-D4F42817C692}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{2B5ACBB4-6083-48F6-9FB5-11D4558F1100}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{16E75630-83CB-4254-87B3-A48693299CAD}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{3BE57484-51FC-46B7-A0B8-49E6ED361C41}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{6A4B307B-70B8-4FF3-BEE3-6F0536713EFB}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F884B328-8288-45DD-B9EC-9069CE376608}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{F2811459-4B64-44A8-8BC2-98D588DB717F}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{FA74535B-FDA5-4382-92D8-7EABE25F6468}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{28135AF5-7E48-4C54-8687-54A325D60E12}"= UDP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{93940113-BB1D-4453-8D42-E0D97819D3CF}"= TCP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{7F5EB104-C27F-45C2-B66E-E11DD905E4C3}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{B8FA7F16-C57D-4076-83EF-9583ACA223F6}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{6088AAB0-451C-449D-8F35-3DC90A83E2D8}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{1BFE01BB-3EA6-4749-A8DF-56341B63B434}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{4F5D4B75-EA99-491D-BB43-CBE0691FC7AE}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{1674EA1E-4C17-41A6-9DA6-42026039650F}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{BC2795F3-9CE1-4DA0-95EA-5C5966BB3F87}"= UDP:c:\users\martin\AppData\Local\Temp\lxdx\wireless\lxdxwpss.exe:
"{8C4B22D2-415E-4F15-A228-F129E2D3FEDA}"= TCP:c:\users\martin\AppData\Local\Temp\lxdx\wireless\lxdxwpss.exe:
"{744CF8AD-EFDD-4D3C-AF2C-A05ED2B0DC90}"= UDP:c:\windows\System32\lxdxcfg.exe:Printer Communication System
"{791F485B-E48E-4156-99A4-98A9874C98E3}"= TCP:c:\windows\System32\lxdxcfg.exe:Printer Communication System
"{26CD0AEF-5C82-4D3C-B460-D13497622915}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{96FB4766-0345-405E-821F-AEB58ABE19A2}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{F4FE5718-F06F-4A9F-B911-E14D190ED94D}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{CA05DCBD-2CB6-458C-8AEF-C2D7A2B17536}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{EC68F6FA-93B8-4863-9E4C-69F321301989}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxjswx.exe:Job Status Window Interface
"{8A9D22B7-A8AC-41AE-AF5C-3C7EC578C05C}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxjswx.exe:Job Status Window Interface
"{5DD681A9-B72E-4F14-9741-44FEDE3F4965}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{81B620F5-165E-4535-84CF-D7FD1413E3DD}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{D0272232-F126-4FEC-B0AE-B6D7900EBC26}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{5EBEA2EB-04EB-4455-A52E-5ACF875E0C08}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{CD49AF9B-94E5-44FC-B2F9-C84894F55EEE}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"{B7118F57-544D-4D90-B0ED-5144BD9BF298}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"TCP Query User{E82A3B4B-AE4B-4ADA-A043-8E01F8B8C977}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{1C88FE5B-841A-4276-9412-216FED1D86D2}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"{F91BE8CF-AC1E-4B02-ABA1-35ED8B7393CC}"= UDP:c:\program files\Lexmark 3600-4600 Series\frun.exe:Lexmark Productivity Studio
"{0CE0E0AF-4CB9-4E81-8587-F76BB01BF669}"= TCP:c:\program files\Lexmark 3600-4600 Series\frun.exe:Lexmark Productivity Studio
"TCP Query User{3390716B-5571-4DEE-B92D-74B5228AA026}c:\\program files\\icq6.5\\icq.exe"= UDP:c:\program files\icq6.5\icq.exe:ICQ
"UDP Query User{31EE7B89-0275-4071-A846-42AADADF399B}c:\\program files\\icq6.5\\icq.exe"= TCP:c:\program files\icq6.5\icq.exe:ICQ
"{1507AD7F-4777-4921-9B71-77B4F7152EB1}"= UDP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{3B69E4F0-E764-4A76-B024-CB71F03C0C90}"= TCP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{433A3F9A-BD20-4DDE-8DE9-BC5AC6F5958E}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{943BAE19-B963-4D46-B18E-DFCD3DFC2662}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"TCP Query User{896CEE9E-0BB8-43B9-8280-4024ACDE76FE}c:\\program files\\lexmark 3600-4600 series\\frun.exe"= UDP:c:\program files\lexmark 3600-4600 series\frun.exe:Lexmark Productivity Studio
"UDP Query User{6D1A72D4-5779-473C-832E-B8704620F6E7}c:\\program files\\lexmark 3600-4600 series\\frun.exe"= TCP:c:\program files\lexmark 3600-4600 series\frun.exe:Lexmark Productivity Studio
"{2A3FE0AF-480C-4EDA-88C8-54FD367B4BD9}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{F4205E8B-5044-4E69-95CA-098F82C2D591}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{AA6CCCC0-41CD-4EF3-990D-8340FCCE7D3D}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{4CEF68BE-0584-4AED-8079-AD4DD02DC52D}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{332C02E2-7AEB-49C0-8A17-1D757D562967}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{30F04D3D-0024-4F6E-B9CE-49C3C14E9A4B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{9922594C-45B9-4A68-AEF4-68BC7C137645}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{35BA3316-A273-4EB4-A290-538DCC5F7553}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{960C5491-AE01-4AEF-BF6C-EF98E7145D00}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxwbgw.exe:Lexmark Web Gateway
"{6B48346F-6A38-4092-834D-78E137AD62D8}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxwbgw.exe:Lexmark Web Gateway
"{A6AF2C41-D144-4538-82FE-007F156E6F2B}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{5C01BA4D-00F2-4CDF-8DF5-5063EAF75DFC}c:\\program files\\spyware terminator\\spywareterminatorupdate.exe"= UDP:c:\program files\spyware terminator\spywareterminatorupdate.exe:Crawler Spyware Terminator
"UDP Query User{7C72619A-034A-4693-83F3-F35E1529998A}c:\\program files\\spyware terminator\\spywareterminatorupdate.exe"= TCP:c:\program files\spyware terminator\spywareterminatorupdate.exe:Crawler Spyware Terminator

R0 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [3. 4. 2007 11:04 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [2. 4. 2007 17:11 35712]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6. 2. 2009 14:23 106208]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [25. 7. 2009 5:52 142592]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6. 2. 2009 14:23 727720]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [6. 2. 2009 14:24 92800]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29. 9. 2008 18:55 222456]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdxserv.exe [18. 5. 2009 7:59 98984]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-msnmsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
HKLM-Run-BsMnt - c:\windows\BisonCam\BsMnt.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Crawler Search - tbr:iemenu
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\59zw2mmu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.azet.sk/
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-26 11:26
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = ~"c:\program files\Windows Live\Messenger\msnmsgr.exe" /background?

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2009-07-26 11:28
ComboFix-quarantined-files.txt 2009-07-26 09:28

Pre-Run: 8 421 179 392 bytes free
Post-Run: 23 325 675 520 bytes free

314 --- E O F --- 2009-07-23 17:13

z MbAM log nemam lebo na odstrnenie vsetkych chyb som musel restartovat comp,ale po novej kontrole uz nenasiel ziadny problem

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:14:06, on 26. 7. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8169 bytes

mam problem pri otvorení čohokolvek my vyhadzuje okno

[Content]
C:\Windows\system32\notepad.exe

Vyskytol sa pokus o nepovolenú operáciu s kľúčom databázy Registry, ktorý bol označený na odstránenie.

co mam robit???

ComboFix 09-07-25.06 - martin . 07. 2009 15:36.3.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.2047.1220 [GMT 2:00]
Running from: c:\users\martin\Desktop\Downloads\ComboFix.exe
Command switches used :: c:\users\martin\Desktop\CFScript.txt
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active

.

((((((((((((((((((((((((( Files Created from 2009-06-26 to 2009-07-26 )))))))))))))))))))))))))))))))
.

2009-07-25 03:52 . 2009-07-25 05:43 -------- d-----w- c:\programdata\Spyware Terminator
2009-07-25 03:52 . 2009-07-26 06:05 -------- d-----w- c:\program files\Spyware Terminator
2009-07-24 19:40 . 2009-07-24 19:40 -------- d-----w- c:\users\martin\AppData\Roaming\Uniblue
2009-07-24 19:33 . 2009-07-24 19:37 -------- d-----w- c:\programdata\PrevxCSI
2009-07-17 20:53 . 2009-07-26 09:04 -------- d-----w- c:\users\martin\Tracing
2009-07-17 20:53 . 2009-07-17 20:53 592947 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\HJSetup.exe
2009-07-17 20:53 . 2009-07-17 20:53 595765 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\AdwareSetup.exe
2009-07-17 20:53 . 2009-07-13 10:01 3004139 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\Setup.exe
2009-07-17 20:53 . 2009-07-17 20:53 -------- dc-h--w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}
2009-07-17 17:27 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-17 17:27 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 17:27 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-17 17:27 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-17 17:27 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\ca-ES
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\eu-ES
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\vi-VN
2009-07-07 22:06 . 2009-07-07 22:06 -------- d-----w- c:\windows\system32\EventProviders
2009-07-07 22:00 . 2009-04-11 06:28 670720 ----a-w- c:\windows\system32\mssvp.dll
2009-07-07 21:59 . 2009-04-11 06:28 152576 ----a-w- c:\windows\system32\wbem\wmiprov.dll
2009-07-07 21:58 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-07-07 21:58 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-07-07 21:58 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-07-07 21:58 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-07-07 21:58 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-07-07 21:58 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-07-07 21:58 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-07-07 21:58 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-07-07 21:58 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-07-07 21:58 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-07-07 21:58 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-07-07 05:31 . 2009-07-07 05:31 -------- d-----w- c:\program files\ESET
2009-07-02 12:09 . 2009-07-02 12:09 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-27 08:06 . 2009-06-27 08:06 -------- d-----w- c:\program files\Google
2009-06-27 07:19 . 2009-07-03 07:17 -------- d-----w- c:\users\martin\AppData\Roaming\DivX
2009-06-27 06:57 . 2009-07-02 12:10 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-06-27 06:56 . 2009-07-02 12:10 -------- d-----w- c:\program files\DivX

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-26 13:35 . 2008-09-07 14:28 7930 ----a-w- c:\windows\system32\perfc01B.dat
2009-07-26 13:35 . 2008-09-07 14:28 28910 ----a-w- c:\windows\system32\perfh01B.dat
2009-07-26 13:31 . 2008-05-16 10:17 -------- d-----w- c:\users\martin\AppData\Roaming\OpenOffice.org2
2009-07-26 09:17 . 2009-07-25 03:52 -------- d-----w- c:\users\martin\AppData\Roaming\Spyware Terminator
2009-07-26 09:01 . 2008-09-29 16:26 -------- d-----w- c:\program files\ICQToolbar
2009-07-13 10:01 . 2009-07-17 20:52 262424 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\D5797E3B\3E688669\stbYahoo9.dll
2009-07-13 10:01 . 2009-07-17 20:52 254232 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\6216A4BD\3E688669\stbYahoo8.dll
2009-07-13 10:01 . 2009-07-17 20:52 872728 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\B75FA91E\3E688669\stbsvc.exe
2009-07-13 10:01 . 2009-07-17 20:52 205080 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\stbsh.dll
2009-07-13 10:01 . 2009-07-17 20:52 479512 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\stbpx.exe
2009-07-13 10:01 . 2009-07-17 20:52 229656 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\628759C1\3E688669\stbOLEX.dll
2009-07-13 10:01 . 2009-07-17 20:52 205080 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\A26F7F7\3E688669\stbOL.dll
2009-07-13 10:01 . 2009-07-17 20:52 323864 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\B3AC8875\3E688669\stbMsn.dll
2009-07-13 10:01 . 2009-07-17 20:52 229656 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\C3C6C2CD\3E688669\stbIE.dll
2009-07-13 10:01 . 2009-07-17 20:52 491800 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\BED3DEFB\3E688669\stbasst.exe
2009-07-13 10:01 . 2009-07-17 20:52 94488 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\15D3A7BB\3E688669\stbappHelper.exe
2009-07-13 09:21 . 2009-07-17 20:52 423528 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\SSD.exe
2009-07-09 19:18 . 2008-01-15 14:16 -------- d-----w- c:\program files\Autodesk
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-07-07 23:59 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-07 22:20 . 2006-11-02 12:37 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.CompositeFont
2009-07-02 10:22 . 2008-09-09 06:11 -------- d-----w- c:\users\martin\AppData\Roaming\ICQ
2009-06-28 15:24 . 2008-10-15 20:09 -------- d-----w- c:\programdata\Lx_cats
2009-06-06 11:22 . 2008-05-27 19:12 -------- d-----w- c:\users\martin\AppData\Roaming\dvdcss
2009-06-04 07:06 . 2008-01-15 13:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-30 08:18 . 2009-05-30 08:18 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-30 08:18 . 2009-05-30 08:18 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-05-30 08:16 . 2009-05-30 08:16 -------- d-----w- c:\program files\Microsoft
2009-05-30 08:16 . 2009-05-30 08:16 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-05-30 08:05 . 2009-05-30 08:05 -------- d-----w- c:\program files\Common Files\Windows Live
2009-05-30 01:11 . 2008-01-15 13:33 133792 ----a-w- c:\users\martin\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-30 01:02 . 2009-02-23 08:40 -------- d-----w- c:\program files\Microsoft Works
2009-05-13 21:56 . 2008-05-19 19:21 120056 ------w- c:\windows\system32\PxCpyI64.exe
2009-05-13 21:56 . 2008-05-19 19:21 118520 ------w- c:\windows\system32\PxInsI64.exe
2009-05-09 05:50 . 2009-06-10 15:12 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 15:12 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-07-15 21:16 . 2009-07-25 04:07 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-26_09.26.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-15 13:43 . 2009-07-26 13:32 65776 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-01-15 13:35 . 2009-07-26 13:32 14930 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-376572297-1698153229-1159175207-1000_UserData.bin
- 2008-01-15 13:35 . 2009-07-26 09:05 14930 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-376572297-1698153229-1159175207-1000_UserData.bin
+ 2006-11-02 10:33 . 2009-07-26 13:35 97558 c:\windows\System32\perfc009.dat
+ 2006-11-02 13:02 . 2009-07-26 13:32 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2009-07-26 09:17 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-07-26 13:32 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2009-07-26 09:17 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-07-26 13:32 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2009-07-26 09:17 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-26 13:30 . 2009-07-26 13:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-07-26 09:03 . 2009-07-26 09:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-07-26 13:30 . 2009-07-26 13:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-26 09:03 . 2009-07-26 09:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-05-16 05:28 . 2009-07-26 12:54 256008 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 13:05 . 2009-07-26 13:32 102878 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2009-07-26 13:35 583486 c:\windows\System32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-27 39408]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-07-25 3055616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-01 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-01 8501792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-01 81920]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-01 111928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"lxdxmon.exe"="c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe" [2008-03-20 668328]
"lxdxamon"="c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe" [2008-03-20 16040]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-27 68592]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-06-15 1826816]

c:\users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2005-10-15 61440]
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-5-19 344064]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-18 2752512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):1f,24,8c,5b,a6,ff,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C3BD0920-C8C1-4CA8-B666-D4F42817C692}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{2B5ACBB4-6083-48F6-9FB5-11D4558F1100}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{16E75630-83CB-4254-87B3-A48693299CAD}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{3BE57484-51FC-46B7-A0B8-49E6ED361C41}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{6A4B307B-70B8-4FF3-BEE3-6F0536713EFB}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F884B328-8288-45DD-B9EC-9069CE376608}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{F2811459-4B64-44A8-8BC2-98D588DB717F}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{FA74535B-FDA5-4382-92D8-7EABE25F6468}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{28135AF5-7E48-4C54-8687-54A325D60E12}"= UDP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{93940113-BB1D-4453-8D42-E0D97819D3CF}"= TCP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{7F5EB104-C27F-45C2-B66E-E11DD905E4C3}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{B8FA7F16-C57D-4076-83EF-9583ACA223F6}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{6088AAB0-451C-449D-8F35-3DC90A83E2D8}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{1BFE01BB-3EA6-4749-A8DF-56341B63B434}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{4F5D4B75-EA99-491D-BB43-CBE0691FC7AE}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{1674EA1E-4C17-41A6-9DA6-42026039650F}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{BC2795F3-9CE1-4DA0-95EA-5C5966BB3F87}"= UDP:c:\users\martin\AppData\Local\Temp\lxdx\wireless\lxdxwpss.exe:
"{8C4B22D2-415E-4F15-A228-F129E2D3FEDA}"= TCP:c:\users\martin\AppData\Local\Temp\lxdx\wireless\lxdxwpss.exe:
"{744CF8AD-EFDD-4D3C-AF2C-A05ED2B0DC90}"= UDP:c:\windows\System32\lxdxcfg.exe:Printer Communication System
"{791F485B-E48E-4156-99A4-98A9874C98E3}"= TCP:c:\windows\System32\lxdxcfg.exe:Printer Communication System
"{26CD0AEF-5C82-4D3C-B460-D13497622915}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{96FB4766-0345-405E-821F-AEB58ABE19A2}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{F4FE5718-F06F-4A9F-B911-E14D190ED94D}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{CA05DCBD-2CB6-458C-8AEF-C2D7A2B17536}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{EC68F6FA-93B8-4863-9E4C-69F321301989}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxjswx.exe:Job Status Window Interface
"{8A9D22B7-A8AC-41AE-AF5C-3C7EC578C05C}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxjswx.exe:Job Status Window Interface
"{5DD681A9-B72E-4F14-9741-44FEDE3F4965}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{81B620F5-165E-4535-84CF-D7FD1413E3DD}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{D0272232-F126-4FEC-B0AE-B6D7900EBC26}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{5EBEA2EB-04EB-4455-A52E-5ACF875E0C08}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{CD49AF9B-94E5-44FC-B2F9-C84894F55EEE}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"{B7118F57-544D-4D90-B0ED-5144BD9BF298}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"TCP Query User{E82A3B4B-AE4B-4ADA-A043-8E01F8B8C977}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{1C88FE5B-841A-4276-9412-216FED1D86D2}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"{F91BE8CF-AC1E-4B02-ABA1-35ED8B7393CC}"= UDP:c:\program files\Lexmark 3600-4600 Series\frun.exe:Lexmark Productivity Studio
"{0CE0E0AF-4CB9-4E81-8587-F76BB01BF669}"= TCP:c:\program files\Lexmark 3600-4600 Series\frun.exe:Lexmark Productivity Studio
"TCP Query User{3390716B-5571-4DEE-B92D-74B5228AA026}c:\\program files\\icq6.5\\icq.exe"= UDP:c:\program files\icq6.5\icq.exe:ICQ
"UDP Query User{31EE7B89-0275-4071-A846-42AADADF399B}c:\\program files\\icq6.5\\icq.exe"= TCP:c:\program files\icq6.5\icq.exe:ICQ
"{1507AD7F-4777-4921-9B71-77B4F7152EB1}"= UDP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{3B69E4F0-E764-4A76-B024-CB71F03C0C90}"= TCP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{433A3F9A-BD20-4DDE-8DE9-BC5AC6F5958E}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{943BAE19-B963-4D46-B18E-DFCD3DFC2662}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"TCP Query User{896CEE9E-0BB8-43B9-8280-4024ACDE76FE}c:\\program files\\lexmark 3600-4600 series\\frun.exe"= UDP:c:\program files\lexmark 3600-4600 series\frun.exe:Lexmark Productivity Studio
"UDP Query User{6D1A72D4-5779-473C-832E-B8704620F6E7}c:\\program files\\lexmark 3600-4600 series\\frun.exe"= TCP:c:\program files\lexmark 3600-4600 series\frun.exe:Lexmark Productivity Studio
"{2A3FE0AF-480C-4EDA-88C8-54FD367B4BD9}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{F4205E8B-5044-4E69-95CA-098F82C2D591}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{AA6CCCC0-41CD-4EF3-990D-8340FCCE7D3D}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{4CEF68BE-0584-4AED-8079-AD4DD02DC52D}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{332C02E2-7AEB-49C0-8A17-1D757D562967}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{30F04D3D-0024-4F6E-B9CE-49C3C14E9A4B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{9922594C-45B9-4A68-AEF4-68BC7C137645}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{35BA3316-A273-4EB4-A290-538DCC5F7553}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{960C5491-AE01-4AEF-BF6C-EF98E7145D00}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxwbgw.exe:Lexmark Web Gateway
"{6B48346F-6A38-4092-834D-78E137AD62D8}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxwbgw.exe:Lexmark Web Gateway
"{A6AF2C41-D144-4538-82FE-007F156E6F2B}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{5C01BA4D-00F2-4CDF-8DF5-5063EAF75DFC}c:\\program files\\spyware terminator\\spywareterminatorupdate.exe"= UDP:c:\program files\spyware terminator\spywareterminatorupdate.exe:Crawler Spyware Terminator
"UDP Query User{7C72619A-034A-4693-83F3-F35E1529998A}c:\\program files\\spyware terminator\\spywareterminatorupdate.exe"= TCP:c:\program files\spyware terminator\spywareterminatorupdate.exe:Crawler Spyware Terminator

R0 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [3. 4. 2007 11:04 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [2. 4. 2007 17:11 35712]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6. 2. 2009 14:23 106208]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [25. 7. 2009 5:52 142592]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6. 2. 2009 14:23 727720]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [6. 2. 2009 14:24 92800]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29. 9. 2008 18:55 222456]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdxserv.exe [18. 5. 2009 7:59 98984]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Crawler Search - tbr:iemenu
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\59zw2mmu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.azet.sk/
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-26 15:40
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2009-07-26 15:42
ComboFix-quarantined-files.txt 2009-07-26 13:42
ComboFix2.txt 2009-07-26 13:12
ComboFix3.txt 2009-07-26 09:28

Pre-Run: 22 921 854 976 bytes free
Post-Run: 22 891 069 440 bytes free

325 --- E O F --- 2009-07-23 17:13

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:19, on 26. 7. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8240 bytes

PC-HELP.CZ

Při surfování vyskakují okna s reklamou

Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou

Re: Při surfování vyskakují okna s reklamou