MOc prosim o kontrolu logu

[SEGYN]

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\ATKKBService.exe
D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\iPod Access for Windows\iPAHelper.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Mozilla Firefox 3 Beta 3\firefox.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
D:\Program Files\ICQ6\ICQ.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Burn4Free Toolbar Helper - {60BF5EE3-0105-4858-AD98-17C19F86B042} - D:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Burn4Free Toolbar - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - D:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: + &Download Express: download this file - D:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - D:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - D:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPAHelper.exe - Unknown owner - D:\Program Files\iPod Access for Windows\iPAHelper.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - D:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

[Reklama]

[paul27]

Doporučoval bych odinstalovat Megaupload Toolbar.

Fixnout můžeš tyto zbytečnosti:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

+ chybí hlavička logu HJT, takže nevidíme verzi tvého OS ani verzi HJT - celkem důležité.

Jsou nějaké problémy s pc?

[SEGYN]

Dik. No hele da se tak rict pouzivam nelegalni widle sp2 ted sem nainstaloval sp3. jinak se mi csto prehriva grafika a dlouho se nacitaj programy. Mohl bys mi s tim nejak pomoct?:D

[SEGYN]

ComboFix 08-05-07.1 - SEGYN 2008-05-08 20:52:34.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.491 [GMT 7:00]
Running from: D:\Documents and Settings\SEGYN\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-04-08 to 2008-05-08 )))))))))))))))))))))))))))))))
.

2008-05-08 20:41 . 2008-05-08 20:41 54,156 --ah----- D:\WINDOWS\QTFont.qfn
2008-05-08 20:41 . 2008-05-08 20:41 1,409 --a------ D:\WINDOWS\QTFont.for
2008-05-08 18:37 . 2008-05-08 18:37 <DIR> d-------- D:\WINDOWS\system32\en
2008-05-08 18:35 . 2008-05-08 18:35 <DIR> d-------- D:\WINDOWS\ServicePackFiles
2008-05-08 18:32 . 2006-12-29 00:31 19,569 --a------ D:\WINDOWS\002874_.tmp
2008-05-08 17:08 . 2008-05-08 17:08 <DIR> d-------- D:\Documents and Settings\SEGYN\Application Data\uTorrent
2008-05-08 17:05 . 2008-05-08 17:05 <DIR> d-------- D:\WINDOWS\system32\CatRoot_bak
2008-05-08 16:00 . 2008-05-08 16:00 <DIR> d-------- D:\Program Files\Trend Micro
2008-05-08 15:46 . 2008-05-08 15:46 <DIR> d-------- D:\Program Files\Lavalys
2008-05-06 20:14 . 2008-05-06 20:14 <DIR> d--hs---- D:\FOUND.004
2008-05-06 16:11 . 2008-05-06 16:11 <DIR> d-------- D:\Program Files\Lavasoft
2008-05-05 17:27 . 2008-05-05 17:27 <DIR> d-------- D:\WINDOWS\65F1CF6331E0450B96F34A88BE7361A6.TMP
2008-05-05 16:34 . 2008-05-05 16:34 <DIR> d-------- D:\WINDOWS\nview
2008-05-05 16:34 . 2007-12-05 01:41 356,352 --a------ D:\WINDOWS\system32\nvudisp.exe
2008-05-05 16:34 . 2008-05-05 18:46 163,500 --a------ D:\WINDOWS\system32\nvapps.xml
2008-05-05 16:34 . 2007-12-05 01:41 17,737 --a------ D:\WINDOWS\system32\nvdisp.nvu
2008-05-05 16:31 . 2007-12-05 02:53 356,352 --a------ D:\WINDOWS\system32\NVUNINST.EXE
2008-05-05 16:23 . 2007-09-13 15:54 12,288 --a------ D:\WINDOWS\system32\drivers\EIO.sys
2008-05-05 16:21 . 2008-05-05 16:21 <DIR> d-------- D:\Program Files\My Company Name
2008-05-05 16:21 . 2007-11-30 17:32 10,880 --a------ D:\WINDOWS\system32\drivers\NdisIP.sys
2008-05-05 16:21 . 2007-11-30 17:23 5,504 --a------ D:\WINDOWS\system32\drivers\mstee.sys
2008-05-05 16:20 . 2008-05-05 16:20 <DIR> d-------- D:\Program Files\ASUS
2008-05-05 14:12 . 2008-05-05 14:12 <DIR> d-------- D:\Documents and Settings\DUY KHANH\Application Data\Logitech
2008-05-05 14:12 . 2008-05-05 14:12 <DIR> d-------- D:\Documents and Settings\DUY KHANH\Application Data\HP
2008-05-04 20:08 . 2008-05-05 14:36 664 --a------ D:\WINDOWS\system32\d3d9caps.dat
2008-05-04 20:05 . 2008-05-04 20:05 <DIR> d--hs---- D:\FOUND.003
2008-05-03 10:37 . 2008-05-03 10:37 <DIR> d-------- D:\Program Files\Turbo Internet Booster
2008-05-03 10:37 . 2001-09-06 10:00 1,700,352 --a------ D:\WINDOWS\system32\gdiplus.dll
2008-05-03 10:37 . 2007-06-25 14:02 475,136 --a------ D:\WINDOWS\system32\SkinCrafter2.dll
2008-05-02 21:19 . 2008-05-02 21:19 <DIR> d-------- D:\Program Files\Three Rings Design
2008-04-30 22:37 . 2008-04-30 22:37 <DIR> d-------- D:\Documents and Settings\VU HONG TUOI\Application Data\CDBurnerXP_Soft
2008-04-30 22:36 . 2008-04-30 22:36 <DIR> d-------- D:\Documents and Settings\VU HONG TUOI\Application Data\Media Player Classic
2008-04-30 16:45 . 2008-04-30 16:45 <DIR> d-------- D:\Documents and Settings\VU HONG TUOI\Application Data\Logitech
2008-04-29 19:05 . 2008-04-29 19:05 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\LogiShrd
2008-04-29 19:04 . 2008-04-29 19:04 <DIR> d-------- D:\Documents and Settings\SEGYN\Application Data\Logitech
2008-04-29 19:03 . 2008-04-29 19:03 <DIR> d-------- D:\Program Files\Logitech
2008-04-29 19:03 . 2008-04-29 19:03 <DIR> d-------- D:\Program Files\Common Files\Logishrd
2008-04-29 19:03 . 2008-04-29 19:03 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Logitech
2008-04-29 19:03 . 2008-01-09 12:26 301,656 --a------ D:\WINDOWS\system32\BtCoreIf.dll
2008-04-29 19:03 . 2008-01-09 12:27 170,512 --a------ D:\WINDOWS\system32\kemutb.dll
2008-04-29 19:03 . 2008-01-09 12:28 141,840 --a------ D:\WINDOWS\system32\KemUtil.dll
2008-04-29 19:03 . 2008-01-09 12:28 117,264 --a------ D:\WINDOWS\system32\KemWnd.dll
2008-04-29 19:03 . 2008-01-09 12:28 76,304 --a------ D:\WINDOWS\system32\KemXML.dll
2008-04-28 21:19 . 2008-04-28 21:19 <DIR> d-------- D:\Program Files\Pcsx2_0.9.4
2008-04-27 14:29 . 2008-04-27 14:29 <DIR> d-------- D:\Program Files\Common Files\INCA Shared
2008-04-27 14:29 . 2003-07-19 22:17 5,174 --a------ D:\WINDOWS\system32\nppt9x.vxd
2008-04-27 14:29 . 2005-01-03 13:43 4,682 --a------ D:\WINDOWS\system32\npptNT2.sys
2008-04-27 14:27 . 2008-04-27 14:27 <DIR> d-------- D:\Program Files\VTCGame
2008-04-25 11:37 . 2008-04-25 11:37 <DIR> d-------- D:\Documents and Settings\Administrator\Application Data\HP
2008-04-25 11:36 . 2008-04-25 11:36 <DIR> d-------- D:\Documents and Settings\VU HONG TUOI\Application Data\HP
2008-04-25 11:32 . 2008-04-25 11:32 <DIR> d-------- D:\Program Files\Hewlett-Packard
2008-04-25 11:31 . 2008-03-02 14:51 940 --a------ D:\WINDOWS\hpbvspst.hi1
2008-04-25 11:31 . 2008-03-02 14:51 560 --a------ D:\WINDOWS\hpbvspst.bu1
2008-04-25 11:30 . 2005-06-21 09:48 266,240 -ra------ D:\WINDOWS\system32\hppasc01.dll
2008-04-25 11:30 . 2005-12-16 14:02 208,896 --a------ D:\WINDOWS\system32\HPPAPR01.DLL
2008-04-25 11:30 . 2008-03-02 14:51 3,927 --a------ D:\WINDOWS\hpbvnstp.hi1
2008-04-25 11:30 . 2008-03-02 14:51 1,432 --a------ D:\WINDOWS\hpbvnstp.bu1
2008-04-25 11:30 . 2005-09-13 12:50 508 --a------ D:\WINDOWS\system32\HPPAPR01.DAT
2008-04-25 11:29 . 2008-04-25 11:37 53,602 --a------ D:\WINDOWS\hppins02.dat
2008-04-25 11:29 . 2006-07-31 00:13 2,009 --------- D:\WINDOWS\hppmdl02.dat
2008-04-25 11:21 . 2008-03-02 14:57 53,602 --------- D:\WINDOWS\hppins02.dat.temp
2008-04-25 11:21 . 2006-07-31 00:13 2,009 --------- D:\WINDOWS\hppmdl02.dat.temp
2008-04-24 16:51 . 2007-07-19 18:14 3,727,720 --a------ D:\WINDOWS\system32\d3dx9_35.dll
2008-04-24 16:51 . 2007-07-19 18:14 1,358,192 --a------ D:\WINDOWS\system32\D3DCompiler_35.dll
2008-04-24 16:51 . 2007-07-19 18:14 444,776 --a------ D:\WINDOWS\system32\d3dx10_35.dll
2008-04-24 16:51 . 2007-07-20 00:57 267,112 --a------ D:\WINDOWS\system32\xactengine2_9.dll
2008-04-22 16:41 . 2004-08-04 00:56 159,232 --a------ D:\WINDOWS\system32\ptpusd.dll
2008-04-22 16:41 . 2007-11-30 17:28 15,104 --a------ D:\WINDOWS\system32\drivers\usbscan.sys
2008-04-22 16:41 . 2001-08-17 22:36 5,632 --a------ D:\WINDOWS\system32\ptpusb.dll
2008-04-18 17:05 . 2008-04-18 17:05 <DIR> d-------- D:\Documents and Settings\Administrator\Application Data\ICQ
2008-04-14 21:52 . 2008-04-14 21:52 <DIR> d-------- D:\Program Files\Download Express
2008-04-14 21:52 . 2008-04-14 21:52 <DIR> d-------- D:\Documents and Settings\VU HONG TUOI\Application Data\MetaProducts
2008-04-14 21:52 . 2008-04-14 21:52 <DIR> d-------- D:\Documents and Settings\SEGYN\Application Data\MetaProducts
2008-04-14 21:52 . 2008-04-14 21:52 <DIR> d-------- D:\Documents and Settings\DUY KHANH\Application Data\MetaProducts
2008-04-14 21:52 . 2008-04-14 21:52 <DIR> d-------- D:\Documents and Settings\Administrator\Application Data\MetaProducts
2008-04-12 21:16 . 2008-04-12 21:16 <DIR> d-------- D:\Documents and Settings\Administrator\Application Data\MEGAUPLOADTOOLBAR
2008-04-12 21:16 . 2008-04-12 21:16 <DIR> d-------- D:\Documents and Settings\Administrator\Application Data\AVG7
2008-04-12 21:16 . 2008-04-12 21:16 <DIR> d-------- D:\Documents and Settings\Administrator
2008-04-12 21:16 . 2008-05-08 20:52 1,024 --ah----- D:\Documents and Settings\Administrator\NTUSER.DAT.LOG
2008-04-11 21:15 . 2008-04-11 21:15 <DIR> d-------- D:\Program Files\CDBurnerXP
2008-04-11 21:15 . 2008-04-11 21:15 <DIR> d-------- D:\Documents and Settings\SEGYN\Application Data\CDBurnerXP_Soft
2008-04-11 16:50 . 2008-04-11 16:50 <DIR> d-------- D:\Documents and Settings\VU HONG TUOI\Application Data\MEGAUPLOADTOOLBAR
2008-04-11 07:26 . 2008-04-11 07:26 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
2008-04-11 07:03 . 2008-04-11 07:03 <DIR> d-------- D:\Documents and Settings\DUY KHANH\Application Data\MEGAUPLOADTOOLBAR

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-08 08:22 196,608 ----a-w D:\WINDOWS\system32\drivers\nStandard.bin
2008-04-07 04:49 --------- d-----w D:\Documents and Settings\VU HONG TUOI\Application Data\ICQ
2008-04-05 09:33 --------- d-----w D:\Program Files\Common Files\Scanner
2008-04-05 09:33 --------- d-----w D:\Program Files\CA Yahoo! Anti-Spy
2008-03-30 15:43 --------- d-----w D:\Program Files\Ventrilo
2008-03-30 15:43 --------- d-----w D:\Documents and Settings\SEGYN\Application Data\Ventrilo
2008-03-28 09:11 --------- d-----w D:\Program Files\IVCsoft
2008-03-28 01:37 --------- d-----w D:\Documents and Settings\VU HONG TUOI\Application Data\DivX
2008-03-26 13:54 --------- d-----w D:\Documents and Settings\SEGYN\Application Data\HighAndes
2008-03-26 13:54 --------- d-----w D:\Documents and Settings\All Users\Application Data\HighAndes
2008-03-26 13:51 --------- d-----w D:\Program Files\HighAndes
2008-03-26 10:24 --------- d-----w D:\Program Files\NVIDIA Corporation
2008-03-26 10:23 --------- d-----w D:\Program Files\NVIDIA nTune Performance Application
2008-03-26 04:28 --------- d-----w D:\Documents and Settings\VU HONG TUOI\Application Data\PSpad
2008-03-25 14:13 --------- d-----w D:\Program Files\AGEIA Technologies
2008-03-25 11:12 --------- d-----w D:\Documents and Settings\SEGYN\Application Data\SystemRequirementsLab
2008-03-25 10:11 --------- d-----w D:\Program Files\GIGABYTE
2008-03-16 10:08 --------- d-----w D:\Program Files\Catalencoder
2008-03-16 03:12 --------- d-----w D:\Program Files\Spybot - Search & Destroy
2008-03-16 03:12 --------- d-----w D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-14 12:20 --------- d-----w D:\Program Files\PSPad editor
2008-03-14 12:20 --------- d-----w D:\Documents and Settings\SEGYN\Application Data\PSpad
2008-03-13 14:03 --------- d-----w D:\Program Files\Vietkey2000
2008-03-11 09:12 --------- d-----w D:\Documents and Settings\VU HONG TUOI\Application Data\Yahoo!
2008-03-11 09:12 --------- d-----w D:\Documents and Settings\VU HONG TUOI\Application Data\ICQ Toolbar
2008-03-08 12:25 --------- d-----w D:\Documents and Settings\DUY KHANH\Application Data\ICQ Toolbar
2008-03-08 12:25 --------- d-----w D:\Documents and Settings\DUY KHANH\Application Data\ATI
2008-03-05 10:04 229,727 ----a-w D:\WINDOWS\Burn4Free_Toolbar_Uninstaller_6968.exe
2008-03-02 14:04 737,280 ----a-w D:\WINDOWS\iun6002.exe
2008-03-01 09:05 20,980 ----a-w D:\keys.dat
2008-03-01 07:14 499,712 ----a-w D:\WINDOWS\system32\msvcp71.dll
2008-03-01 07:14 348,160 ----a-w D:\WINDOWS\system32\msvcr71.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2007-12-01 00:26 15360]
"SpybotSD TeaTimer"="D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Yahoo! Pager"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 13:54 16248320 D:\WINDOWS\RTHDCPL.exe]
"AVG7_CC"="D:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-16 09:07 579584]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 02:17 55824 D:\WINDOWS\KHALMNPR.Exe]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="D:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-01 14:14 219136]

D:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - D:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-04-29 19:03:15 789008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll 2008-01-09 12:30 72208 d:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"D:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"D:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"D:\\Program Files\\iTunes\\iTunes.exe"=
"D:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"D:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"D:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"D:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"D:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\ICQ6\\ICQ.exe"=
"E:\\Program Files\\RelicCOH.exe"=
"E:\\Program Files\\Binaries\\LTCG-TPGame.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 NMSAccessU;NMSAccessU;D:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 11:20]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;D:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 15:54]
R3 HPFXBULK;HPFXBULK;D:\WINDOWS\system32\drivers\hpfxbulk.sys [2005-09-20 23:22]
R3 Video3D;ASUS Video3D Service;D:\WINDOWS\system32\Drivers\Video3D32.sys [2007-09-13 15:54]
S3 Diag69xp;Diag69xp;D:\WINDOWS\system32\Drivers\Diag69xp.sys [2006-05-11 05:36]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 09:45:04 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-08 20:53:55
Windows 5.1.2600 Service Pack 3, v.3264 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-08 20:54:17
ComboFix-quarantined-files.txt 2008-05-08 13:54:16

Pre-Run: 3,410,722,816 bytes free
Post-Run: 4,619,321,344 bytes free

203

je tot v poradku?

[Rewqa]

To, že máš nelegální win si tu vůbec neměl řikat.

[memphisto]

já bych viděl problém v tom, že máš Windows Xp na disku, který je naformátovaný jako FAT 32. můžeš si ho přehodit na NTFS (doporučeno) bez ztráty dat podle tohoto návodu. pokud tak neučiníš, budeš mít problémy s kopírováním větších souborů atd.