Nejde spustiť Task manager,problémy s PC,písmom ...

[Vlasta333]

Stále je tu v PC nejaký červ (červy) a neviem sa ho (ich) zbaviť.
Raz ide všetko OK a raz nie.Raz funguje Caps Lock a raz nie.
Task Manager teraz ani neskúšam radšej spustiť aby PC nezamrzol a musel ho nasilu reštartovať,pretože potom je nefunkčné aj jeho klasické reštartovanie či vypnutie

Nedali sa spraviť ani log-y - spustilo naraz 10 okien ... Až v NR ...

RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Krylias at 2012-09-13 20:38:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (9%) free of 104 GB
Total RAM: 3327 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:39:03, on 13.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\NETHDD.exe
C:\WINDOWS\system32\nlssrv32.exe
C:\Program Files\Generic\Network Printer Wizard\NPWService.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Krylias\Desktop\PC ochrana\RSIT.exe
C:\Program Files\trend micro\Krylias.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: IDA Bar - {C70E30C7-140A-4166-A2E8-43557E62B41A} - C:\Program Files\IDA\idabar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [VF0060 STISvc] RunDLL32.exe V0060Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [DIMProbíhá stahování aktualizace...1285781003180] "c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" "c:\documents and settings\all users\application data\corel\downloads\540215253_610005\1285781003180\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\krylias\application data\corel\messages\540215253_610005\cz\messagecache1\workflow"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Krylias\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download remotely with IDA - C:\Program Files\IDA\remdown.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\generic\network printer wizard\npwprint.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7219508484
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC19AC23-066B-454C-9C40-76F1E9504D72}: NameServer = 10.1.24.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - Unknown owner - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - Unknown owner - C:\ASUS.SYS\config\DVMExportService.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NETHDD Service (NETHDD) - UNICON Co., Ltd. - C:\WINDOWS\system32\NETHDD.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe
O23 - Service: NPWService - Unknown owner - C:\Program Files\Generic\Network Printer Wizard\NPWService.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 14872 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003UA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-152049171-1801674531-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-152049171-1801674531-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}]
IE 4.x-6.x BHO for Internet Download Accelerator - C:\PROGRA~1\IDA\idaiehlp.dll [2010-12-16 165184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-02-18 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll [2010-12-06 765744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-02 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-17 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll [2012-08-17 1002992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-02 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C70E30C7-140A-4166-A2E8-43557E62B41A} - IDA Bar - C:\Program Files\IDA\idabar.dll [2007-10-17 180224]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-17 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-09-30 16864768]
"VF0060 STISvc"=V0060Pin.dll,RunDLL32EP 513 []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-03 98304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"DIMProbíhá stahování aktualizace...1285781003180"=c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe [2010-05-21 95592]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-24 39408]
"Google Update"=C:\Documents and Settings\Krylias\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-12 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-10-07 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-02-27 278016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
C:\Program Files\Creative\Shared Files\CamTray.exe [2005-10-27 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMProbíhá stahování aktualizace...1285781003180]
c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe [2010-05-21 95592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-01-25 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 460872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Networking USB Server]
C:\Program Files\USB Server\Networking USB Server\Networking USB Server.exe [2010-09-28 2416640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess]
C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [2009-09-17 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QFan Help]
C:\Program Files\ASUS\Fan Xpert\QFanHelp.exe [2010-04-19 611968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-24 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-02-18 296056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~1\ArcSoft\TOTALM~1\TOTALM~1\TMSERV~1.EXE [2010-11-10 519744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Kalendár.lnk]
C:\WINDOWS\MENINY.EXE [2004-02-02 49312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Registration Assassin.LNK]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Firefox Preloader.lnk - C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe

C:\Documents and Settings\Krylias\Start Menu\Programs\Startup
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-07-04 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSecurityTab"=1
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\e-TRAYz\e-TRAYz.exe"="C:\Program Files\e-TRAYz\e-TRAYz.exe:*:Enabled:e-TRAYz"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Documents and Settings\Krylias\Application Data\uTorrent\utorrent.exe"="C:\Documents and Settings\Krylias\Application Data\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Generic\Network Printer Wizard\NPWService.exe"="C:\Program Files\Generic\Network Printer Wizard\NPWService.exe:*:Enabled:NPWService"
"C:\Program Files\USB Server\Networking USB Server\Networking USB Server.exe"="C:\Program Files\USB Server\Networking USB Server\Networking USB Server.exe:*:Enabled:Networking USB Server"
"C:\Program Files\VSO\VSO Downloader\2\VsoDownloader.exe"="C:\Program Files\VSO\VSO Downloader\2\VsoDownloader.exe:*:Enabled:VSO Downloader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Krylias\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Krylias\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2012-09-13 20:38:59 ----D---- C:\rsit
2012-09-13 20:38:30 ----SHD---- C:\RECYCLER
2012-09-13 20:33:44 ----A---- C:\ComboFix.txt
2012-09-13 20:20:37 ----D---- C:\update
2012-09-13 20:20:37 ----D---- C:\hsswd
2012-09-13 20:20:37 ----D---- C:\hssff
2012-09-13 20:12:37 ----A---- C:\WINDOWS\ntbtlog.txt
2012-09-13 19:49:43 ----D---- C:\WINDOWS\temp
2012-09-13 19:42:39 ----A---- C:\WINDOWS\zip.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\SWSC.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\SWREG.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\sed.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\PEV.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\NIRCMD.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\MBR.exe
2012-09-13 19:42:39 ----A---- C:\WINDOWS\grep.exe
2012-09-13 19:42:31 ----AD---- C:\Qoobox
2012-09-13 19:42:20 ----D---- C:\WINDOWS\erdnt
2012-09-12 18:09:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-09-02 09:27:28 ----D---- C:\Program Files\Common Files\Java
2012-09-02 09:27:19 ----A---- C:\WINDOWS\system32\javaws.exe
2012-09-02 09:27:11 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-09-02 09:27:11 ----A---- C:\WINDOWS\system32\javaw.exe
2012-09-02 09:27:11 ----A---- C:\WINDOWS\system32\java.exe
2012-09-01 23:48:13 ----D---- C:\Program Files\Xiph.Org
2012-08-14 23:39:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-14 23:39:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-14 23:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-14 23:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$

======List of files/folders modified in the last 1 months======

2012-09-13 20:39:03 ----D---- C:\Program Files\Trend Micro
2012-09-13 20:39:00 ----D---- C:\WINDOWS\Prefetch
2012-09-13 20:38:37 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-13 20:37:38 ----A---- C:\WINDOWS\system32\bscs.ini
2012-09-13 20:29:40 ----AD---- C:\WINDOWS
2012-09-13 20:29:40 ----A---- C:\WINDOWS\system.ini
2012-09-13 20:29:29 ----D---- C:\WINDOWS\system32\drivers\etc
2012-09-13 20:29:14 ----SD---- C:\Documents and Settings\Krylias\Application Data\Microsoft
2012-09-13 20:27:42 ----D---- C:\WINDOWS\system32\drivers
2012-09-13 20:27:42 ----D---- C:\WINDOWS\system32
2012-09-13 20:27:42 ----D---- C:\WINDOWS\AppPatch
2012-09-13 20:27:41 ----D---- C:\Program Files\Common Files
2012-09-13 20:23:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-13 20:20:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-09-13 20:02:04 ----D---- C:\Documents and Settings\Krylias\Application Data\Winamp
2012-09-13 20:02:04 ----D---- C:\Documents and Settings\Krylias\Application Data\Media Player Classic
2012-09-13 20:01:56 ----D---- C:\WINDOWS\Debug
2012-09-13 19:49:15 ----SD---- C:\WINDOWS\Tasks
2012-09-13 18:26:03 ----A---- C:\WINDOWS\NeroDigital.ini
2012-09-13 12:46:46 ----SHD---- C:\System Volume Information
2012-09-13 12:26:51 ----D---- C:\Documents and Settings\Krylias\Application Data\uTorrent
2012-09-13 11:38:29 ----D---- C:\Documents and Settings\Krylias\Application Data\vlc
2012-09-13 08:04:20 ----D---- C:\Config.Msi
2012-09-12 22:44:46 ----SHD---- C:\WINDOWS\Installer
2012-09-12 22:44:44 ----D---- C:\Documents and Settings\Krylias\Application Data\Mozilla
2012-09-12 21:44:23 ----RD---- C:\Program Files
2012-09-12 21:43:45 ----D---- C:\Documents and Settings\Krylias\Application Data\DVDVideoSoft
2012-09-12 18:10:23 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-09-12 18:09:42 ----HD---- C:\WINDOWS\inf
2012-09-12 18:09:12 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-12 18:05:35 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-09 19:17:43 ----A---- C:\WINDOWS\pdf2word.INI
2012-09-09 19:16:43 ----D---- C:\Documents and Settings\Krylias\Application Data\PrimoPDF
2012-09-09 12:47:41 ----D---- C:\Documents and Settings\All Users\Application Data\firebird
2012-09-09 09:59:35 ----D---- C:\Documents and Settings\Krylias\Application Data\dvdcss
2012-09-05 13:47:06 ----D---- C:\Program Files\URLSnooper2
2012-09-04 19:48:55 ----D---- C:\Documents and Settings\Krylias\Application Data\Skype
2012-09-04 19:10:17 ----D---- C:\Documents and Settings\Krylias\Application Data\Audacity
2012-09-02 09:26:59 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2012-09-02 09:26:59 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-09-02 09:25:59 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2012-09-02 09:25:50 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-30 16:18:29 ----D---- C:\Program Files\JDownloader
2012-08-27 19:48:08 ----A---- C:\WINDOWS\win.ini
2012-08-22 20:58:44 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2012-08-21 02:15:23 ----D---- C:\hidownload
2012-08-14 23:39:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-14 23:32:30 ----D---- C:\Program Files\Internet Explorer
2012-08-14 22:16:06 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-01-08 20744]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-27 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ArcSec;ArcSec; C:\WINDOWS\system32\drivers\ArcSec.sys [2010-09-21 192504]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-06-15 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-06-15 18048]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R3 appliandMP;appliandMP; C:\WINDOWS\system32\DRIVERS\appliand.sys [2011-06-26 28256]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-07-04 7874560]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-05-14 103040]
R3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 EST_BusEnum;Network USB Device Bus; C:\WINDOWS\system32\DRIVERS\GenBus.sys [2009-07-28 27136]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\WINDOWS\system32\DRIVERS\HssDrv.sys [2010-09-22 37376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-02 4878336]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NETHDDIM;NETHDD NDIS IM Service; C:\WINDOWS\system32\DRIVERS\nethddim.sys [2010-03-04 18432]
R3 NUS_Bus;Network USB Server Bus; C:\WINDOWS\system32\DRIVERS\NUS_Bus.sys [2010-01-28 27392]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-01 47360]
R3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2010-09-22 32768]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\Rts5161ccid.sys [2008-01-09 40960]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2009-01-08 31880]
S3 afjaindw;afjaindw; C:\WINDOWS\system32\drivers\afjaindw.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-30 16640]
S3 appliand;Applian Network Service; C:\WINDOWS\system32\DRIVERS\appliand.sys [2011-06-26 28256]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-30 93696]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2008-11-25 33800]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2008-12-07 14088]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2009-01-03 39304]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\Krylias\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EST_Server;Network USB Device; C:\WINDOWS\system32\DRIVERS\GenHC.sys [2009-10-06 173056]
S3 GenericMount;Generic Mount Driver; C:\WINDOWS\system32\DRIVERS\GenericMount.sys []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 JakNDisMP;JakNDisMP; C:\WINDOWS\system32\DRIVERS\JakNDis.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-05-11 41888]
S3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SamsonLLDriver;Samson LL Driver; C:\WINDOWS\System32\Drivers\SamsonLLDriver.sys [2006-12-12 56832]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWWDM_multi;Samson Audio (WDM); C:\WINDOWS\system32\drivers\SWAudWDM.sys [2006-12-12 25088]
S3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2006-04-10 27136]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-12-14 41984]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 V0060VID;Creative WebCam Live! Ultra; C:\WINDOWS\system32\DRIVERS\V0060Vid.sys [2005-02-02 196409]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-07-04 643072]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-02-27 850432]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-02-27 143467]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 hshld;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2012-03-27 542040]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2012-03-26 363336]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files\Hotspot Shield\bin\hsswd.exe [2012-03-26 329544]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-02 161768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
R2 NETHDD;NETHDD Service; C:\WINDOWS\system32\NETHDD.exe [2010-03-04 249376]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\nlssrv32.exe [2011-02-04 66560]
R2 NPWService;NPWService; C:\Program Files\Generic\Network Printer Wizard\NPWService.exe [2010-09-29 458752]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2009-02-27 98407]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
R3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032]
S2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DvmMDES;DeviceVM Meta Data Export Service; C:\ASUS.SYS\config\DVMExportService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-24 135664]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE EXEC /i C:\ComboFix\REGT.3XE /S C:\ComboFix\CregB.dat []
S2 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-02 250568]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-26 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-24 135664]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2012-03-27 77520]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-01-25 820008]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-09-23 575488]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 DllSrv Service Controler;DllSrv Service Controler; C:\WINDOWS\system32\drivers\DllSrv.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-03-01 186760]

-----------------EOF-----------------


Musel som použiť aj ComboFix - inak by som sa nedostal ani na WEB

ComboFix 12-09-13.03 - Krylias 13.09.2012 20:24:38.2.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3327.2440 [GMT 2:00]
Running from: c:\documents and settings\Krylias\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Krylias\Application Data\2C9AF7.dat
c:\documents and settings\Krylias\Application Data\inst.exe
c:\documents and settings\Krylias\Application Data\Microsoft\~DFK177e48.tmp
c:\documents and settings\Krylias\Application Data\Microsoft\1eaadjc.dll
c:\documents and settings\Krylias\Application Data\Microsoft\bass.dll
c:\documents and settings\Krylias\Application Data\Microsoft\engine_vx.dll
c:\documents and settings\Krylias\Application Data\Microsoft\kfgresk.dll
c:\documents and settings\Krylias\Application Data\Microsoft\mjcriu.dll
c:\documents and settings\Krylias\Application Data\Microsoft\peaadje.dll
c:\documents and settings\Krylias\Application Data\Microsoft\qwadjb.dll
c:\documents and settings\Krylias\Application Data\Microsoft\rsaadjd.dll
c:\documents and settings\Krylias\Application Data\NGH150_AllWin_EnglishTryBuy30.exe
c:\documents and settings\Krylias\Application Data\Toolbar4
c:\documents and settings\Krylias\Application Data\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2012-08-13 to 2012-09-13 )))))))))))))))))))))))))))))))
.
.
2012-09-13 18:20 . 2012-09-13 18:21 -------- d-----w- C:\hsswd
2012-09-13 18:20 . 2012-09-13 18:20 -------- d-----w- C:\update
2012-09-13 18:20 . 2012-09-13 18:20 -------- d-----w- C:\hssff
2012-09-13 18:13 . 2012-09-13 18:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-09-13 17:51 . 2012-09-13 17:51 -------- d-----w- c:\documents and settings\Administrator\Application Data\DVDVideoSoft
2012-09-02 07:27 . 2012-09-02 07:27 -------- d-----w- c:\program files\Common Files\Java
2012-09-02 07:27 . 2012-09-02 07:27 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-01 21:48 . 2012-09-01 21:48 -------- d-----w- c:\program files\Xiph.Org
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-02 07:27 . 2012-04-30 19:35 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-02 07:26 . 2012-04-30 19:35 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-02 07:26 . 2011-07-19 06:09 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-02 07:25 . 2012-04-03 07:47 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-02 07:25 . 2012-01-22 18:51 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-22 18:58 . 2010-02-24 17:15 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-07-06 13:58 . 2008-04-14 03:41 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2010-02-23 20:57 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-04 06:54 . 2008-07-30 02:30 7874560 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2012-07-04 04:38 . 2010-02-24 00:49 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-04 04:37 . 2008-07-30 02:30 306176 ----a-w- c:\windows\system32\ati2dvag.dll
2012-07-04 04:36 . 2010-02-24 00:49 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2012-07-04 04:35 . 2010-02-25 02:04 19603456 ----a-w- c:\windows\system32\atioglxx.dll
2012-07-04 04:32 . 2008-07-30 02:30 5335616 ----a-w- c:\windows\system32\ati3duag.dll
2012-07-04 04:22 . 2012-04-01 20:45 938368 ----a-w- c:\windows\system32\ativvamv.dll
2012-07-04 04:12 . 2010-02-25 02:43 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2012-07-04 04:12 . 2010-02-25 02:43 163840 ----a-w- c:\windows\system32\Oemdspif.dll
2012-07-04 04:12 . 2010-02-25 02:43 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2012-07-04 04:12 . 2010-02-25 02:43 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-04 04:12 . 2010-02-25 02:43 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2012-07-04 04:10 . 2010-02-25 02:43 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2012-07-04 04:09 . 2010-02-25 02:43 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2012-07-04 04:08 . 2008-07-30 02:30 3586816 ----a-w- c:\windows\system32\ativvaxx.dll
2012-07-04 04:05 . 2010-02-25 02:04 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-04 04:01 . 2010-02-25 02:43 835584 ----a-w- c:\windows\system32\atikvmag.dll
2012-07-04 03:56 . 2010-02-25 02:43 634880 ----a-w- c:\windows\system32\atiok3x2.dll
2012-07-04 03:56 . 2010-02-25 02:43 233472 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-04 03:56 . 2010-02-25 02:43 17408 ----a-w- c:\windows\system32\atitvo32.dll
2012-07-04 03:50 . 2008-07-30 02:30 909312 ----a-w- c:\windows\system32\ati2cqag.dll
2012-07-04 03:48 . 2010-02-25 02:43 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-04 03:48 . 2010-02-25 02:04 65024 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-04 03:47 . 2010-02-25 02:43 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-03 13:40 . 2008-04-13 23:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2008-04-14 03:42 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2008-04-14 03:42 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 17:49 . 2008-04-14 03:41 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 12:05 . 2008-04-13 22:07 385024 ------w- c:\windows\system32\html.iec
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-03-13 04:38 . 2012-04-29 14:31 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-13_17.48.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-09-13 18:20 . 2012-09-13 18:20 16384 c:\windows\temp\Perflib_Perfdata_7d0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_Share]
@="{B00DFEC8-C278-40FD-8832-76A9409991F3}"
[HKEY_CLASSES_ROOT\CLSID\{B00DFEC8-C278-40FD-8832-76A9409991F3}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_ShareSync]
@="{2022959D-8296-427A-9D9F-E59CC016F006}"
[HKEY_CLASSES_ROOT\CLSID\{2022959D-8296-427A-9D9F-E59CC016F006}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_Sync]
@="{B2483E28-1631-4E80-AA62-29B35EFEC7F0}"
[HKEY_CLASSES_ROOT\CLSID\{B2483E28-1631-4E80-AA62-29B35EFEC7F0}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2009-08-22 5148672]
"DIMProbíhá stahování aktualizace...1285781003180"="c:\program files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" [2010-05-21 95592]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-24 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-30 16864768]
"VF0060 STISvc"="V0060Pin.dll" [2004-11-01 36864]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-03 98304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Krylias\Start Menu\Programs\Startup\
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Firefox Preloader.lnk - c:\program files\FirefoxPreloader\FirefoxPreloader.exe [2011-3-23 98304]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TotalMedia Server.lnk]
backup=c:\windows\pss\TotalMedia Server.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Kalendár.lnk]
backup=c:\windows\pss\Kalendár.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Registration Assassin.LNK]
backup=c:\windows\pss\Registration Assassin.LNKStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-24 03:21 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2008-10-07 18:31 75048 ----a-w- c:\program files\CyberLink\Shared Files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
2009-02-27 16:04 278016 ----a-w- c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2005-10-27 17:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMProbíhá stahování aktualizace...1285781003180]
2010-05-21 12:12 95592 ----a-w- c:\program files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-16 22:11 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-01-25 13:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2010-01-22 10:08 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 12:53 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Networking USB Server]
2010-09-28 09:04 2416640 ----a-w- c:\program files\USB Server\Networking USB Server\Networking USB Server.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess]
2009-09-17 11:55 663552 ----a-w- c:\program files\Nokia\PC Internet Access\NPCIA.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2007-12-14 10:36 50472 ------w- c:\program files\CyberLink\PowerDVD8\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QFan Help]
2010-04-19 11:23 611968 ----a-w- c:\program files\ASUS\Fan Xpert\QFanHelp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2008-03-20 19:23 83240 ------w- c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-02-24 21:28 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-02-18 00:35 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\e-TRAYz\\e-TRAYz.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"c:\\Documents and Settings\\Krylias\\Application Data\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Generic\\Network Printer Wizard\\NPWService.exe"=
"c:\\Program Files\\USB Server\\Networking USB Server\\Networking USB Server.exe"=
"c:\\Program Files\\VSO\\VSO Downloader\\2\\VsoDownloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Krylias\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7805:TCP"= 7805:TCP:BitComet 7805 TCP
"7805:UDP"= 7805:UDP:BitComet 7805 UDP
"11280:TCP"= 11280:TCP:BitComet 11280 TCP(ED2K)
"11280:UDP"= 11280:UDP:BitComet 11280 UDP(ED2K)
"21763:TCP"= 21763:TCP:BitComet 21763 TCP
"21763:UDP"= 21763:UDP:BitComet 21763 UDP
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [8.1.2009 0:39 20744]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.2.2010 23:34 721904]
R1 ArcSec;ArcSec;c:\windows\system32\drivers\ArcSec.sys [21.9.2010 10:10 192504]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [3.3.2010 20:54 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [3.3.2010 20:54 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [3.3.2010 20:54 31704]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [7.10.2008 21:31 61424]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [27.2.2009 17:40 143467]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbguard.exe [12.8.2012 12:45 98304]
R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [27.3.2012 0:38 542040]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe -product HSS --> c:\program files\Hotspot Shield\bin\hsswd.exe -product HSS [?]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2.4.2012 10:53 652360]
R2 NETHDD;NETHDD Service;c:\windows\system32\NETHDD.exe [4.3.2010 19:42 249376]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [5.5.2011 0:18 66560]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 NPWService;NPWService;c:\program files\Generic\Network Printer Wizard\NPWService.exe [29.9.2010 19:29 458752]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [1.8.2012 22:49 28256]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [1.4.2012 22:45 103040]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 13:44 30088]
R3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\drivers\GenBus.sys [28.7.2009 18:25 27136]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [12.8.2012 12:45 3735552]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 15:58 26248]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2.4.2012 10:53 20464]
R3 NETHDDIM;NETHDD NDIS IM Service;c:\windows\system32\drivers\nethddim.sys [4.3.2010 19:42 18432]
R3 NUS_Bus;Network USB Server Bus;c:\windows\system32\drivers\NUS_Bus.sys [28.1.2010 15:51 27392]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [1.3.2010 2:22 47360]
S2 CLPSLS;COMODO livePCsupport Service;"c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe" --> c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [?]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe --> c:\asus.sys\config\DVMExportService.exe [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24.2.2010 23:29 135664]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3.4.2012 9:47 250568]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25.2.2010 12:03 1684736]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [25.12.2011 2:14 16640]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [1.8.2012 22:49 28256]
S3 EST_Server;Network USB Device;c:\windows\system32\drivers\GenHC.sys [4.1.2012 16:11 173056]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys --> c:\windows\system32\DRIVERS\GenericMount.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24.2.2010 23:29 135664]
S3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys --> c:\windows\system32\DRIVERS\JakNDis.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [18.3.2011 21:44 27064]
S3 SamsonLLDriver;Samson LL Driver;c:\windows\system32\drivers\SamsonLLDriver.sys [12.12.2006 16:34 56832]
S3 SWWDM_multi;Samson Audio (WDM);c:\windows\system32\drivers\SWAudWDM.sys [12.12.2006 16:34 25088]
S3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\drivers\V0060Vid.sys [27.2.2010 22:38 196409]
S4 DllSrv Service Controler;DllSrv Service Controler;"c:\windows\system32\drivers\DllSrv.exe" --> c:\windows\system32\drivers\DllSrv.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 10:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 07:25]
.
2012-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 21:28]
.
2012-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 21:28]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003Core.job
- c:\documents and settings\Krylias\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-05 13:15]
.
2012-09-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003UA.job
- c:\documents and settings\Krylias\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-05 13:15]
.
2012-09-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-343818398-152049171-1801674531-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 16:45]
.
2012-08-17 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-152049171-1801674531-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 16:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyServer = http=;ftp=;https=;
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download ALL with IDA - c:\program files\IDA\idaieall.htm
IE: Download remotely with IDA - c:\program files\IDA\remdown.htm
IE: Download with IDA - c:\program files\IDA\idaie.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EC19AC23-066B-454C-9C40-76F1E9504D72}: NameServer = 10.1.24.1
FF - ProfilePath - c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\pzjbfonc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=107738&tt=010712_5&babsrc=KW_ss&mntrId=7c58ba9100000000000000ffec19ac23&q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=107738&tt=010712_5
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 7c58ba9100000000000000ffec19ac23
FF - user.js: extensions.BabylonToolbar_i.hardId - 7c58ba9100000000000000ffec19ac23
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15530
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.171:26
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-13 20:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-343818398-152049171-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-343818398-152049171-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{257B08F8-8422-6ED0-32E9-5DB01CC079C9}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jadmjofleibenjjjlakh"=hex:61,61,00,00
"kadmjoflghjmcnaambhpol"=hex:61,61,00,00
"fadmjofljhln"=hex:66,61,63,6e,61,6b,6e,6f,65,67,70,6d,00,f5
.
[HKEY_USERS\S-1-5-21-343818398-152049171-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{419B4F45-2DF1-3719-C801-DE893D909CCF}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iadhimjdoengghmgkh"=hex:6a,61,70,64,64,63,64,6f,6e,67,70,70,66,69,64,61,66,6c,
70,6a,00,00
"hafhopjbigkpcokm"=hex:6a,61,70,64,64,63,64,6f,6e,67,70,70,66,69,64,61,66,6c,
70,6a,00,ff
"iapfmabldjgiofipng"=hex:63,61,61,65,68,63,00,7c
"dbndecgnhjpkndfbimgfgielnlimhampdadjcgij"=hex:68,61,65,62,6b,67,67,69,6a,68,
6e,69,70,6d,67,65,00,00
"jbndecgnhjpkndfbimgfdhgpkibplcpnljekippdghhjlhghioch"=hex:68,61,65,62,6b,67,
67,69,6a,68,6e,69,70,6d,67,65,00,00
"dbndecgnhjpkndfbimgfnhflbkgcaonikggpacoe"=hex:6a,63,66,6e,62,63,69,6e,69,62,
6c,6e,6a,70,68,6b,64,67,6d,64,6b,6e,70,6f,70,6c,6b,67,6e,62,6b,62,67,62,65,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Completion time: 2012-09-13 20:33:44
ComboFix-quarantined-files.txt 2012-09-13 18:33
ComboFix2.txt 2012-09-13 17:49
.
Pre-Run: 9 950 932 992 bytes free
Post-Run: 9 926 963 200 voľných bajtov
.
- - End Of File - - A9B6BB9DCFC8E220636812B95B369895

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files\Google\GoogleToolbarNotifier

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003UA.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

Firefox::
FF - ProfilePath - c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\pzjbfonc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=107738 ... c19ac23&q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=107738&tt=010712_5
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 7c58ba9100000000000000ffec19ac23
FF - user.js: extensions.BabylonToolbar_i.hardId - 7c58ba9100000000000000ffec19ac23
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15530
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.171:26
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

Regnull::
[HKEY_USERS\S-1-5-21-343818398-152049171-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_USERS\S-1-5-21-343818398-152049171-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{257B08F8-8422-6ED0-32E9-5DB01CC079C9}*]
[HKEY_USERS\S-1-5-21-343818398-152049171-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{419B4F45-2DF1-3719-C801-DE893D909CCF}*]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Vlasta333]

Rudy - ďakujem pekne v mene mojom a v mene všetkých,ktorým roky rozdávate zdarma rady
Už konečne aj browser neblázni a neotvára mi po každom kliknutí nové okno ...
Tu je výsledný log:

ComboFix 12-09-13.03 - Krylias 13.09.2012 21:31:21.2.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3327.2520 [GMT 2:00]
Running from: c:\documents and settings\Krylias\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Krylias\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003UA.job"
.
ADS - WINDOWS: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\GoogleToolbarNotifier
c:\program files\Google\GoogleToolbarNotifier\5.7.7529.1424\gth.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.7529.1424\Readme.url
c:\program files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-152049171-1801674531-1003UA.job
.
.
((((((((((((((((((((((((( Files Created from 2012-08-13 to 2012-09-13 )))))))))))))))))))))))))))))))
.
.
2012-09-13 18:38 . 2012-09-13 18:39 -------- d-----w- C:\rsit
2012-09-13 18:20 . 2012-09-13 18:21 -------- d-----w- C:\hsswd
2012-09-13 18:20 . 2012-09-13 18:20 -------- d-----w- C:\update
2012-09-13 18:20 . 2012-09-13 18:20 -------- d-----w- C:\hssff
2012-09-13 18:13 . 2012-09-13 18:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-09-13 17:51 . 2012-09-13 17:51 -------- d-----w- c:\documents and settings\Administrator\Application Data\DVDVideoSoft
2012-09-02 07:27 . 2012-09-02 07:27 -------- d-----w- c:\program files\Common Files\Java
2012-09-02 07:27 . 2012-09-02 07:27 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-01 21:48 . 2012-09-01 21:48 -------- d-----w- c:\program files\Xiph.Org
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-02 07:27 . 2012-04-30 19:35 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-02 07:26 . 2012-04-30 19:35 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-02 07:26 . 2011-07-19 06:09 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-02 07:25 . 2012-04-03 07:47 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-02 07:25 . 2012-01-22 18:51 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-22 18:58 . 2010-02-24 17:15 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-07-06 13:58 . 2008-04-14 03:41 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2010-02-23 20:57 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-04 06:54 . 2008-07-30 02:30 7874560 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2012-07-04 04:38 . 2010-02-24 00:49 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-04 04:37 . 2008-07-30 02:30 306176 ----a-w- c:\windows\system32\ati2dvag.dll
2012-07-04 04:36 . 2010-02-24 00:49 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2012-07-04 04:35 . 2010-02-25 02:04 19603456 ----a-w- c:\windows\system32\atioglxx.dll
2012-07-04 04:32 . 2008-07-30 02:30 5335616 ----a-w- c:\windows\system32\ati3duag.dll
2012-07-04 04:22 . 2012-04-01 20:45 938368 ----a-w- c:\windows\system32\ativvamv.dll
2012-07-04 04:12 . 2010-02-25 02:43 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2012-07-04 04:12 . 2010-02-25 02:43 163840 ----a-w- c:\windows\system32\Oemdspif.dll
2012-07-04 04:12 . 2010-02-25 02:43 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2012-07-04 04:12 . 2010-02-25 02:43 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-04 04:12 . 2010-02-25 02:43 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2012-07-04 04:10 . 2010-02-25 02:43 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2012-07-04 04:09 . 2010-02-25 02:43 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2012-07-04 04:08 . 2008-07-30 02:30 3586816 ----a-w- c:\windows\system32\ativvaxx.dll
2012-07-04 04:05 . 2010-02-25 02:04 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-04 04:01 . 2010-02-25 02:43 835584 ----a-w- c:\windows\system32\atikvmag.dll
2012-07-04 03:56 . 2010-02-25 02:43 634880 ----a-w- c:\windows\system32\atiok3x2.dll
2012-07-04 03:56 . 2010-02-25 02:43 233472 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-04 03:56 . 2010-02-25 02:43 17408 ----a-w- c:\windows\system32\atitvo32.dll
2012-07-04 03:50 . 2008-07-30 02:30 909312 ----a-w- c:\windows\system32\ati2cqag.dll
2012-07-04 03:48 . 2010-02-25 02:43 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-04 03:48 . 2010-02-25 02:04 65024 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-04 03:47 . 2010-02-25 02:43 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-03 13:40 . 2008-04-13 23:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2008-04-14 03:42 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2008-04-14 03:42 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 17:49 . 2008-04-14 03:41 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 12:05 . 2008-04-13 22:07 385024 ------w- c:\windows\system32\html.iec
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-03-13 04:38 . 2012-04-29 14:31 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-13_17.48.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-09-13 19:36 . 2012-09-13 19:36 16384 c:\windows\temp\Perflib_Perfdata_5a0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_Share]
@="{B00DFEC8-C278-40FD-8832-76A9409991F3}"
[HKEY_CLASSES_ROOT\CLSID\{B00DFEC8-C278-40FD-8832-76A9409991F3}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_ShareSync]
@="{2022959D-8296-427A-9D9F-E59CC016F006}"
[HKEY_CLASSES_ROOT\CLSID\{2022959D-8296-427A-9D9F-E59CC016F006}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CeTRAYz_OverlayIcon_Sync]
@="{B2483E28-1631-4E80-AA62-29B35EFEC7F0}"
[HKEY_CLASSES_ROOT\CLSID\{B2483E28-1631-4E80-AA62-29B35EFEC7F0}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2009-08-22 5148672]
"DIMProbíhá stahování aktualizace...1285781003180"="c:\program files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" [2010-05-21 95592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-30 16864768]
"VF0060 STISvc"="V0060Pin.dll" [2004-11-01 36864]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-03 98304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Krylias\Start Menu\Programs\Startup\
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Firefox Preloader.lnk - c:\program files\FirefoxPreloader\FirefoxPreloader.exe [2011-3-23 98304]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TotalMedia Server.lnk]
backup=c:\windows\pss\TotalMedia Server.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Kalendár.lnk]
backup=c:\windows\pss\Kalendár.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Krylias^Start Menu^Programs^Startup^Registration Assassin.LNK]
backup=c:\windows\pss\Registration Assassin.LNKStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-24 03:21 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2008-10-07 18:31 75048 ----a-w- c:\program files\CyberLink\Shared Files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
2009-02-27 16:04 278016 ----a-w- c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2005-10-27 17:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMProbíhá stahování aktualizace...1285781003180]
2010-05-21 12:12 95592 ----a-w- c:\program files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-16 22:11 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-01-25 13:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2010-01-22 10:08 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 12:53 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Networking USB Server]
2010-09-28 09:04 2416640 ----a-w- c:\program files\USB Server\Networking USB Server\Networking USB Server.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess]
2009-09-17 11:55 663552 ----a-w- c:\program files\Nokia\PC Internet Access\NPCIA.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2007-12-14 10:36 50472 ------w- c:\program files\CyberLink\PowerDVD8\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QFan Help]
2010-04-19 11:23 611968 ----a-w- c:\program files\ASUS\Fan Xpert\QFanHelp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2008-03-20 19:23 83240 ------w- c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-02-18 00:35 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\e-TRAYz\\e-TRAYz.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"c:\\Documents and Settings\\Krylias\\Application Data\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Generic\\Network Printer Wizard\\NPWService.exe"=
"c:\\Program Files\\USB Server\\Networking USB Server\\Networking USB Server.exe"=
"c:\\Program Files\\VSO\\VSO Downloader\\2\\VsoDownloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Krylias\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7805:TCP"= 7805:TCP:BitComet 7805 TCP
"7805:UDP"= 7805:UDP:BitComet 7805 UDP
"11280:TCP"= 11280:TCP:BitComet 11280 TCP(ED2K)
"11280:UDP"= 11280:UDP:BitComet 11280 UDP(ED2K)
"21763:TCP"= 21763:TCP:BitComet 21763 TCP
"21763:UDP"= 21763:UDP:BitComet 21763 UDP
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [8.1.2009 0:39 20744]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.2.2010 23:34 721904]
R1 ArcSec;ArcSec;c:\windows\system32\drivers\ArcSec.sys [21.9.2010 10:10 192504]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [3.3.2010 20:54 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [3.3.2010 20:54 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [3.3.2010 20:54 31704]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [7.10.2008 21:31 61424]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [27.2.2009 17:40 143467]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbguard.exe [12.8.2012 12:45 98304]
R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [27.3.2012 0:38 542040]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe -product HSS --> c:\program files\Hotspot Shield\bin\hsswd.exe -product HSS [?]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2.4.2012 10:53 652360]
R2 NETHDD;NETHDD Service;c:\windows\system32\NETHDD.exe [4.3.2010 19:42 249376]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [5.5.2011 0:18 66560]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 NPWService;NPWService;c:\program files\Generic\Network Printer Wizard\NPWService.exe [29.9.2010 19:29 458752]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [1.8.2012 22:49 28256]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [1.4.2012 22:45 103040]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 13:44 30088]
R3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\drivers\GenBus.sys [28.7.2009 18:25 27136]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [12.8.2012 12:45 3735552]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 15:58 26248]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2.4.2012 10:53 20464]
R3 NETHDDIM;NETHDD NDIS IM Service;c:\windows\system32\drivers\nethddim.sys [4.3.2010 19:42 18432]
R3 NUS_Bus;Network USB Server Bus;c:\windows\system32\drivers\NUS_Bus.sys [28.1.2010 15:51 27392]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [1.3.2010 2:22 47360]
S2 CLPSLS;COMODO livePCsupport Service;"c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe" --> c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [?]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe --> c:\asus.sys\config\DVMExportService.exe [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24.2.2010 23:29 135664]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3.4.2012 9:47 250568]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25.2.2010 12:03 1684736]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [25.12.2011 2:14 16640]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [1.8.2012 22:49 28256]
S3 EST_Server;Network USB Device;c:\windows\system32\drivers\GenHC.sys [4.1.2012 16:11 173056]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys --> c:\windows\system32\DRIVERS\GenericMount.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24.2.2010 23:29 135664]
S3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys --> c:\windows\system32\DRIVERS\JakNDis.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [18.3.2011 21:44 27064]
S3 SamsonLLDriver;Samson LL Driver;c:\windows\system32\drivers\SamsonLLDriver.sys [12.12.2006 16:34 56832]
S3 SWWDM_multi;Samson Audio (WDM);c:\windows\system32\drivers\SWAudWDM.sys [12.12.2006 16:34 25088]
S3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\drivers\V0060Vid.sys [27.2.2010 22:38 196409]
S4 DllSrv Service Controler;DllSrv Service Controler;"c:\windows\system32\drivers\DllSrv.exe" --> c:\windows\system32\drivers\DllSrv.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 10:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 07:25]
.
2012-09-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-343818398-152049171-1801674531-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 16:45]
.
2012-08-17 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-152049171-1801674531-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 16:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyServer = http=;ftp=;https=;
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download ALL with IDA - c:\program files\IDA\idaieall.htm
IE: Download remotely with IDA - c:\program files\IDA\remdown.htm
IE: Download with IDA - c:\program files\IDA\idaie.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EC19AC23-066B-454C-9C40-76F1E9504D72}: NameServer = 10.1.24.1
FF - ProfilePath - c:\documents and settings\Krylias\Application Data\Mozilla\Firefox\Profiles\pzjbfonc.default\

.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-13 21:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-343818398-152049171-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(308)
c:\windows\system32\WININET.dll
c:\progra~1\e-TRAYz\ETRAYZ~2.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Nero\Nero 7\Nero BackItUp\NBShell.dll
c:\program files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
c:\program files\WinRAR\rarext.dll
c:\program files\7-Zip\7-zip.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files\Hotspot Shield\bin\hsswd.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\locator.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDLL32.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2012-09-13 21:42:10 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-13 19:42
ComboFix2.txt 2012-09-13 18:33
ComboFix3.txt 2012-09-13 17:49
.
Pre-Run: 10 545 594 368 bytes free
Post-Run: 55 adresárov, 10 515 079 168 voľných bajtov
.
- - End Of File - - 6D1D59DD1C1DFDECB2D17028B4E4E899


Task Manager znova funguje,takisto aj Caps Lock a neblbne už ani browser a aj pracovná plocha sa zdá byť už OK.
Možno teda CF vymazať ?
Díky za radu - kontrolu a script !

[Rudy]

Log již vypadá čistý. CF odinstalujte Start>spustit>(napsat) comobfix /uninstall>OK. Nemáte zač!

[Vlasta333]

ComboFix /Uninstall

Ešte raz - díky moc "Rudy"

[Rudy]

Rádo se stalo!