Problémy s internetem

Zpráva

Specters · #1 Příspěvek od **Specters** » 03 úno 2010 16:28

Ahoj, už 4 dni mi nejde internet na notebooku. Mám internet pripojený cez router, na osobním PC jede, a na notebooku mi z ničeho nic přestal jít. Nevíte čím to může být????

#2 Příspěvek od **Rudy** » 03 úno 2010 18:47

Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .

Specters · #3 Příspěvek od **Specters** » 03 úno 2010 19:41

Tady je ten log:

Logfile of HijackThis v1.99.1
Scan saved at 19:37:35, on 3. 2. 2010
Platform: Unknown Windows (WinNT 6.00.1906 SP2)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lexmark 2500 Series\lxddamon.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Toshiba TEMPRO\TemproTray.exe
E:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\msfeedssync.exe
C:\Users\Specter\Desktop\hijackthis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.azet.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?SK (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {4944924A-64E4-49C1-AC97-ABA3927262FE} (StWbUsa Control) - http://channel.dontblynk.com/Launcher/StWbUsa.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Update Service (gupdate1ca4d91ff179f91) (gupdate1ca4d91ff179f91) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxddserv.exe
O23 - Service: lxdd_device - - C:\Windows\system32\lxddcoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

#4 Příspěvek od **Rudy** » 03 úno 2010 21:06

Sice toto není log z RSIT, nicméně něco je vidět i zde. Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Specters · #5 Příspěvek od **Specters** » 03 úno 2010 22:18

Sory za špatný log

Tady je log z combofixu....

ComboFix 10-02-03.03 - Specter . 02. 2010 21:39:08.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.2939.1875 [GMT 1:00]
Running from: c:\users\Specter\Desktop\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Specter\AppData\Roaming\BITS
c:\users\Specter\AppData\Roaming\BITS\BITS.ini
c:\users\Specter\AppData\Roaming\BITS\DHTTable.dat
c:\users\Specter\AppData\Roaming\BITS\ProxyList.ini
c:\users\Specter\FAVORI~1\7z465.exe
c:\users\Specter\FAVORI~1\Ad-AwareAE.exe
c:\users\Specter\FAVORI~1\avast_home_setup.exe
c:\users\Specter\FAVORI~1\Bruce_UTWizard_Setup.exe
c:\users\Specter\FAVORI~1\ccsetup222.exe
c:\users\Specter\FAVORI~1\daemon4303-lite.exe
c:\users\Specter\FAVORI~1\Firefox Setup 3.5.2.exe
c:\users\Specter\FAVORI~1\Lavasoft.Ad-Aware.2009.Pro.v8.0.5.Full\Lavasoft Ad-Aware 2009 Pro v8.0.5\Ad-Aware.exe
c:\users\Specter\FAVORI~1\Lavasoft.Ad-Aware.2009.Pro.v8.0.5.Full\Lavasoft Ad-Aware 2009 Pro v8.0.5\cracked\lavalicense.dll cracked.exe
c:\users\Specter\FAVORI~1\Lavasoft.Ad-Aware.2009.Pro.v8.0.5.Full\Lavasoft Ad-Aware 2009 Pro v8.0.5\original\lavalicense.dll original.exe
c:\users\Specter\FAVORI~1\RapidTyping_Setup_2.9.exe
c:\users\Specter\FAVORI~1\setup.exe
c:\users\Specter\FAVORI~1\spybotsd162.exe
c:\users\Specter\FAVORI~1\SUPERsetup.exe
c:\users\Specter\FAVORI~1\utorrent.exe
c:\users\Specter\Favorites\7z465.exe
c:\users\Specter\Favorites\Ad-AwareAE.exe
c:\users\Specter\Favorites\avast_home_setup.exe
c:\users\Specter\Favorites\Bruce_UTWizard_Setup.exe
c:\users\Specter\Favorites\ccsetup222.exe
c:\users\Specter\Favorites\daemon4303-lite.exe
c:\users\Specter\Favorites\Firefox Setup 3.5.2.exe
c:\users\Specter\Favorites\Lavasoft.Ad-Aware.2009.Pro.v8.0.5.Full\Lavasoft Ad-Aware 2009 Pro v8.0.5\Ad-Aware.exe
c:\users\Specter\Favorites\Lavasoft.Ad-Aware.2009.Pro.v8.0.5.Full\Lavasoft Ad-Aware 2009 Pro v8.0.5\cracked\lavalicense.dll cracked.exe
c:\users\Specter\Favorites\Lavasoft.Ad-Aware.2009.Pro.v8.0.5.Full\Lavasoft Ad-Aware 2009 Pro v8.0.5\original\lavalicense.dll original.exe
c:\users\Specter\Favorites\RapidTyping_Setup_2.9.exe
c:\users\Specter\Favorites\setup.exe
c:\users\Specter\Favorites\spybotsd162.exe
c:\users\Specter\Favorites\SUPERsetup.exe
c:\users\Specter\Favorites\utorrent.exe

.
((((((((((((((((((((((((( Files Created from 2010-01-03 to 2010-02-03 )))))))))))))))))))))))))))))))
.

2010-02-03 21:05 . 2010-02-03 21:05 -------- d-----w- c:\users\Specter\AppData\Local\temp
2010-01-31 14:52 . 2010-01-31 14:52 -------- d-----w- c:\program files\Defraggler
2010-01-28 15:30 . 2008-04-13 16:26 36396 ----a-w- c:\users\Specter\AppData\Roaming\BSplayer Pro\AC3 Filter\uninstall.exe
2010-01-28 15:30 . 2007-08-18 08:53 16384 ----a-w- c:\users\Specter\AppData\Roaming\BSplayer Pro\AC3 Filter\dialog_patch.exe
2010-01-28 15:30 . 2007-07-05 02:33 892928 ----a-w- c:\users\Specter\AppData\Roaming\BSplayer Pro\AC3 Filter\iconv.dll
2010-01-28 15:30 . 2007-08-18 08:54 20480 ----a-w- c:\users\Specter\AppData\Roaming\BSplayer Pro\AC3 Filter\ac3config.exe
2010-01-28 15:17 . 2010-01-27 11:57 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-01-28 12:40 . 2010-01-28 12:40 -------- d-----w- c:\users\Specter\AppData\Local\Apple
2010-01-27 18:32 . 2009-09-22 14:17 2215936 ----a-w- c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\kos@dontblynk.com\platform\WINNT_x86-msvc\plugins\NPSting.dll
2010-01-27 16:58 . 2004-12-30 12:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2010-01-27 16:52 . 2010-01-27 16:52 -------- d-----w- c:\program files\Common Files\INCA Shared
2010-01-26 16:48 . 2010-01-26 16:48 -------- d-----w- c:\program files\Common Files\Apple
2010-01-26 16:48 . 2010-01-26 16:48 -------- d-----w- c:\program files\Apple Software Update
2010-01-26 16:48 . 2010-01-26 16:48 -------- d-----w- c:\programdata\Apple
2010-01-24 11:51 . 2010-01-24 11:51 -------- d-----w- c:\program files\NetLimiter 2 Pro
2010-01-18 17:46 . 2010-01-30 10:59 -------- d-----w- C:\Torrents
2010-01-18 14:09 . 2010-01-18 14:09 -------- d-----w- c:\users\Rosalynn\AppData\Roaming\Locktime
2010-01-18 12:00 . 2010-01-18 12:00 -------- d-----w- c:\users\Mamina\AppData\Roaming\TuneUp Software
2010-01-18 11:17 . 2010-01-18 11:17 -------- d-----w- c:\users\Mamina\AppData\Roaming\Locktime
2010-01-14 22:32 . 2010-01-14 22:32 -------- d-----w- C:\logs
2010-01-13 06:15 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 06:15 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-08 18:09 . 2010-01-11 18:54 -------- d-----w- c:\users\Specter\AppData\Roaming\ConMet
2010-01-08 18:09 . 2010-01-11 18:54 -------- d-----w- c:\programdata\ConMet
2010-01-08 13:19 . 2010-01-08 13:19 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-01-08 13:16 . 2010-01-08 13:19 -------- d-----w- c:\programdata\LangSoft
2010-01-08 13:16 . 2010-01-08 13:19 -------- d-----w- c:\users\Specter\AppData\Roaming\LangSoft
2010-01-08 03:43 . 2010-01-08 03:43 -------- d-----w- C:\40293539d5204a5e61
2010-01-06 18:15 . 2010-01-06 18:15 -------- d-----w- c:\program files\SystemRequirementsLab
2010-01-05 22:00 . 2010-01-26 16:58 -------- d-----w- c:\programdata\Apple Computer
2010-01-05 20:47 . 2010-01-05 22:02 -------- d-----w- C:\Temp
2010-01-05 20:44 . 2010-01-06 16:16 -------- d-----w- c:\program files\ImTOO

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-03 18:28 . 2009-08-15 12:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-30 11:01 . 2009-08-15 13:55 -------- d-----w- c:\users\Specter\AppData\Roaming\uTorrent
2010-01-29 16:20 . 2009-10-10 11:59 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-01-29 16:19 . 2009-10-10 11:59 171552 ----a-w- c:\windows\system32\guard32.dll
2010-01-29 16:19 . 2009-10-10 11:59 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-01-29 16:19 . 2009-10-10 11:59 130960 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-01-28 15:32 . 2009-12-10 21:32 -------- d-----w- c:\users\Specter\AppData\Roaming\BSplayer Pro
2010-01-28 15:23 . 2009-12-10 21:32 -------- d-----w- c:\users\Specter\AppData\Roaming\BSplayer
2010-01-28 08:14 . 2009-08-22 16:18 -------- d-----w- c:\users\Specter\AppData\Roaming\BitTorrent
2010-01-27 11:57 . 2009-10-18 10:54 862040 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-01-27 11:57 . 2009-10-28 12:00 15880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-01-27 11:57 . 2009-10-18 10:54 206944 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-01-27 11:57 . 2009-10-18 10:54 390288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-01-27 11:57 . 2009-10-18 10:54 537576 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-01-27 11:57 . 2009-10-18 10:54 389272 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-01-27 11:57 . 2009-10-18 10:54 163728 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\ShellExt.dll
2010-01-27 11:57 . 2009-10-28 11:59 6296864 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Resources.dll
2010-01-27 11:57 . 2009-10-18 10:54 8 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2010-01-27 11:56 . 2009-10-18 10:53 327000 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll
2010-01-27 11:56 . 2009-10-18 10:53 87496 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2010-01-27 11:56 . 2009-10-18 10:53 933120 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-01-27 11:56 . 2009-10-18 10:53 3803208 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2010-01-27 11:56 . 2009-10-18 10:53 816784 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-01-27 11:56 . 2009-10-18 10:53 823928 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-01-27 11:55 . 2009-10-18 10:53 1643272 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-01-27 11:55 . 2009-10-18 10:53 788880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-01-27 11:55 . 2009-10-18 10:53 1181328 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-01-26 12:53 . 2009-06-14 14:21 984 ----a-w- c:\users\Mamina\AppData\Roaming\wklnhst.dat
2010-01-20 13:35 . 2009-09-29 17:21 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 14:09 . 2009-02-08 21:30 86528 ----a-w- c:\users\Rosalynn\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-14 22:52 . 2009-01-12 21:19 -------- d-----w- c:\program files\Lx_cats
2010-01-14 10:12 . 2009-10-02 20:26 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 15:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-08 13:16 . 2009-03-02 18:33 -------- d-----w- c:\users\Specter\AppData\Roaming\DAEMON Tools Lite
2010-01-04 20:09 . 2009-06-14 14:15 86528 ----a-w- c:\users\Mamina\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-04 19:59 . 2009-10-10 11:59 -------- d-----w- c:\programdata\Comodo
2010-01-04 13:55 . 2008-08-21 08:45 -------- d-----w- c:\program files\Google
2010-01-04 13:37 . 2009-10-14 13:03 -------- d-----w- c:\program files\Porn.Pack-PlayBoy_88
2010-01-04 13:37 . 2009-12-07 17:48 -------- d-----w- c:\program files\Golden
2010-01-04 13:35 . 2008-12-24 16:50 86528 ----a-w- c:\users\Specter\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-03 23:28 . 2009-08-21 19:38 729088 ----a-w- c:\windows\iun6002.exe
2010-01-03 10:59 . 2009-12-10 19:51 -------- d-----w- c:\program files\Webteh
2010-01-02 06:38 . 2010-01-21 23:38 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-21 23:38 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-21 23:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-21 23:38 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-31 16:11 . 2009-12-31 16:11 -------- d-----w- c:\program files\SGCSim.com
2009-12-30 00:50 . 2009-08-03 16:55 -------- d-----w- c:\program files\SpeedFan
2009-12-27 10:58 . 2009-02-21 17:52 -------- d-----w- c:\program files\Mplayer
2009-12-26 16:59 . 2009-12-26 16:58 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-12-26 16:54 . 2009-12-13 21:50 -------- d-----w- c:\users\Specter\AppData\Roaming\TuneUp Software
2009-12-26 16:40 . 2009-12-13 21:48 -------- d-----w- c:\programdata\TuneUp Software
2009-12-26 16:38 . 2009-12-26 16:38 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-23 16:56 . 2009-12-25 11:45 52224 ----a-w- c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
2009-12-23 16:56 . 2009-12-25 11:45 101376 ----a-w- c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
2009-12-20 09:53 . 2009-12-20 09:53 234016 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2009-12-19 10:44 . 2009-12-19 10:44 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE06.tmp.exe
2009-12-17 23:14 . 2009-12-26 16:59 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-17 23:09 . 2009-12-26 16:59 21320 ----a-w- c:\windows\system32\authuitu.dll
2009-12-17 23:08 . 2009-12-26 16:59 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-13 21:48 . 2008-08-21 08:46 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-13 20:12 . 2008-08-21 08:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-11 18:43 . 2009-12-11 13:47 -------- d-----w- c:\program files\BS_Player
2009-12-11 13:47 . 2009-12-11 13:47 -------- d-----w- c:\program files\Conduit
2009-12-09 17:21 . 2009-11-01 10:53 -------- d-----w- c:\users\Specter\AppData\Roaming\DAEMON Tools Pro
2009-12-09 15:59 . 2008-08-21 08:49 -------- d-----w- c:\programdata\Microsoft Help
2009-12-03 08:27 . 2009-12-03 08:27 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2009-12-03 08:27 . 2009-11-12 06:24 100896 ----a-w- c:\windows\system32\RTNUninst32.dll
2009-11-30 18:46 . 2009-11-30 18:46 164352 --sh--w- c:\windows\system32\SC.dll
2009-11-24 23:54 . 2009-10-10 12:20 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:49 . 2009-10-10 12:20 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-10-10 12:20 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-10-10 12:20 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 16:39 . 2009-11-28 13:27 1093064 ----a-w- c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2009-11-21 10:17 . 2009-11-21 10:17 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-11-21 10:17 . 2009-11-21 10:17 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-11-21 10:17 . 2009-11-21 10:17 12067 ----atw- c:\windows\system32\SIntf16.dll
2009-11-09 12:31 . 2009-12-09 16:00 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 15:59 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 15:59 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-09 03:21 . 2009-11-09 03:21 59388 ----a-w- c:\windows\system32\drivers\scdemu.sys
2009-11-06 19:20 . 2009-03-02 18:34 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2006-05-03 10:06 . 2009-10-11 19:25 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 11:47 . 2009-10-11 19:25 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 13:30 . 2009-10-11 19:25 216064 --sh--r- c:\windows\System32\nbDX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-12-12 1840424]
"SpybotSD TeaTimer"="e:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-21 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-24 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-05-09 716800]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760]
"lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2009-07-21 1045904]
"avast!"="e:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-01-27 1800464]

c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]

c:\users\Mamina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Orez vaź obrazovky a spŁçśaź programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\users\Specter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Orez vaź obrazovky a spŁçśaź programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Specter\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Toshiba Registration"=c:\program files\Toshiba\Registration\ToshibaRegistration.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f1,3d,0e,90,de,3e,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2263885144-3196982668-389676299-1000]
"EnableNotificationsRef"=dword:00000005

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [18. 10. 2009 11:54 64288]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [10. 10. 2009 13:20 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\System32\drivers\cmdguard.sys [10. 10. 2009 12:59 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\System32\drivers\cmdhlp.sys [10. 10. 2009 12:59 29520]
R1 nltdi;nltdi;c:\windows\System32\drivers\nltdi.sys [23. 4. 2007 12:03 82200]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\System32\drivers\RtlProt.sys [24. 12. 2008 17:55 25896]
R2 acedrv11;acedrv11;c:\windows\System32\drivers\acedrv11.sys [19. 1. 2009 19:31 277544]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [10. 10. 2009 13:20 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [10. 10. 2009 13:20 53328]
R2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [16. 4. 2008 23:19 40960]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [21. 1. 2008 3:23 21504]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15. 8. 2009 15:36 222456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24. 9. 2009 12:17 1181328]
R2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?]
R2 SBSDWSCService;SBSD Security Center Service;e:\program files\Spybot - Search & Destroy\SDWinSec.exe [15. 8. 2009 13:30 1153368]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [21. 7. 2009 16:55 116104]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [6. 2. 2008 14:12 126976]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18. 12. 2009 0:12 1044808]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [21. 8. 2008 9:17 7168]
R3 RTL8187B;Sieťový adaptér bezdrôtového pripojenia RTL8187B Wireless 802.11b/g 54Mbps USB 2.0;c:\windows\System32\drivers\rtl8187B.sys [21. 8. 2008 9:17 290304]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [24. 4. 2008 18:35 73728]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14. 10. 2009 7:24 10064]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [2. 3. 2009 19:34 691696]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [15. 8. 2009 14:58 234888]
S2 gupdate1ca4d91ff179f91;Google Update Service (gupdate1ca4d91ff179f91);c:\program files\Google\Update\GoogleUpdate.exe [15. 10. 2009 13:21 133104]
S2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxddserv.exe [25. 5. 2007 10:41 99248]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21. 1. 2008 3:23 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [29. 9. 2009 18:50 54632]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [5. 8. 2009 21:48 704864]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 Unilocator;Unilocator;c:\windows\System32\LOCATRNT.EXE [30. 9. 1996 120832]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService REG_MULTI_SZ HsfXAudioService
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-02-03 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:56]

2010-02-03 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:56]

2010-02-03 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:56]

2010-02-03 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:56]

2010-02-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:56]

2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 12:21]

2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 12:21]

2010-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2263885144-3196982668-389676299-1000Core.job
- c:\users\Specter\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-25 22:54]

2010-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2263885144-3196982668-389676299-1000UA.job
- c:\users\Specter\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-25 22:54]

2010-02-03 c:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance.job
- c:\program files\TuneUp Utilities 2010\OneClick.exe [2009-12-17 23:19]

2010-02-03 c:\windows\Tasks\User_Feed_Synchronization-{C2471523-F807-4F88-9518-A327C0F00610}.job
- c:\windows\system32\msfeedssync.exe [2010-01-21 04:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.azet.sk/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?SK
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home
LSP: c:\windows\system32\wpclsp.dll
DPF: {4944924A-64E4-49C1-AC97-ABA3927262FE} - hxxp://channel.dontblynk.com/Launcher/StWbUsa.CAB
FF - ProfilePath - c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.azet.sk/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: network.proxy.type - 1
FF - component: c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Specter\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\Specter\AppData\Roaming\Mozilla\Firefox\Profiles\zfuz3f7k.default\extensions\kos@dontblynk.com\platform\WINNT_x86-msvc\plugins\NPSting.dll

---- FIREFOX POLICIES ----
pref(dom.disable_open_during_load, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
Toolbar-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-HijackThis - c:\users\Specter\Desktop\HijackThis.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-03 22:05
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2263885144-3196982668-389676299-1000\Software\SecuROM\License information*]
"datasecu"=hex:7d,80,f5,79,2f,1a,3e,0e,bc,d1,de,6b,91,61,53,03,29,36,c9,9a,b3,
7b,87,9d,83,52,af,f9,90,ad,2a,6c,27,9b,d3,a9,75,f3,79,db,82,ac,c5,20,72,8d,\
"rkeysecu"=hex:b7,16,95,6f,49,35,f6,53,ca,6d,5e,31,37,58,4d,93

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000fb

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-02-03 22:13:52
ComboFix-quarantined-files.txt 2010-02-03 21:13

Pre-Run: 20 177 301 504 bytes free
Post-Run: 20 824 543 232 bytes free

- - End Of File - - 01C2ADA7D588E26D46E08BD043470283

#6 Příspěvek od **Rudy** » 03 úno 2010 22:43

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\AskBarDis

Driver::
ASKUpgrade

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

Uložte na plochu jakao CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Specters · #7 Příspěvek od **Specters** » 04 úno 2010 00:31

Po tom txt/combofix se mi ukázalo startup - windows nemůže chyby opravit automaticky a pak mi nešel spustit comp. Musel jsem jít cez nouzový režim a poslední známá konfigurace. Po tom se zase objevil combofix a dělal log....

#8 Příspěvek od **Rudy** » 04 úno 2010 20:37

Možná je nějaká chyba v systému. Askbar je celkem běžný malware, který se dá snadno odstranit. Zkuste ho odinstalovat přes přidat/ubrat programy.

VIRY.CZ

Problémy s internetem

Problémy s internetem

Re: Problémy s internetem

Re: Problémy s internetem

Re: Problémy s internetem

Re: Problémy s internetem

Re: Problémy s internetem

Re: Problémy s internetem + nejde spustit PC prosím rychle pomoc

Re: Problémy s internetem