Opět ten samý problém - prosím o pomoc

[radimk5]

Logfile of random's system information tool 1.07 (written by random/random)
Run by Radim at 2010-05-20 20:05:41
Systém Microsoft Windows XP Professional Service Pack 1
System drive I: has 33 GB (14%) free of 229 GB
Total RAM: 1023 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:51, on 20.5.2010
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\System32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\Program Files\Alwil Software\Avast5\AvastSvc.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\ICQ6Toolbar\ICQ Service.exe
I:\Program Files\Google\Update\GoogleUpdate.exe
I:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\WINDOWS\RTHDCPL.EXE
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
I:\Program Files\Winamp\winampa.exe
I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
I:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
I:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
I:\Program Files\CursorXP\CursorXP.exe
I:\Program Files\ICQ7.0\ICQ.exe
I:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
I:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
I:\WINDOWS\explorer.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\WINDOWS\system32\notepad.exe
I:\Documents and Settings\Radim\Plocha\RSIT.exe
I:\Program Files\trend micro\Radim.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - I:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - I:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [StartCCC] I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "I:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] I:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "I:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] I:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "I:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [CursorXP] I:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ICQ] "I:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SUPERAntiSpyware] I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = I:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ZoneAlarm.lnk = I:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: Download Video by Free YouTuBe Utility - I:\Program Files\Free YouTuBe Utility\IEydown.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - I:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - I:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - I:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - I:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - I:\WINDOWS\System32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - I:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - I:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8107 bytes

======Scheduled tasks folder======

I:\WINDOWS\tasks\AppleSoftwareUpdate.job
I:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
I:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - I:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-14 327748]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - I:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Rádio - I:\WINDOWS\System32\msdxm.ocx [2002-09-20 844828]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - I:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-14 327748]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - I:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"DAEMON Tools-1033"=I:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"NeroFilterCheck"=I:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=I:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"QuickTime Task"=I:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]
"WinampAgent"=I:\Program Files\Winamp\winampa.exe [2008-01-16 37376]
"SunJavaUpdateSched"=I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Reader Speed Launcher"=I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"avast5"=I:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=I:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"CursorXP"=I:\Program Files\CursorXP\CursorXP.exe [2005-01-19 128000]
"ICQ"=I:\Program Files\ICQ7.0\ICQ.exe [2010-03-28 133368]
"SUPERAntiSpyware"=I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-06 2017280]

I:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - I:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
ZoneAlarm.lnk - I:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe

I:\Documents and Settings\Radim\Nabídka Start\Programy\Po spuštění
RocketDock.lnk - I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="winmm.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
I:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
I:\WINDOWS\system32\Ati2evxx.dll [2008-06-03 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=I:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-05-20 20:05:41 ----D---- I:\rsit
2010-05-20 20:05:41 ----D---- I:\Program Files\trend micro
2010-05-20 19:55:00 ----A---- I:\ComboFix.txt
2010-05-20 19:44:58 ----SHD---- I:\RECYCLER
2010-05-19 16:16:22 ----D---- I:\Qoobox
2010-05-19 15:27:23 ----D---- I:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2010-05-19 15:27:15 ----D---- I:\Program Files\SUPERAntiSpyware
2010-05-19 15:27:15 ----D---- I:\Documents and Settings\Radim\Data aplikací\SUPERAntiSpyware.com
2010-05-18 17:22:00 ----D---- I:\WINDOWS\temp
2010-05-16 21:16:32 ----A---- I:\WINDOWS\zip.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\SWXCACLS.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\SWSC.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\SWREG.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\sed.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\PEV.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\NIRCMD.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\MBR.exe
2010-05-16 21:16:32 ----A---- I:\WINDOWS\grep.exe
2010-05-13 23:44:51 ----A---- I:\WINDOWS\System32\Legalizator_2.exe
2010-05-09 21:09:20 ----D---- I:\PScanner Backup
2010-05-09 19:42:30 ----D---- I:\Program Files\Lark Anti-Spyware
2010-05-09 19:40:38 ----D---- I:\Documents and Settings\All Users\Data aplikací\IObit
2010-05-09 19:40:36 ----D---- I:\Program Files\IObit
2010-04-27 23:24:07 ----D---- I:\Program Files\Fake Webcam
2010-04-25 19:26:58 ----D---- I:\Documents and Settings\Radim\Data aplikací\Audacity
2010-04-25 19:26:42 ----D---- I:\Program Files\Audacity 1.3 Beta (Unicode)
2010-04-25 14:24:18 ----D---- I:\Casino

======List of files/folders modified in the last 1 months======

2010-05-20 20:05:41 ----RD---- I:\Program Files
2010-05-20 19:55:05 ----D---- I:\WINDOWS\System32\drivers
2010-05-20 19:54:31 ----D---- I:\Program Files\Mozilla Firefox
2010-05-20 19:52:42 ----D---- I:\WINDOWS\System32\CatRoot2
2010-05-20 19:43:39 ----D---- I:\WINDOWS
2010-05-20 19:43:39 ----A---- I:\WINDOWS\system.ini
2010-05-20 19:43:19 ----D---- I:\WINDOWS\ERDNT
2010-05-20 19:43:09 ----D---- I:\WINDOWS\Debug
2010-05-20 19:41:03 ----D---- I:\WINDOWS\system32
2010-05-20 19:38:31 ----D---- I:\WINDOWS\AppPatch
2010-05-20 19:38:30 ----D---- I:\Program Files\Common Files
2010-05-20 19:31:44 ----A---- I:\WINDOWS\SchedLgU.Txt
2010-05-19 22:07:49 ----D---- I:\WINDOWS\Prefetch
2010-05-19 21:08:05 ----D---- I:\WINDOWS\Internet Logs
2010-05-19 16:09:57 ----D---- I:\Program Files\Cheat Engine
2010-05-19 15:27:23 ----SHD---- I:\WINDOWS\Installer
2010-05-19 15:26:54 ----D---- I:\Program Files\Common Files\Wise Installation Wizard
2010-05-18 18:50:52 ----D---- I:\Documents and Settings\Radim\Data aplikací\ICQ
2010-05-18 17:24:34 ----D---- I:\Documents and Settings\Radim\Data aplikací\ZipGenius
2010-05-18 16:49:28 ----D---- I:\Program Files\Anacondas 3D Adventure Game
2010-05-18 16:48:34 ----D---- I:\WINDOWS\uninstall
2010-05-13 23:53:48 ----A---- I:\WINDOWS\NeroDigital.ini
2010-05-09 21:10:51 ----SD---- I:\WINDOWS\Downloaded Program Files
2010-05-06 22:59:36 ----A---- I:\WINDOWS\System32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; I:\WINDOWS\System32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswSP;aswSP; I:\WINDOWS\System32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; I:\WINDOWS\System32\drivers\aswTdi.sys [2010-05-06 46672]
R1 SASDIFSV;SASDIFSV; \??\I:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\I:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SSHDRV52;SSHDRV52; \??\I:\WINDOWS\System32\drivers\SSHDRV52.sys []
R2 aswMon2;avast! Standard Shield Support; I:\WINDOWS\System32\drivers\aswMon2.sys [2010-05-06 100432]
R2 atksgt;atksgt; I:\WINDOWS\System32\DRIVERS\atksgt.sys [2008-03-21 278728]
R2 Ethpdrv;Ethernet Packet Driver; I:\WINDOWS\System32\DRIVERS\ethpdrv.sys [2005-09-08 9728]
R2 lirsgt;lirsgt; I:\WINDOWS\System32\DRIVERS\lirsgt.sys [2008-03-21 25416]
R2 Nadim;NAD Proto Driver; I:\WINDOWS\System32\DRIVERS\nadim.sys [2008-11-08 18688]
R2 vsdatant;vsdatant; \??\I:\WINDOWS\System32\vsdatant.sys []
R3 aswRdr;aswRdr; I:\WINDOWS\System32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; I:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2008-06-03 3100160]
R3 catchme;catchme; \??\I:\hgjhgjhhg\catchme.sys []
R3 hamachi;Hamachi Network Interface; I:\WINDOWS\System32\DRIVERS\hamachi.sys [2007-11-21 25544]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; I:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; I:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;Ovladač standardního rozbočovače USB; I:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; I:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; I:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 ENTECH;ENTECH; \??\I:\WINDOWS\System32\DRIVERS\ENTECH.SYS []
S3 gdrv;gdrv; \??\I:\WINDOWS\gdrv.sys []
S3 GNDHV71;Genius VideoCAM Live V2; I:\WINDOWS\System32\DRIVERS\gndhv71.sys [2003-08-06 310084]
S3 HidUsb;Ovladač třídy standardu HID; I:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 ipw_bus;IPWireless; I:\WINDOWS\System32\DRIVERS\ipw_bus.sys [2005-09-27 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter; I:\WINDOWS\System32\DRIVERS\ipw_mdfl.sys [2005-09-27 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM); I:\WINDOWS\System32\DRIVERS\ipw_mdm.sys [2005-09-27 95440]
S3 mbr;mbr; \??\I:\DOCUME~1\Radim\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; I:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 RTL8169;Realtek 8169 NT Driver; I:\WINDOWS\System32\DRIVERS\Rtlh86.sys [2006-12-08 67072]
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; I:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 tap0901_2gm;VPN Anonymizer Adapter; I:\WINDOWS\System32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; I:\WINDOWS\System32\DRIVERS\usbccgp.sys [2002-08-29 28160]
S3 usbprint;Třída USB Printer; I:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 usbscan;Ovladač skeneru USB; I:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 WSTCODEC;World Standard Teletext Codec; I:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; I:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 Ati HotKey Poller;Ati HotKey Poller; I:\WINDOWS\System32\Ati2evxx.exe [2008-06-03 552960]
R2 avast! Antivirus;avast! Antivirus; I:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 ICQ Service;ICQ Service; I:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 MDM;Machine Debug Manager; I:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 UMWdf;Windows User Mode Driver Framework; I:\WINDOWS\System32\wdfmgr.exe [2004-08-11 38912]
R2 vsmon;TrueVector Internet Monitor; I:\WINDOWS\system32\ZoneLabs\vsmon.exe [2003-02-14 914744]
R3 avast! Mail Scanner;avast! Mail Scanner; I:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; I:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 ATI Smart;ATI Smart; I:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
S2 gupdate;Google Update Service (gupdate); I:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-15 135664]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; I:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usprserv;User Privilege Service; I:\WINDOWS\System32\svchost.exe [2001-10-25 12800]

-----------------EOF-----------------

[1danab]

můžete zkusit tyto dva odkazy
http://www.stahuj.centrum.cz/utility_a_ ... ownload/?g
http://www.sosej.cz/Download/Microsoft- ... nload.html

ten druhý sken Gmeru můžete zkusit ještě v nouzovém režimu, ale i tak si myslím, že se to nepovede

ještě tu chvilku budu, ale jsem unavená, takže kdybych neodpovídala, dořešíme to zítra

[radimk5]

vložil jsem úplně špatný log to je z toho jak si to furt přehazuju z pc do pc na flashce jak horký brambor, omlouvám se
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-20 22:58:10
Windows 5.1.2600 Service Pack 1
Running: gmer.exe; Driver: I:\DOCUME~1\Radim\LOCALS~1\Temp\kwpciuob.sys


---- System - GMER 1.0.15 ----

SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateKey [0xF75A92A8]
SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateValueKey [0xF75B4910]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xAEE6BAC6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xAEE6B8EA]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xAEE6BA24]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/ALWIL Software)
Device \FileSystem\Fastfat \Fat 86A6E5B8

AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs Inc.)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

[radimk5]

zkusím, každopádně díky za tu ochotu to se dneska cenní, navíc když to děláte zadarmo je to super

[1danab]

nemáte vůbec zač akorát si myslím, že se reinstalu nevyhneme

[radimk5]

no dnes stáhnu a o víkendu se na to vrhnu... jinak pěkný avatar ovečku Shauna mám přilepenou na zadním okně v autě

[1danab]

děkuji
když se podaří druhý log z Gmeru tak ho sem postněte a dejte vědět jestli se podařil nainstalovat sp
o víkendu bude víc času na dořešení

[radimk5]

\FileSystem\Cdfs - tady se to vždycky zastaví ok, tak ještě jednou děkuju a přeju dobrou noc

[1danab]

tak ještě poslední možnost co můžete zkusit

otevřete si poznámkový blok.
zkopírujte do něj následující text:

cd /d %SystemRoot%\system32
regsvr32 comcat.dll /s
regsvr32 shdoc401.dll /s
regsvr32 shdoc401.dll /i /s
regsvr32 asctrls.ocx /s
regsvr32 oleaut32.dll /s
regsvr32 shdocvw.dll /I /s
regsvr32 shdocvw.dll /s
regsvr32 browseui.dll /s
regsvr32 browseui.dll /I /s
regsvr32 msrating.dll /s
regsvr32 mlang.dll /s
regsvr32 hlink.dll /s
regsvr32 mshtmled.dll /s
regsvr32 urlmon.dll /s
regsvr32 plugin.ocx /s
regsvr32 sendmail.dll /s
regsvr32 scrobj.dll /s
regsvr32 mmefxe.ocx /s
regsvr32 corpol.dll /s
regsvr32 jscript.dll /s
regsvr32 msxml.dll /s
regsvr32 imgutil.dll /s
regsvr32 thumbvw.dll /s
regsvr32 cryptext.dll /s
regsvr32 rsabase.dll /s
regsvr32 inseng.dll /s
regsvr32 iesetup.dll /i /s
regsvr32 cryptdlg.dll /s
regsvr32 actxprxy.dll /s
regsvr32 dispex.dll /s
regsvr32 occache.dll /s
regsvr32 occache.dll /i /s
regsvr32 iepeers.dll /s
regsvr32 urlmon.dll /i /s
regsvr32 cdfview.dll /s
regsvr32 webcheck.dll /s
regsvr32 mobsync.dll /s
regsvr32 pngfilt.dll /s
regsvr32 licmgr10.dll /s
regsvr32 icmfilter.dll /s
regsvr32 hhctrl.ocx /s
regsvr32 inetcfg.d
ll /s
regsvr32 tdc.ocx /s
regsvr32 MSR2C.DLL /s
regsvr32 msident.dll /s
regsvr32 msieftp.dll /s
regsvr32 xmsconf.ocx /s
regsvr32 ils.dll /s
regsvr32 msoeacct.dll /s
regsvr32 inetcomm.dll /s
regsvr32 msdxm.ocx /s
regsvr32 dxmasf.dll /s
regsvr32 l3codecx.ax /s
regsvr32 acelpdec.ax /s
regsvr32 mpg4ds32.ax /s
regsvr32 voxmsdec.ax /s
regsvr32 danim.dll /s
regsvr32 Daxctle.ocx /s
regsvr32 lmrt.dll /s
regsvr32 datime.dll /s
regsvr32 dxtrans.dll /s
regsvr32 dxtmsft.dll /s
regsvr32 WEBPOST.DLL /s
regsvr32 WPWIZDLL.DLL /s
regsvr32 POSTWPP.DLL /s
regsvr32 CRSWPP.DLL /s
regsvr32 FTPWPP.DLL /s
regsvr32 FPWPP.DLL /s
regsvr32 WUAPI.DLL /s
regsvr32 WUAUENG.DLL /s
regsvr32 WUAUENG1.DLL /s
regsvr32 ATL.DLL /s
regsvr32 WUCLTUI.DLL /s
regsvr32 WUPS.DLL /s
regsvr32 WUPS2.DLL /s
regsvr32 WUWEB.DLL /s
regsvr32 wshom.ocx /s
regsvr32 wshext.dll /s
regsvr32 vbscript.dll /s
regsvr32 scrrun.dll mstinit.exe /setup /s
regsvr32 msnsspc.dll /SspcCreateSspiReg /s
regsvr32 msapsspc.dll /SspcCreateSspiReg /s
exit

uložte soubor jako IEreg.bat na plochu.
dvojklikem ho rozbalte.
(případně zde jsou další možnosti, je to v angličtině: http://www.helpwi
thwindows.com/WindowsXP/troub-08.html )