prosim o preventivu

[Jozefko]

prosim vas o preventivku ,lebo pri prezerani historie na FF stale mi ako posledne vyskoci okno suqqest_windov.html
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jozef at 2010-11-07 11:40:14
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 44 GB (56%) free of 79 GB
Total RAM: 958 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:40:48, on 7.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\VTTimer.exe
C:\Windows\System32\S3Trayp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Jozef\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Jozef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VModes] VModes AttachToDesktop
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 6194 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-07-09 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-07-09 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"VModes"=VModes AttachToDesktop []
"VTTimer"=C:\Windows\system32\VTTimer.exe [2006-09-21 53248]
"S3Trayp"=C:\Windows\system32\S3trayp.exe [2006-10-09 176128]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-04 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-05 15:46:41 ----D---- C:\Windows\Internet Logs
2010-11-05 06:27:02 ----D---- C:\Users\Jozef\AppData\Roaming\CheckPoint
2010-11-05 06:25:56 ----D---- C:\Program Files\Conduit
2010-11-05 06:25:35 ----D---- C:\Program Files\CheckPoint
2010-11-05 06:24:56 ----A---- C:\Windows\system32\drivers\netio.sys
2010-11-05 06:23:30 ----D---- C:\ProgramData\CheckPoint
2010-10-31 20:29:42 ----D---- C:\Users\Jozef\AppData\Roaming\Avira
2010-10-31 20:25:55 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2010-10-31 20:25:53 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-10-31 20:25:53 ----A---- C:\Windows\system32\drivers\avgntmgr.sys
2010-10-31 20:25:53 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-10-31 20:25:53 ----A---- C:\Windows\system32\drivers\avgntdd.sys
2010-10-31 20:25:51 ----D---- C:\ProgramData\Avira
2010-10-31 20:25:51 ----D---- C:\Program Files\Avira
2010-10-29 17:22:02 ----D---- C:\ProgramData\Google
2010-10-29 17:16:59 ----D---- C:\Program Files\Google
2010-10-28 21:18:40 ----RASH---- C:\MSDOS.SYS
2010-10-28 21:18:40 ----RASH---- C:\IO.SYS
2010-10-28 21:16:39 ----D---- C:\Program Files\[Ronakt][H33t]
2010-10-28 16:10:43 ----D---- C:\Program Files\Microsoft Works
2010-10-28 16:08:58 ----D---- C:\Program Files\Microsoft Visual Studio
2010-10-28 16:08:57 ----D---- C:\Program Files\Common Files\DESIGNER
2010-10-28 16:06:55 ----D---- C:\Windows\PCHEALTH
2010-10-28 15:58:13 ----D---- C:\Windows\SHELLNEW
2010-10-28 15:40:36 ----RHD---- C:\MSOCache
2010-10-27 19:01:48 ----HD---- C:\Windows\msdownld.tmp
2010-10-27 19:01:42 ----D---- C:\Windows\system32\directx
2010-10-27 18:50:14 ----D---- C:\Program Files\Namco
2010-10-27 18:05:25 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 18:05:18 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-27 18:05:16 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3ovrlay.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3Info2.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3gIGP.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\s3gcil_inv.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3Cfg3d.dll
2010-10-21 05:32:41 ----A---- C:\Windows\system32\VTTimer.exe
2010-10-21 05:32:41 ----A---- C:\Windows\system32\s3gIGPgl.dll
2010-10-21 05:32:41 ----A---- C:\Windows\system32\S3Disply.dll
2010-10-21 05:32:40 ----A---- C:\Windows\system32\VModes.exe
2010-10-21 05:32:40 ----A---- C:\Windows\system32\S3Trayp.exe
2010-10-21 05:32:40 ----A---- C:\Windows\system32\S3Gamma2.dll
2010-10-21 05:32:40 ----A---- C:\Windows\system32\drivers\S3gIGPm.sys
2010-10-21 05:31:28 ----D---- C:\Program Files\S3
2010-10-21 05:31:21 ----D---- C:\Program Files\Common Files\InstallShield
2010-10-19 21:02:32 ----D---- C:\Program Files\Mojzík
2010-10-19 20:58:19 ----D---- C:\Program Files\mechanikivan
2010-10-17 12:51:48 ----D---- C:\Program Files\On Hand Software
2010-10-13 17:37:23 ----A---- C:\Windows\system32\t2embed.dll
2010-10-13 17:37:19 ----A---- C:\Windows\system32\msshsq.dll
2010-10-13 17:37:14 ----A---- C:\Windows\system32\win32k.sys
2010-10-13 17:36:55 ----A---- C:\Windows\system32\mshtml.dll
2010-10-13 17:36:39 ----A---- C:\Windows\system32\ieframe.dll
2010-10-13 17:36:35 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-13 17:36:35 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-13 17:36:32 ----A---- C:\Windows\system32\urlmon.dll
2010-10-13 17:36:31 ----A---- C:\Windows\system32\wininet.dll
2010-10-13 17:36:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-13 17:36:28 ----A---- C:\Windows\system32\mstime.dll
2010-10-13 17:36:27 ----A---- C:\Windows\system32\iertutil.dll
2010-10-13 17:36:25 ----A---- C:\Windows\system32\occache.dll
2010-10-13 17:36:25 ----A---- C:\Windows\system32\ieui.dll
2010-10-13 17:36:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iesetup.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iernonce.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iepeers.dll
2010-10-13 17:36:23 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-13 17:36:23 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-13 17:36:23 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-13 17:36:16 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-13 17:36:06 ----A---- C:\Windows\system32\comctl32.dll
2010-10-13 17:35:58 ----A---- C:\Windows\system32\mfc40.dll
2010-10-13 17:35:55 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-13 17:34:58 ----A---- C:\Windows\system32\wmp.dll
2010-10-13 17:34:54 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-13 17:34:29 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-13 17:34:29 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-13 17:34:28 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-13 17:34:28 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-13 17:34:27 ----A---- C:\Windows\system32\netevent.dll
2010-10-13 17:34:17 ----A---- C:\Windows\system32\ole32.dll
2010-10-13 17:34:14 ----A---- C:\Windows\system32\schannel.dll
2010-10-09 18:43:39 ----D---- C:\Program Files\Common Files\Adobe

======List of files/folders modified in the last 1 months======

2010-11-07 11:40:36 ----D---- C:\Windows\Temp
2010-11-07 11:40:26 ----D---- C:\Windows\Prefetch
2010-11-07 11:40:16 ----D---- C:\Program Files\trend micro
2010-11-07 11:04:31 ----D---- C:\Windows\System32
2010-11-07 11:04:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-07 11:04:30 ----D---- C:\Windows\inf
2010-11-07 08:29:07 ----SHD---- C:\System Volume Information
2010-11-06 22:38:21 ----D---- C:\Users\Jozef\AppData\Roaming\uTorrent
2010-11-06 22:01:12 ----D---- C:\Users\Jozef\AppData\Roaming\ICQ
2010-11-06 06:34:37 ----D---- C:\Windows
2010-11-05 15:46:42 ----HD---- C:\ProgramData
2010-11-05 15:45:09 ----RD---- C:\Program Files
2010-11-05 15:44:04 ----D---- C:\Windows\system32\drivers
2010-11-05 15:44:03 ----D---- C:\Windows\system32\catroot
2010-11-05 06:25:15 ----D---- C:\Windows\winsxs
2010-11-05 06:25:09 ----D---- C:\Windows\system32\catroot2
2010-11-04 14:40:36 ----D---- C:\Users\Jozef\AppData\Roaming\Vso
2010-11-01 18:52:41 ----D---- C:\Users\Jozef\AppData\Roaming\vlc
2010-10-31 20:24:07 ----SHD---- C:\Windows\Installer
2010-10-31 20:24:07 ----SHD---- C:\Config.Msi
2010-10-31 20:20:57 ----D---- C:\ProgramData\ESET
2010-10-31 19:57:43 ----D---- C:\Program Files\ICQ7.2
2010-10-30 16:15:42 ----D---- C:\Program Files\Mozilla Firefox
2010-10-29 17:22:02 ----D---- C:\Windows\Tasks
2010-10-29 17:19:34 ----D---- C:\Program Files\CCleaner
2010-10-29 17:17:17 ----D---- C:\Windows\system32\Tasks
2010-10-28 19:12:21 ----D---- C:\ProgramData\Microsoft Help
2010-10-28 19:08:04 ----RSD---- C:\Windows\assembly
2010-10-28 17:46:58 ----A---- C:\Windows\win.ini
2010-10-28 17:44:49 ----SD---- C:\Users\Jozef\AppData\Roaming\Microsoft
2010-10-28 17:07:55 ----RSD---- C:\Windows\Fonts
2010-10-28 17:07:46 ----D---- C:\Program Files\Common Files\microsoft shared
2010-10-28 16:10:07 ----D---- C:\Program Files\MSBuild
2010-10-28 16:09:36 ----D---- C:\Program Files\Microsoft Office
2010-10-28 16:08:57 ----D---- C:\Program Files\Common Files
2010-10-28 16:06:55 ----SD---- C:\ProgramData\Microsoft
2010-10-28 16:06:55 ----D---- C:\Program Files\Microsoft.NET
2010-10-28 05:07:55 ----D---- C:\Program Files\Mozilla Thunderbird
2010-10-27 19:01:42 ----D---- C:\Windows\Logs
2010-10-27 18:10:08 ----D---- C:\Windows\AppPatch
2010-10-26 09:55:59 ----D---- C:\Program Files\MumboJumbo
2010-10-21 09:15:25 ----D---- C:\Windows\system32\WDI
2010-10-21 06:49:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-21 05:51:56 ----D---- C:\ProgramData\FarmFrenzy2
2010-10-21 05:51:08 ----D---- C:\Program Files\Farm Frenzy 2
2010-10-21 05:51:06 ----D---- C:\Windows\Farm Frenzy 2
2010-10-21 05:34:20 ----D---- C:\Windows\Help
2010-10-19 14:36:56 ----D---- C:\Windows\Minidump
2010-10-19 14:36:56 ----D---- C:\Windows\Debug
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-13 18:25:55 ----D---- C:\Windows\rescache
2010-10-13 18:07:36 ----D---- C:\Windows\system32\cs-CZ
2010-10-13 18:07:36 ----D---- C:\Program Files\Windows Media Player
2010-10-13 18:07:34 ----D---- C:\Windows\system32\migration
2010-10-13 18:07:34 ----D---- C:\Program Files\Internet Explorer
2010-10-13 17:41:32 ----A---- C:\Windows\system32\mrt.exe
2010-10-09 18:43:49 ----D---- C:\ProgramData\Adobe
2010-10-09 18:43:38 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-11 691696]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-11-04 126856]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-11-04 60936]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-07-09 47360]
R3 S3GIGP;S3GIGP; C:\Windows\system32\DRIVERS\S3gIGPm.sys [2006-11-10 634880]
S3 ako64vm9;ako64vm9; C:\Windows\system32\drivers\ako64vm9.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-11-04 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-11-04 135336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
mbam"
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5065

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

7.11.2010 12:46:30
mbam-log-2010-11-07 (12-46-30).txt

Typ skenu: Rychlý sken
Skenované objekty: 139464
Uplynulý čas: 7 minuta(y), 1 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 6

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Program Files\C4COM.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\CAGENT.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\CDV32.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\cnxfdg1en.dll (Spyware.OnlineGames) -> No action taken.
C:\Program Files\OGGC.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\ZLIB.DLL (Spyware.OnlineGames) -> No action taken.

[motji]

Dobré ranko

V mbamu vše smažte.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[Jozefko]

Dobré ranko

V mbamu vše smažte.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 10-11-07.A2 - Jozef 08.11.2010 20:47:10.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.958.401 [GMT 1:00]
Spuštěný z: c:\users\Jozef\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db
c:\users\Jozef\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-08 do 2010-11-08 )))))))))))))))))))))))))))))))
.

2010-11-08 20:01 . 2010-11-08 20:01 -------- d-----w- c:\users\Jozef\AppData\Local\temp
2010-11-08 20:01 . 2010-11-08 20:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-07 21:09 . 2010-11-07 21:09 -------- d-----w- c:\program files\Games
2010-11-07 20:29 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-11-07 20:29 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-11-07 20:29 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-11-07 20:29 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-11-07 20:29 . 2010-09-07 15:47 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-11-07 20:28 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-11-07 20:28 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-11-07 20:28 . 2010-11-07 20:28 -------- d-----w- c:\programdata\Alwil Software
2010-11-07 20:28 . 2010-11-07 20:28 -------- d-----w- c:\program files\Alwil Software
2010-11-07 11:38 . 2010-11-07 11:38 -------- d-----w- c:\users\Jozef\AppData\Roaming\Malwarebytes
2010-11-07 11:38 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-07 11:38 . 2010-11-07 11:38 -------- d-----w- c:\programdata\Malwarebytes
2010-11-07 11:38 . 2010-11-07 11:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-07 11:38 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-06 05:39 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0746748F-3B3A-4A20-92CF-C0278C08B8A0}\mpengine.dll
2010-11-05 14:46 . 2010-11-05 14:46 -------- d-----w- c:\windows\Internet Logs
2010-11-05 05:27 . 2010-11-05 05:27 -------- d-----w- c:\users\Jozef\AppData\Roaming\CheckPoint
2010-11-05 05:25 . 2010-11-05 05:25 -------- d-----w- c:\program files\Conduit
2010-11-05 05:25 . 2010-11-05 05:25 -------- d-----w- c:\program files\CheckPoint
2010-11-05 05:24 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2010-11-05 05:23 . 2010-11-05 05:23 -------- d-----w- c:\programdata\CheckPoint
2010-10-29 16:16 . 2010-11-05 06:26 -------- d-----w- c:\users\Jozef\AppData\Local\Google
2010-10-29 16:16 . 2010-10-29 16:22 -------- d-----w- c:\program files\Google
2010-10-28 20:18 . 2010-10-28 20:18 -------- d-----w- c:\users\Jozef\AppData\Local\Oberon Games
2010-10-28 20:16 . 2010-10-28 20:16 -------- d-----w- c:\program files\[Ronakt][H33t]
2010-10-28 15:10 . 2010-10-28 16:07 -------- d-----w- c:\program files\Microsoft Works
2010-10-28 15:06 . 2010-10-28 15:06 -------- d-----w- c:\windows\PCHEALTH
2010-10-28 14:58 . 2010-10-28 15:08 -------- d-----w- c:\windows\SHELLNEW
2010-10-28 14:40 . 2010-10-28 14:40 -------- d-----r- C:\MSOCache
2010-10-27 18:01 . 2010-10-27 18:02 -------- d--h--w- c:\windows\msdownld.tmp
2010-10-27 17:50 . 2010-10-27 17:50 -------- d-----w- c:\program files\Namco
2010-10-27 17:05 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 17:05 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-27 17:05 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-21 16:53 . 2010-10-21 16:53 -------- d-----w- c:\users\Jozef\AppData\Local\Brain Games Mahjongg Files
2010-10-21 04:32 . 2006-11-10 02:16 852480 ----a-w- c:\windows\system32\S3gIGP.dll
2010-10-21 04:32 . 2006-11-10 02:11 2706432 ----a-w- c:\windows\system32\s3gcil_inv.dll
2010-10-21 04:32 . 2006-11-09 07:29 327680 ----a-w- c:\windows\system32\S3Info2.dll
2010-10-21 04:32 . 2006-11-06 19:44 421888 ----a-w- c:\windows\system32\S3Cfg3d.dll
2010-10-21 04:32 . 2006-10-09 22:46 528384 ----a-w- c:\windows\system32\S3ovrlay.dll
2010-10-21 04:32 . 2006-11-10 02:21 4572672 ----a-w- c:\windows\system32\s3gIGPgl.dll
2010-10-21 04:32 . 2006-11-06 21:33 651264 ----a-w- c:\windows\system32\S3Disply.dll
2010-10-21 04:32 . 2006-09-21 08:36 53248 ----a-w- c:\windows\system32\VTTimer.exe
2010-10-21 04:32 . 2006-11-10 02:06 634880 ----a-w- c:\windows\system32\drivers\S3gIGPm.sys
2010-10-21 04:32 . 2006-10-09 21:14 176128 ----a-w- c:\windows\system32\S3Trayp.exe
2010-10-21 04:32 . 2006-06-22 09:05 462848 ----a-w- c:\windows\system32\S3Gamma2.dll
2010-10-21 04:32 . 2005-11-01 02:35 28672 ----a-w- c:\windows\system32\VModes.exe
2010-10-21 04:31 . 2010-10-21 04:34 -------- d-----w- c:\program files\S3
2010-10-21 04:31 . 2010-10-21 04:31 -------- d-----w- c:\program files\Common Files\InstallShield
2010-10-19 20:02 . 2010-10-19 20:02 -------- d-----w- c:\program files\Mojzík
2010-10-19 19:58 . 2010-10-19 19:58 -------- d-----w- c:\program files\mechanikivan
2010-10-17 11:51 . 2010-10-21 16:55 -------- d-----w- c:\program files\On Hand Software
2010-10-13 16:37 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-13 16:37 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-13 16:37 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-13 16:35 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-13 16:35 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-13 16:34 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-13 16:34 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-13 16:34 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-13 16:34 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-13 16:34 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-13 16:34 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-13 16:34 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-13 16:34 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-13 16:34 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-13 16:34 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2010-07-09 14:58 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-14 08:00 . 2010-09-28 12:33 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-26 16:33 . 2010-10-27 17:05 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 17:05 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-27 17:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-27 17:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-17 14:11 . 2010-09-14 19:59 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-09 17:45 . 2010-07-09 17:44 2142208 ----a-w- c:\program files\TRNCOM.DLL
2010-07-09 17:44 . 2010-07-09 17:44 503808 ----a-w- c:\program files\WEBIES.DLL
2010-07-09 17:44 . 2010-07-09 17:44 503808 ----a-w- c:\program files\WEBIES.DL_
2010-07-09 17:44 . 2010-07-09 17:44 26624 ----a-w- c:\program files\OETRNS.EX_
2010-07-09 17:44 . 2010-07-09 17:44 2142208 ----a-w- c:\program files\TRNCOM.DL_
2010-07-09 17:44 . 2010-07-09 17:44 98304 ----a-w- c:\program files\MAILTRANs.DLL
2010-07-09 17:44 . 2010-07-09 17:44 98304 ----a-w- c:\program files\MAILTRANg.DLL
2010-07-09 17:44 . 2010-07-09 17:44 98304 ----a-w- c:\program files\MAILTRANa.DLL
2010-07-09 17:44 . 2010-07-09 17:44 348160 ----a-w- c:\program files\MSVCR71.DLL
2010-07-09 17:44 . 2010-07-09 17:44 73728 ----a-w- c:\program files\WDCTM32g.DLL
2010-07-09 17:44 . 2010-07-09 17:44 65536 ----a-w- c:\program files\WDCTM32s.DLL
2010-07-09 17:44 . 2010-07-09 17:44 65536 ----a-w- c:\program files\WDCTM32a.DLL
2010-07-09 17:44 . 2010-07-09 17:44 471040 ----a-w- c:\program files\TRNConfig.exe
2010-07-09 17:44 . 2010-07-09 17:44 843776 ----a-w- c:\program files\WDICT32s.DLL
2010-07-09 17:44 . 2010-07-09 17:44 843776 ----a-w- c:\program files\WDICT32g.DLL
2010-07-09 17:44 . 2010-07-09 17:44 843776 ----a-w- c:\program files\WDICT32a.DLL
2010-07-09 17:44 . 2010-07-09 17:44 917504 ----a-w- c:\program files\WTRAN32g.DLL
2010-07-09 17:44 . 2010-07-09 17:44 40960 ----a-w- c:\program files\TRNConfigs.DLL
2010-07-09 17:44 . 2010-07-09 17:44 40960 ----a-w- c:\program files\TRNConfigg.DLL
2010-07-09 17:44 . 2010-07-09 17:44 913408 ----a-w- c:\program files\WTRAN32s.DLL
2010-07-09 17:44 . 2010-07-09 17:44 901120 ----a-w- c:\program files\WTRAN32a.DLL
2010-07-09 17:44 . 2010-07-09 17:44 36864 ----a-w- c:\program files\TRNConfigA.DLL
2010-07-09 17:44 . 2010-07-09 17:44 548864 ----a-w- c:\program files\WEN.DLL
2010-07-09 17:44 . 2010-07-09 17:44 548864 ----a-w- c:\program files\C4DLL323.DLL
2010-07-09 17:44 . 2010-07-09 17:44 28672 ----a-w- c:\program files\WWWHOOK.DLL
2010-07-09 17:44 . 2010-07-09 17:44 581632 ----a-w- c:\program files\MAILTRAN.EXE
2010-07-09 17:44 . 2010-07-09 17:44 246424 ----a-w- c:\program files\UNICOWS.DLL
2010-07-09 17:44 . 2010-07-09 17:44 471040 ----a-w- c:\program files\SETUPWEB.EXE
2010-07-09 17:44 . 2010-07-09 17:44 225280 ----a-w- c:\program files\POLSPELL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 155648 ----a-w- c:\program files\AutoCorrectDLL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 45056 ----a-w- c:\program files\TRNOEH.DL_
2010-07-09 17:44 . 2010-07-09 17:44 200704 ----a-w- c:\program files\TRNOETS.DL_
2010-07-09 17:44 . 2010-07-09 17:44 69632 ----a-w- c:\program files\ATL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 356352 ----a-w- c:\program files\TRNOUTLS.DL_
2010-07-09 17:44 . 2010-07-09 17:44 299008 ----a-w- c:\program files\TRNWORDS.DL_
2010-07-09 17:44 . 2010-07-09 17:44 249856 ----a-w- c:\program files\CLIPDLL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 528384 ----a-w- c:\program files\TRNIKONY.EXE
2010-07-09 17:44 . 2010-07-09 17:44 1060864 ----a-w- c:\program files\MFC71.DLL
2010-07-09 17:44 . 2010-07-09 17:44 62464 ----a-w- c:\program files\WRITE32.WPC
2010-07-09 17:44 . 2010-07-09 17:44 174352 ----a-w- c:\program files\RICHED32.DLL
2010-07-09 17:44 . 2010-07-09 17:44 244736 ----a-w- c:\program files\C4DLL320.DLL
2010-07-09 17:44 . 2010-07-09 17:44 164352 ----a-w- c:\program files\MSWD6_32.WPC
2010-07-09 17:44 . 2010-07-09 17:44 563200 ----a-w- c:\program files\WTRDCTM.EXE
2010-07-09 17:44 . 2010-07-09 17:44 3690496 ----a-w- c:\program files\WTRAN32.EXE
2010-07-09 17:44 . 2010-07-09 17:44 2568192 ----a-w- c:\program files\WDICT32.EXE
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VModes"="VModes AttachToDesktop" [X]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"VTTimer"="VTTimer.exe" [2006-09-21 53248]
"S3Trayp"="S3trayp.exe" [2006-10-09 176128]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-11 691696]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\3ogzz0vg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.pravda.sk/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - component: c:\users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\3ogzz0vg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-OEXPRESS - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-08 21:01
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-11-08 21:06:49
ComboFix-quarantined-files.txt 2010-11-08 20:06

Před spuštěním: Volných bajtů: 44 375 928 832
Po spuštění: Volných bajtů: 44 320 595 968

- - End Of File - - A7178D5C2AC117FBDC2900F4B08786BC

[motji]

Tuto složku znáte?
c:\program files\[Ronakt][H33t]

[Jozefko]

Tuto složku znáte?
c:\program files\[Ronakt][H33t]

ano stahoval som jednu cracnutu hru pre dievcata a on bol akoze clovek co ju crackol cez torrent

[motji]

A pak se divíte, že máte v pc viry, když stahujete cracky. Smažte to.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VModes"=-

DDS::
uStart Page = hxxp://start.icq.com/

Firefox::
FF - ProfilePath - c:\users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\3ogzz0vg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[Jozefko]

ComboFix 10-11-07.A2 - Jozef 08.11.2010 22:15:45.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.958.511 [GMT 1:00]
Spuštěný z: c:\users\Jozef\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jozef\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-10-08 do 2010-11-08 )))))))))))))))))))))))))))))))
.

2010-11-08 21:28 . 2010-11-08 21:28 -------- d-----w- c:\users\Jozef\AppData\Local\temp
2010-11-08 21:28 . 2010-11-08 21:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-07 21:09 . 2010-11-07 21:09 -------- d-----w- c:\program files\Games
2010-11-07 20:29 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-11-07 20:29 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-11-07 20:29 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-11-07 20:29 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-11-07 20:29 . 2010-09-07 15:47 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-11-07 20:28 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-11-07 20:28 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-11-07 20:28 . 2010-11-07 20:28 -------- d-----w- c:\programdata\Alwil Software
2010-11-07 20:28 . 2010-11-07 20:28 -------- d-----w- c:\program files\Alwil Software
2010-11-07 11:38 . 2010-11-07 11:38 -------- d-----w- c:\users\Jozef\AppData\Roaming\Malwarebytes
2010-11-07 11:38 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-07 11:38 . 2010-11-07 11:38 -------- d-----w- c:\programdata\Malwarebytes
2010-11-07 11:38 . 2010-11-07 11:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-07 11:38 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-06 05:39 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0746748F-3B3A-4A20-92CF-C0278C08B8A0}\mpengine.dll
2010-11-05 14:46 . 2010-11-05 14:46 -------- d-----w- c:\windows\Internet Logs
2010-11-05 05:27 . 2010-11-05 05:27 -------- d-----w- c:\users\Jozef\AppData\Roaming\CheckPoint
2010-11-05 05:25 . 2010-11-05 05:25 -------- d-----w- c:\program files\Conduit
2010-11-05 05:25 . 2010-11-05 05:25 -------- d-----w- c:\program files\CheckPoint
2010-11-05 05:24 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2010-11-05 05:23 . 2010-11-05 05:23 -------- d-----w- c:\programdata\CheckPoint
2010-10-29 16:16 . 2010-11-05 06:26 -------- d-----w- c:\users\Jozef\AppData\Local\Google
2010-10-29 16:16 . 2010-10-29 16:22 -------- d-----w- c:\program files\Google
2010-10-28 20:18 . 2010-10-28 20:18 -------- d-----w- c:\users\Jozef\AppData\Local\Oberon Games
2010-10-28 20:16 . 2010-10-28 20:16 -------- d-----w- c:\program files\[Ronakt][H33t]
2010-10-28 15:10 . 2010-10-28 16:07 -------- d-----w- c:\program files\Microsoft Works
2010-10-28 15:06 . 2010-10-28 15:06 -------- d-----w- c:\windows\PCHEALTH
2010-10-28 14:58 . 2010-10-28 15:08 -------- d-----w- c:\windows\SHELLNEW
2010-10-28 14:40 . 2010-10-28 14:40 -------- d-----r- C:\MSOCache
2010-10-27 18:01 . 2010-10-27 18:02 -------- d--h--w- c:\windows\msdownld.tmp
2010-10-27 17:50 . 2010-10-27 17:50 -------- d-----w- c:\program files\Namco
2010-10-27 17:05 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 17:05 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-27 17:05 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-21 16:53 . 2010-10-21 16:53 -------- d-----w- c:\users\Jozef\AppData\Local\Brain Games Mahjongg Files
2010-10-21 04:32 . 2006-11-10 02:16 852480 ----a-w- c:\windows\system32\S3gIGP.dll
2010-10-21 04:32 . 2006-11-10 02:11 2706432 ----a-w- c:\windows\system32\s3gcil_inv.dll
2010-10-21 04:32 . 2006-11-09 07:29 327680 ----a-w- c:\windows\system32\S3Info2.dll
2010-10-21 04:32 . 2006-11-06 19:44 421888 ----a-w- c:\windows\system32\S3Cfg3d.dll
2010-10-21 04:32 . 2006-10-09 22:46 528384 ----a-w- c:\windows\system32\S3ovrlay.dll
2010-10-21 04:32 . 2006-11-10 02:21 4572672 ----a-w- c:\windows\system32\s3gIGPgl.dll
2010-10-21 04:32 . 2006-11-06 21:33 651264 ----a-w- c:\windows\system32\S3Disply.dll
2010-10-21 04:32 . 2006-09-21 08:36 53248 ----a-w- c:\windows\system32\VTTimer.exe
2010-10-21 04:32 . 2006-11-10 02:06 634880 ----a-w- c:\windows\system32\drivers\S3gIGPm.sys
2010-10-21 04:32 . 2006-10-09 21:14 176128 ----a-w- c:\windows\system32\S3Trayp.exe
2010-10-21 04:32 . 2006-06-22 09:05 462848 ----a-w- c:\windows\system32\S3Gamma2.dll
2010-10-21 04:32 . 2005-11-01 02:35 28672 ----a-w- c:\windows\system32\VModes.exe
2010-10-21 04:31 . 2010-10-21 04:34 -------- d-----w- c:\program files\S3
2010-10-21 04:31 . 2010-10-21 04:31 -------- d-----w- c:\program files\Common Files\InstallShield
2010-10-19 20:02 . 2010-10-19 20:02 -------- d-----w- c:\program files\Mojzík
2010-10-19 19:58 . 2010-10-19 19:58 -------- d-----w- c:\program files\mechanikivan
2010-10-17 11:51 . 2010-10-21 16:55 -------- d-----w- c:\program files\On Hand Software
2010-10-13 16:37 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-13 16:37 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-13 16:37 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-13 16:35 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-13 16:35 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-13 16:34 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-13 16:34 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-13 16:34 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-13 16:34 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-13 16:34 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-13 16:34 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-13 16:34 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-13 16:34 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-13 16:34 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-13 16:34 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2010-07-09 14:58 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-14 08:00 . 2010-09-28 12:33 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-26 16:33 . 2010-10-27 17:05 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 17:05 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-27 17:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-27 17:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-17 14:11 . 2010-09-14 19:59 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-09 17:45 . 2010-07-09 17:44 2142208 ----a-w- c:\program files\TRNCOM.DLL
2010-07-09 17:44 . 2010-07-09 17:44 503808 ----a-w- c:\program files\WEBIES.DLL
2010-07-09 17:44 . 2010-07-09 17:44 503808 ----a-w- c:\program files\WEBIES.DL_
2010-07-09 17:44 . 2010-07-09 17:44 26624 ----a-w- c:\program files\OETRNS.EX_
2010-07-09 17:44 . 2010-07-09 17:44 2142208 ----a-w- c:\program files\TRNCOM.DL_
2010-07-09 17:44 . 2010-07-09 17:44 98304 ----a-w- c:\program files\MAILTRANs.DLL
2010-07-09 17:44 . 2010-07-09 17:44 98304 ----a-w- c:\program files\MAILTRANg.DLL
2010-07-09 17:44 . 2010-07-09 17:44 98304 ----a-w- c:\program files\MAILTRANa.DLL
2010-07-09 17:44 . 2010-07-09 17:44 348160 ----a-w- c:\program files\MSVCR71.DLL
2010-07-09 17:44 . 2010-07-09 17:44 73728 ----a-w- c:\program files\WDCTM32g.DLL
2010-07-09 17:44 . 2010-07-09 17:44 65536 ----a-w- c:\program files\WDCTM32s.DLL
2010-07-09 17:44 . 2010-07-09 17:44 65536 ----a-w- c:\program files\WDCTM32a.DLL
2010-07-09 17:44 . 2010-07-09 17:44 471040 ----a-w- c:\program files\TRNConfig.exe
2010-07-09 17:44 . 2010-07-09 17:44 843776 ----a-w- c:\program files\WDICT32s.DLL
2010-07-09 17:44 . 2010-07-09 17:44 843776 ----a-w- c:\program files\WDICT32g.DLL
2010-07-09 17:44 . 2010-07-09 17:44 843776 ----a-w- c:\program files\WDICT32a.DLL
2010-07-09 17:44 . 2010-07-09 17:44 917504 ----a-w- c:\program files\WTRAN32g.DLL
2010-07-09 17:44 . 2010-07-09 17:44 40960 ----a-w- c:\program files\TRNConfigs.DLL
2010-07-09 17:44 . 2010-07-09 17:44 40960 ----a-w- c:\program files\TRNConfigg.DLL
2010-07-09 17:44 . 2010-07-09 17:44 913408 ----a-w- c:\program files\WTRAN32s.DLL
2010-07-09 17:44 . 2010-07-09 17:44 901120 ----a-w- c:\program files\WTRAN32a.DLL
2010-07-09 17:44 . 2010-07-09 17:44 36864 ----a-w- c:\program files\TRNConfigA.DLL
2010-07-09 17:44 . 2010-07-09 17:44 548864 ----a-w- c:\program files\WEN.DLL
2010-07-09 17:44 . 2010-07-09 17:44 548864 ----a-w- c:\program files\C4DLL323.DLL
2010-07-09 17:44 . 2010-07-09 17:44 28672 ----a-w- c:\program files\WWWHOOK.DLL
2010-07-09 17:44 . 2010-07-09 17:44 581632 ----a-w- c:\program files\MAILTRAN.EXE
2010-07-09 17:44 . 2010-07-09 17:44 246424 ----a-w- c:\program files\UNICOWS.DLL
2010-07-09 17:44 . 2010-07-09 17:44 471040 ----a-w- c:\program files\SETUPWEB.EXE
2010-07-09 17:44 . 2010-07-09 17:44 225280 ----a-w- c:\program files\POLSPELL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 155648 ----a-w- c:\program files\AutoCorrectDLL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 45056 ----a-w- c:\program files\TRNOEH.DL_
2010-07-09 17:44 . 2010-07-09 17:44 200704 ----a-w- c:\program files\TRNOETS.DL_
2010-07-09 17:44 . 2010-07-09 17:44 69632 ----a-w- c:\program files\ATL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 356352 ----a-w- c:\program files\TRNOUTLS.DL_
2010-07-09 17:44 . 2010-07-09 17:44 299008 ----a-w- c:\program files\TRNWORDS.DL_
2010-07-09 17:44 . 2010-07-09 17:44 249856 ----a-w- c:\program files\CLIPDLL.DLL
2010-07-09 17:44 . 2010-07-09 17:44 528384 ----a-w- c:\program files\TRNIKONY.EXE
2010-07-09 17:44 . 2010-07-09 17:44 1060864 ----a-w- c:\program files\MFC71.DLL
2010-07-09 17:44 . 2010-07-09 17:44 62464 ----a-w- c:\program files\WRITE32.WPC
2010-07-09 17:44 . 2010-07-09 17:44 174352 ----a-w- c:\program files\RICHED32.DLL
2010-07-09 17:44 . 2010-07-09 17:44 244736 ----a-w- c:\program files\C4DLL320.DLL
2010-07-09 17:44 . 2010-07-09 17:44 164352 ----a-w- c:\program files\MSWD6_32.WPC
2010-07-09 17:44 . 2010-07-09 17:44 563200 ----a-w- c:\program files\WTRDCTM.EXE
2010-07-09 17:44 . 2010-07-09 17:44 3690496 ----a-w- c:\program files\WTRAN32.EXE
2010-07-09 17:44 . 2010-07-09 17:44 2568192 ----a-w- c:\program files\WDICT32.EXE
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"VTTimer"="VTTimer.exe" [2006-09-21 53248]
"S3Trayp"="S3trayp.exe" [2006-10-09 176128]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-11 691696]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\3ogzz0vg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.pravda.sk/
FF - component: c:\users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\3ogzz0vg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-08 22:28
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-11-08 22:33:52
ComboFix-quarantined-files.txt 2010-11-08 21:33
ComboFix2.txt 2010-11-08 20:06

Před spuštěním: Volných bajtů: 44 272 664 576
Po spuštění: Volných bajtů: 44 251 516 928

- - End Of File - - DAF15F59AE9AED7C82EE0E050E3D9610

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[Jozefko]

ked som znova prezrel historiu v mozille tak ako 1 znova bolo suqqest.window.html ,ked som na to klikol tak sa vyskocilo file:///C:/Users/Jozef/AppData/Roaming/Mozilla/Firefox/Profiles/3ogzz0vg.default/GoogleToolbarData/components/suggest_window.html
zmena ta historia uz neplati lebo po dalsom spusteni mozilly mi vyskocila hlaska ohladom google tolbaru na ktoru som reagoval odinstal arestart a potom som zistil ze uz nevyskakuje v historii to suqqest.window. vyzera ze je vsetko v poriadku prikladam RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jozef at 2010-11-09 13:28:22
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 43 GB (55%) free of 79 GB
Total RAM: 958 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:49, on 9.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\System32\VTTimer.exe
C:\Windows\System32\S3Trayp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jozef\Downloads\RSIT.exe
C:\Program Files\trend micro\Jozef.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 5525 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-07-09 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-07-09 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"VTTimer"=C:\Windows\system32\VTTimer.exe [2006-09-21 53248]
"S3Trayp"=C:\Windows\system32\S3trayp.exe [2006-10-09 176128]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-11-09 13:28:22 ----D---- C:\rsit
2010-11-08 22:33:19 ----SHD---- C:\$RECYCLE.BIN
2010-11-08 20:45:06 ----D---- C:\Windows\ERDNT
2010-11-07 22:09:50 ----D---- C:\Program Files\Games
2010-11-07 21:29:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-11-07 21:29:25 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-11-07 21:29:23 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-11-07 21:29:21 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-11-07 21:29:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-11-07 21:28:47 ----A---- C:\Windows\system32\aswBoot.exe
2010-11-07 21:28:32 ----D---- C:\ProgramData\Alwil Software
2010-11-07 21:28:32 ----D---- C:\Program Files\Alwil Software
2010-11-07 12:38:27 ----D---- C:\Users\Jozef\AppData\Roaming\Malwarebytes
2010-11-07 12:38:15 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-11-07 12:38:13 ----D---- C:\ProgramData\Malwarebytes
2010-11-07 12:38:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-07 12:38:12 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-11-05 15:46:41 ----D---- C:\Windows\Internet Logs
2010-11-05 06:27:02 ----D---- C:\Users\Jozef\AppData\Roaming\CheckPoint
2010-11-05 06:25:56 ----D---- C:\Program Files\Conduit
2010-11-05 06:25:35 ----D---- C:\Program Files\CheckPoint
2010-11-05 06:24:56 ----A---- C:\Windows\system32\drivers\netio.sys
2010-11-05 06:23:30 ----D---- C:\ProgramData\CheckPoint
2010-10-29 17:22:02 ----D---- C:\ProgramData\Google
2010-10-29 17:16:59 ----D---- C:\Program Files\Google
2010-10-28 21:18:40 ----RASH---- C:\MSDOS.SYS
2010-10-28 21:18:40 ----RASH---- C:\IO.SYS
2010-10-28 16:10:43 ----D---- C:\Program Files\Microsoft Works
2010-10-28 16:08:58 ----D---- C:\Program Files\Microsoft Visual Studio
2010-10-28 16:08:57 ----D---- C:\Program Files\Common Files\DESIGNER
2010-10-28 16:06:55 ----D---- C:\Windows\PCHEALTH
2010-10-28 15:58:13 ----D---- C:\Windows\SHELLNEW
2010-10-28 15:40:36 ----RD---- C:\MSOCache
2010-10-27 19:01:48 ----HD---- C:\Windows\msdownld.tmp
2010-10-27 19:01:42 ----D---- C:\Windows\system32\directx
2010-10-27 18:50:14 ----D---- C:\Program Files\Namco
2010-10-27 18:05:25 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 18:05:18 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-27 18:05:16 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3ovrlay.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3Info2.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3gIGP.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\s3gcil_inv.dll
2010-10-21 05:32:42 ----A---- C:\Windows\system32\S3Cfg3d.dll
2010-10-21 05:32:41 ----A---- C:\Windows\system32\VTTimer.exe
2010-10-21 05:32:41 ----A---- C:\Windows\system32\s3gIGPgl.dll
2010-10-21 05:32:41 ----A---- C:\Windows\system32\S3Disply.dll
2010-10-21 05:32:40 ----A---- C:\Windows\system32\VModes.exe
2010-10-21 05:32:40 ----A---- C:\Windows\system32\S3Trayp.exe
2010-10-21 05:32:40 ----A---- C:\Windows\system32\S3Gamma2.dll
2010-10-21 05:32:40 ----A---- C:\Windows\system32\drivers\S3gIGPm.sys
2010-10-21 05:31:28 ----D---- C:\Program Files\S3
2010-10-21 05:31:21 ----D---- C:\Program Files\Common Files\InstallShield
2010-10-19 21:02:32 ----D---- C:\Program Files\Mojzík
2010-10-19 20:58:19 ----D---- C:\Program Files\mechanikivan
2010-10-17 12:51:48 ----D---- C:\Program Files\On Hand Software
2010-10-13 17:37:23 ----A---- C:\Windows\system32\t2embed.dll
2010-10-13 17:37:19 ----A---- C:\Windows\system32\msshsq.dll
2010-10-13 17:37:14 ----A---- C:\Windows\system32\win32k.sys
2010-10-13 17:36:55 ----A---- C:\Windows\system32\mshtml.dll
2010-10-13 17:36:39 ----A---- C:\Windows\system32\ieframe.dll
2010-10-13 17:36:35 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-13 17:36:35 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-13 17:36:32 ----A---- C:\Windows\system32\urlmon.dll
2010-10-13 17:36:31 ----A---- C:\Windows\system32\wininet.dll
2010-10-13 17:36:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-13 17:36:28 ----A---- C:\Windows\system32\mstime.dll
2010-10-13 17:36:27 ----A---- C:\Windows\system32\iertutil.dll
2010-10-13 17:36:25 ----A---- C:\Windows\system32\occache.dll
2010-10-13 17:36:25 ----A---- C:\Windows\system32\ieui.dll
2010-10-13 17:36:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iesetup.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iernonce.dll
2010-10-13 17:36:24 ----A---- C:\Windows\system32\iepeers.dll
2010-10-13 17:36:23 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-13 17:36:23 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-13 17:36:23 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-13 17:36:16 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-13 17:36:06 ----A---- C:\Windows\system32\comctl32.dll
2010-10-13 17:35:58 ----A---- C:\Windows\system32\mfc40.dll
2010-10-13 17:35:55 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-13 17:34:58 ----A---- C:\Windows\system32\wmp.dll
2010-10-13 17:34:54 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-13 17:34:29 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-13 17:34:29 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-13 17:34:28 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-13 17:34:28 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-13 17:34:27 ----A---- C:\Windows\system32\netevent.dll
2010-10-13 17:34:17 ----A---- C:\Windows\system32\ole32.dll
2010-10-13 17:34:14 ----A---- C:\Windows\system32\schannel.dll

======List of files/folders modified in the last 1 months======

2010-11-09 13:28:35 ----D---- C:\Windows\Prefetch
2010-11-09 13:28:25 ----D---- C:\Program Files\trend micro
2010-11-09 13:28:22 ----D---- C:\Windows\Temp
2010-11-09 13:17:40 ----D---- C:\Windows
2010-11-09 11:49:58 ----SHD---- C:\System Volume Information
2010-11-09 09:44:35 ----D---- C:\Users\Jozef\AppData\Roaming\ICQ
2010-11-09 06:00:19 ----D---- C:\Windows\System32
2010-11-09 06:00:19 ----D---- C:\Windows\inf
2010-11-09 06:00:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-08 22:36:33 ----RD---- C:\Program Files
2010-11-08 22:29:00 ----A---- C:\Windows\system.ini
2010-11-08 22:21:49 ----D---- C:\Windows\system32\drivers
2010-11-08 22:21:48 ----D---- C:\Windows\AppPatch
2010-11-08 22:21:46 ----D---- C:\Program Files\Common Files
2010-11-08 21:33:54 ----D---- C:\Program Files\Mozilla Thunderbird
2010-11-08 21:01:39 ----D---- C:\Windows\system32\drivers\etc
2010-11-07 22:09:24 ----D---- C:\Users\Jozef\AppData\Roaming\uTorrent
2010-11-07 21:29:10 ----SHD---- C:\Windows\Installer
2010-11-07 21:29:10 ----D---- C:\Config.Msi
2010-11-07 21:28:32 ----D---- C:\ProgramData
2010-11-07 19:57:26 ----D---- C:\Users\Jozef\AppData\Roaming\Vso
2010-11-07 12:49:50 ----D---- C:\Windows\cs-CZ
2010-11-05 15:44:03 ----D---- C:\Windows\system32\catroot
2010-11-05 06:25:15 ----D---- C:\Windows\winsxs
2010-11-05 06:25:09 ----D---- C:\Windows\system32\catroot2
2010-11-01 18:52:41 ----D---- C:\Users\Jozef\AppData\Roaming\vlc
2010-10-31 20:20:57 ----D---- C:\ProgramData\ESET
2010-10-31 19:57:43 ----D---- C:\Program Files\ICQ7.2
2010-10-30 16:15:42 ----D---- C:\Program Files\Mozilla Firefox
2010-10-29 17:22:02 ----D---- C:\Windows\Tasks
2010-10-29 17:19:34 ----D---- C:\Program Files\CCleaner
2010-10-29 17:17:17 ----D---- C:\Windows\system32\Tasks
2010-10-28 19:12:21 ----D---- C:\ProgramData\Microsoft Help
2010-10-28 19:08:04 ----RSD---- C:\Windows\assembly
2010-10-28 17:46:58 ----A---- C:\Windows\win.ini
2010-10-28 17:44:49 ----SD---- C:\Users\Jozef\AppData\Roaming\Microsoft
2010-10-28 17:07:55 ----RSD---- C:\Windows\Fonts
2010-10-28 17:07:46 ----D---- C:\Program Files\Common Files\microsoft shared
2010-10-28 16:10:07 ----D---- C:\Program Files\MSBuild
2010-10-28 16:09:36 ----D---- C:\Program Files\Microsoft Office
2010-10-28 16:06:55 ----SD---- C:\ProgramData\Microsoft
2010-10-28 16:06:55 ----D---- C:\Program Files\Microsoft.NET
2010-10-27 19:01:42 ----D---- C:\Windows\Logs
2010-10-26 09:55:59 ----D---- C:\Program Files\MumboJumbo
2010-10-21 09:15:25 ----D---- C:\Windows\system32\WDI
2010-10-21 06:49:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-21 05:51:56 ----D---- C:\ProgramData\FarmFrenzy2
2010-10-21 05:51:08 ----D---- C:\Program Files\Farm Frenzy 2
2010-10-21 05:51:06 ----D---- C:\Windows\Farm Frenzy 2
2010-10-21 05:34:20 ----D---- C:\Windows\Help
2010-10-19 14:36:56 ----D---- C:\Windows\Minidump
2010-10-19 14:36:56 ----D---- C:\Windows\Debug
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-13 18:25:55 ----D---- C:\Windows\rescache
2010-10-13 18:07:36 ----D---- C:\Windows\system32\cs-CZ
2010-10-13 18:07:36 ----D---- C:\Program Files\Windows Media Player
2010-10-13 18:07:34 ----D---- C:\Windows\system32\migration
2010-10-13 18:07:34 ----D---- C:\Program Files\Internet Explorer
2010-10-13 17:41:32 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-11 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-07-09 47360]
R3 S3GIGP;S3GIGP; C:\Windows\system32\DRIVERS\S3gIGPm.sys [2006-11-10 634880]
S3 adqngvnr;adqngvnr; C:\Windows\system32\drivers\adqngvnr.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

[motji]

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


Pokud už nejsou žádné problémy, je to vše .

[Jozefko]

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


Pokud už nejsou žádné problémy, je to vše .

vykonane! velmi pekne dakujem

[motji]

Není zač