VIRY.CZ

Používam Windows XP, facebooku som potreboval skopirovať jednu fotku na plochu. A ono mi to spravilo tiene pod ikonamy na ploche.Bod obnovenia som hneď vyskúšal,nepomohlo. Aj tie tiene pod ikonamy som skúšal v nadstavení vypnúť odfajknutie zas nič. Preto prikladám log.
Ďakujem za pomoc. A ešte niečo tu fotku čo som stiahol zmizla a nemôžem hu nájsť.

Logfile of random's system information tool 1.09 (written by random/random)
Run by ortig at 2011-10-30 12:57:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive I: has 828 GB (94%) free of 881 GB
Total RAM: 3327 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:57:36, on 30.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\PROGRA~1\AVG\AVG2012\avgrsx.exe
I:\Program Files\AVG\AVG2012\avgcsrvx.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
i:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\AVG\AVG2012\avgfws.exe
I:\Program Files\AVG\AVG2012\avgwdsvc.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\LightScribe\LSSrvc.exe
I:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\Program Files\SpeechGrid\SpeechGridService.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
I:\Program Files\AVG\AVG2012\avgnsx.exe
I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
I:\Program Files\AVG\AVG2012\avgcsrvx.exe
I:\WINDOWS\RTHDCPL.EXE
I:\Program Files\AVG\AVG2012\avgtray.exe
I:\WINDOWS\system32\RunDLL32.exe
I:\Program Files\PowerISO\PWRISOVM.EXE
I:\Program Files\Microsoft Security Client\msseces.exe
I:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
I:\Program Files\Logitech\SetPointP\SetPoint.exe
I:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
I:\Program Files\ASUS\GamerOSD\GamerOSD.exe
I:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
I:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
I:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Program Files\Mozilla Firefox\plugin-container.exe
L:\Download\RSIT.exe
I:\Program Files\trend micro\ortig.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG_TRAY] "I:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] I:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [PWRISOVM.EXE] I:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [MSC] "i:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LWS] I:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [EvtMgr6] I:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [ASUSGamerOSD] I:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "I:\Documents and Settings\ortig\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-861567501-879983540-839522115-1004\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1719450109
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - I:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - I:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - I:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - I:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - I:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - I:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - I:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - I:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - I:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - I:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: SpeechGridService - SpeechGrid - I:\Program Files\SpeechGrid\SpeechGridService.exe
O23 - Service: UMVPFSrv - Logitech Inc. - I:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: vToolbarUpdater - Unknown owner - I:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
O24 - Desktop Component 0: (no name) - http://www.facebook.com/></i></a></div><div class=
O24 - Desktop Component 1: (no name) - http://www.facebook.com/ajax/messaging/ ... EEjJjDFBup

--
End of file - 10014 bytes

======Scheduled tasks folder======

I:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-879983540-839522115-1003Core.job
I:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-879983540-839522115-1003UA.job
I:\WINDOWS\tasks\MP Scheduled Scan.job
I:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - I:\Documents and Settings\ortig\Application Data\Mozilla\Firefox\Profiles\tlwapz0z.default

prefs.js - "browser.startup.homepage" - "www.zoznam.sk"
prefs.js - "keyword.URL" - "http://search.avg.com/route/?d=4e32c90e ... &lng=sk&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=I:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=I:\Program Files\AVG\AVG2012\Firefox4\
"avg@igeared"=I:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
"jqs@sun.com"=I:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=I:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=I:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=I:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=I:\Program Files\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=I:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

I:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

I:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

I:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
avg_igeared.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

I:\Documents and Settings\ortig\Application Data\Mozilla\Firefox\Profiles\tlwapz0z.default\extensions\
foxmarks@kei.com
toolbar@ask.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}

I:\Documents and Settings\ortig\Application Data\Mozilla\Firefox\Profiles\tlwapz0z.default\searchplugins\
avg-secure-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - I:\Program Files\AVG\AVG2012\avgssie.dll [2011-09-27 2179936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - I:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-05-30 2495816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - I:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - I:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - I:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - I:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-05-30 2495816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=I:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AVG_TRAY"=I:\Program Files\AVG\AVG2012\avgtray.exe [2011-09-23 2404704]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2011-08-03 13892200]
"nwiz"=I:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-07-05 1632360]
"TaskTray"= []
"PWRISOVM.EXE"=I:\Program Files\PowerISO\PWRISOVM.EXE [2009-07-27 180224]
"MSC"=i:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"LWS"=I:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-08-12 205336]
"EvtMgr6"=I:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1386776]
"ASUSGamerOSD"=I:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-07-12 380928]
"Adobe ARM"=I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=I:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=I:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"Google Update"=I:\Documents and Settings\ortig\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-02 136176]
"SpybotSD TeaTimer"=I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
I:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 1848648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
I:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
I:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe /md I []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
I:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
I:\Program Files\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
I:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
I:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
I:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
I:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]

I:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - I:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
i:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
I:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\Java\jre6\bin\javaw.exe"="I:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"I:\Program Files\AVG\AVG10\avgmfapx.exe"="I:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"I:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="I:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"I:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="I:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"I:\Program Files\Logitech\Vid HD\Vid.exe"="I:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD"
"I:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="I:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"I:\Program Files\AVG\AVG2012\avgmfapx.exe"="I:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"I:\Program Files\AVG\AVG2012\avgnsx.exe"="I:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"I:\Program Files\AVG\AVG2012\avgdiagex.exe"="I:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostika AVG 2012"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=I:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=I:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"MSVideo"=vfwwdm32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-10-30 12:57:11 ----D---- I:\rsit
2011-10-30 12:57:11 ----D---- I:\Program Files\trend micro
2011-10-30 10:34:40 ----D---- I:\Program Files\Spybot - Search & Destroy
2011-10-30 09:09:28 ----A---- I:\WINDOWS\system32\PerfStringBackup.TMP
2011-10-28 20:00:25 ----HD---- I:\Documents and Settings\All Users\Application Data\CanonIJEGV
2011-10-19 14:21:05 ----D---- I:\Program Files\Common Files\Java
2011-10-19 14:20:42 ----A---- I:\WINDOWS\system32\javaws.exe
2011-10-19 14:20:42 ----A---- I:\WINDOWS\system32\javaw.exe
2011-10-19 14:20:42 ----A---- I:\WINDOWS\system32\java.exe
2011-10-13 18:56:11 ----HDC---- I:\WINDOWS\$NtUninstallKB2564958$
2011-10-13 18:49:11 ----HDC---- I:\WINDOWS\$NtUninstallKB2567053$
2011-10-13 18:49:06 ----HDC---- I:\WINDOWS\$NtUninstallKB2592799$
2011-10-13 18:44:41 ----HDC---- I:\WINDOWS\$NtUninstallKB2586448$
2011-10-07 12:28:10 ----A---- I:\WINDOWS\system32\drivers\NBVolUp.sys
2011-10-07 12:28:05 ----A---- I:\WINDOWS\system32\drivers\NBVol.sys
2011-10-07 12:23:41 ----D---- I:\Program Files\Microsoft.NET
2011-10-07 12:21:27 ----A---- I:\WINDOWS\system32\D3DCompiler_43.dll
2011-10-07 12:21:26 ----A---- I:\WINDOWS\system32\d3dcsx_43.dll
2011-10-07 12:21:25 ----A---- I:\WINDOWS\system32\d3dx11_43.dll
2011-10-07 12:21:25 ----A---- I:\WINDOWS\system32\d3dx10_43.dll
2011-10-07 12:21:24 ----A---- I:\WINDOWS\system32\D3DX9_43.dll
2011-10-07 12:20:05 ----HDC---- I:\WINDOWS\$NtUninstallKB942288-v3$
2011-10-01 09:00:25 ----HD---- I:\WINDOWS\PIF
2011-10-01 08:01:47 ----D---- I:\Program Files\Common Files\Windows Live
2011-10-01 07:28:45 ----D---- I:\Documents and Settings\ortig\Application Data\ElevatedDiagnostics
2011-10-01 07:27:11 ----D---- I:\WINDOWS\system32\windowspowershell
2011-10-01 07:27:02 ----HDC---- I:\WINDOWS\$NtUninstallKB926139-v2$
2011-10-01 07:13:40 ----D---- I:\Documents and Settings\ortig\Application Data\AskToolbar

======List of files/folders modified in the last 1 month======

2011-10-30 12:57:11 ----RD---- I:\Program Files
2011-10-30 12:22:04 ----D---- I:\WINDOWS\Temp
2011-10-30 11:45:59 ----D---- I:\Documents and Settings\All Users\Application Data\MFAData
2011-10-30 11:45:56 ----D---- I:\WINDOWS\system32\drivers\AVG
2011-10-30 11:01:39 ----SD---- I:\WINDOWS\Tasks
2011-10-30 10:57:26 ----D---- I:\WINDOWS
2011-10-30 10:57:14 ----D---- I:\WINDOWS\system32\CatRoot2
2011-10-30 10:55:29 ----A---- I:\WINDOWS\SchedLgU.Txt
2011-10-30 10:54:30 ----D---- I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-10-30 10:52:47 ----D---- I:\Documents and Settings\ortig\Application Data\Skype
2011-10-30 10:38:40 ----D---- I:\WINDOWS\system32\drivers\etc
2011-10-30 10:23:16 ----D---- I:\WINDOWS\system32\drivers
2011-10-30 09:09:28 ----D---- I:\WINDOWS\system32
2011-10-30 09:07:44 ----D---- I:\Program Files\MALWAREBYTES ANTI-MALWARE
2011-10-30 09:05:34 ----D---- I:\WINDOWS\system32\config
2011-10-30 09:05:11 ----D---- I:\WINDOWS\system32\wbem
2011-10-30 09:05:10 ----D---- I:\WINDOWS\Registration
2011-10-29 22:57:50 ----D---- I:\WINDOWS\AppPatch
2011-10-29 22:42:26 ----D---- I:\WINDOWS\Prefetch
2011-10-29 22:39:51 ----HD---- I:\WINDOWS\inf
2011-10-28 20:00:22 ----SHD---- I:\Config.Msi
2011-10-28 16:00:02 ----A---- I:\WINDOWS\NeroDigital.ini
2011-10-28 08:29:40 ----D---- I:\WINDOWS\system32\Restore
2011-10-26 19:18:08 ----D---- I:\Documents and Settings\ortig\Application Data\Vso
2011-10-24 20:50:10 ----SHD---- I:\WINDOWS\Installer
2011-10-24 20:48:07 ----RSHDC---- I:\WINDOWS\system32\dllcache
2011-10-23 14:34:19 ----AD---- I:\Documents and Settings\All Users\Application Data\TEMP
2011-10-21 11:41:30 ----D---- I:\Program Files\JDownloader
2011-10-19 14:21:05 ----D---- I:\Program Files\Common Files
2011-10-19 14:20:39 ----D---- I:\Program Files\Java
2011-10-14 23:03:47 ----D---- I:\WINDOWS\Debug
2011-10-14 23:02:03 ----D---- I:\Program Files\CCleaner
2011-10-14 04:55:27 ----RSD---- I:\WINDOWS\assembly
2011-10-14 04:55:11 ----D---- I:\WINDOWS\Microsoft.NET
2011-10-13 23:21:37 ----RD---- I:\Program Files\Skype
2011-10-13 18:55:49 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2011-10-13 18:55:22 ----D---- I:\WINDOWS\WinSxS
2011-10-13 18:49:17 ----A---- I:\WINDOWS\system32\MRT.exe
2011-10-13 18:49:06 ----HD---- I:\WINDOWS\$hf_mig$
2011-10-12 09:01:40 ----D---- I:\Program Files\Common Files\Nero
2011-10-12 08:55:32 ----D---- I:\Program Files\Nero
2011-10-11 19:23:33 ----D---- I:\WINDOWS\Logs
2011-10-11 13:58:43 ----D---- I:\WINDOWS\system32\DirectX
2011-10-09 09:56:36 ----D---- I:\Program Files\Mozilla Thunderbird
2011-10-07 12:44:25 ----D---- I:\Documents and Settings\ortig\Application Data\Nero
2011-10-07 12:43:11 ----D---- I:\WINDOWS\Cursors
2011-10-07 12:43:02 ----D---- I:\Documents and Settings\All Users\Application Data\Nero
2011-10-07 12:28:10 ----DC---- I:\WINDOWS\system32\DRVSTORE
2011-10-07 12:27:51 ----D---- I:\Program Files\Common Files\LightScribe
2011-10-07 12:20:35 ----A---- I:\WINDOWS\system32\_000121_.TMP.DLL
2011-10-07 12:20:32 ----D---- I:\WINDOWS\system32\mui
2011-10-03 04:06:03 ----A---- I:\WINDOWS\system32\deployJava1.dll
2011-10-01 08:01:30 ----SD---- I:\Documents and Settings\All Users\Application Data\Microsoft
2011-10-01 07:54:08 ----D---- I:\Program Files\Google
2011-10-01 07:13:44 ----D---- I:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; I:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; I:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 NBVol;Nero Backup Volume Filter Driver; I:\WINDOWS\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; I:\WINDOWS\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; I:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; I:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 asuskbnt;Enhanced Display Driver Helper Service; I:\WINDOWS\system32\drivers\atkkbnt.sys [2007-07-12 11136]
R1 Avgldx86;AVG AVI Loader Driver; I:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; I:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; I:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 EIO;EIO; \??\I:\WINDOWS\system32\drivers\EIO.sys []
R1 intelppm;Intel Processor Driver; I:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; I:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 MpFilter;Microsoft Malware Protection Driver; I:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslb5ba5901;MpKslb5ba5901; \??\i:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE00980E-106E-4ABA-95A1-89D86AF8C941}\MpKslb5ba5901.sys []
R1 SCDEmu;SCDEmu; I:\WINDOWS\system32\drivers\SCDEmu.sys [2009-07-27 58908]
R2 LBeepKE;Logitech Beep Suppression Driver; I:\WINDOWS\System32\Drivers\LBeepKE.sys [2011-04-30 12184]
R3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; I:\WINDOWS\system32\drivers\asusgsb.sys [2007-07-12 12416]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; I:\WINDOWS\system32\DRIVERS\l151x86.sys [2009-04-06 37376]
R3 Avgfwdx;Avgfwdx; I:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2011-05-23 30944]
R3 AVGIDSDriver;AVGIDSDriver; I:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; I:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; I:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-23 4402176]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; I:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2011-04-30 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; I:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2011-04-30 39064]
R3 LVRS;Logitech RightSound Filter Driver; I:\WINDOWS\system32\DRIVERS\lvrs.sys [2011-08-19 315808]
R3 LVUVC;QuickCam Orbit/Sphere AF(UVC); I:\WINDOWS\system32\DRIVERS\lvuvc.sys [2011-08-19 4334624]
R3 mouhid;Mouse HID Driver; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; I:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-08-03 12542592]
R3 usbaudio;USB Audio Driver (WDM); I:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;USB Mass Storage Driver; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Video3D;ASUS Video3D Service; I:\WINDOWS\System32\Drivers\Video3D32.sys [2007-07-12 10752]
R3 Wdf01000;Kernel Mode Driver Frameworks service; I:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 klbugotm;klbugotm; \??\I:\WINDOWS\system32\drivers\klbugotm.sys []
S1 MpKsl66d216a1;MpKsl66d216a1; \??\i:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEFD8E68-69E5-4131-A364-A62B670B9070}\MpKsl66d216a1.sys []
S1 MpKsl798393d1;MpKsl798393d1; \??\i:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CD520F7-D556-49C7-8A60-4261EB6E925B}\MpKsl798393d1.sys []
S1 MpKsle63aab18;MpKsle63aab18; \??\i:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BC91B02-8D4D-4881-AF44-DA9903D81FC2}\MpKsle63aab18.sys []
S1 MpKsleb2f36c3;MpKsleb2f36c3; \??\i:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D9A05CC-8DD8-48D2-A0F3-242470FFD7B0}\MpKsleb2f36c3.sys []
S1 qtudkgmn;qtudkgmn; \??\I:\WINDOWS\system32\drivers\qtudkgmn.sys []
S1 wgvhhdzp;wgvhhdzp; \??\I:\WINDOWS\system32\drivers\wgvhhdzp.sys []
S3 Avgfwfd;AVG network filter service; I:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2011-05-23 30944]
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; I:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; I:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; I:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; I:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; I:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; I:\WINDOWS\System32\Drivers\RootMdm.sys [2007-07-27 5888]
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; I:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; I:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; I:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 usbvideo;USB Video Device (WDM); I:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; I:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; I:\Program Files\AVG\AVG2012\avgfws.exe [2011-08-19 2399560]
R2 AVGIDSAgent;AVGIDSAgent; I:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
R2 avgwd;AVG WatchDog; I:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; I:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 MsMpSvc;Microsoft Antimalware Service; i:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; I:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-05-18 935208]
R2 NVSvc;NVIDIA Driver Helper Service; I:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
R2 nvUpdatusService;NVIDIA Update Service Daemon; I:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 SpeechGridService;SpeechGridService; I:\Program Files\SpeechGrid\SpeechGridService.exe [2011-09-09 47984]
R2 UMVPFSrv;UMVPFSrv; I:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
R2 vToolbarUpdater;vToolbarUpdater; I:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-11 246600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATKKeyboardService;ATK Keyboard Service; I:\WINDOWS\ATKKBService.exe [2007-07-12 257024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; I:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; I:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 295192]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ServiceLayer;ServiceLayer; I:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]

-----------------EOF-----------------

Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-10-30.02 - Administrator . 10. 2011 18:59:31.1.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3327.2393 [GMT 1:00]
Running from: i:\documents and settings\ortig\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
i:\documents and settings\ortig\Application Data\inst.exe
i:\documents and settings\ortig\Application Data\vso_ts_preview.xml
i:\windows\help\tours\htmltour\unlock_playing.htm
i:\windows\system32\_000121_.TMP.DLL
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 16:47 . 2011-10-30 16:47 28752 ----a-w- i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{905A15E9-51F8-4175-B4F5-6C6CBE623BFD}\MpKsl2f727e67.sys
2011-10-30 16:47 . 2011-10-30 16:47 56200 ----a-w- i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{905A15E9-51F8-4175-B4F5-6C6CBE623BFD}\offreg.dll
2011-10-30 16:47 . 2011-10-07 03:48 6668624 ----a-w- i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{905A15E9-51F8-4175-B4F5-6C6CBE623BFD}\mpengine.dll
2011-10-30 12:25 . 2011-10-30 12:25 12568 ----a-w- i:\windows\system32\drivers\PROCEXP113.SYS
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- I:\rsit
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- i:\program files\trend micro
2011-10-30 09:34 . 2011-10-30 09:37 -------- d-----w- i:\program files\Spybot - Search & Destroy
2011-10-30 08:09 . 2011-10-30 08:09 5874 ----a-w- i:\windows\system32\PerfStringBackup.TMP
2011-10-30 08:05 . 2011-10-30 08:05 -------- d-----w- i:\windows\system32\wbem\Repository
2011-10-28 19:00 . 2011-10-28 19:00 -------- d--h--w- i:\documents and settings\All Users\Application Data\CanonIJEGV
2011-10-19 13:21 . 2011-10-19 13:21 -------- d-----w- i:\program files\Common Files\Java
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- i:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 11:46 . 2011-10-07 15:24 -------- d-----w- i:\documents and settings\ortig\Local Settings\Application Data\Nero_AG
2011-10-07 11:28 . 2011-07-13 11:39 12464 ----a-w- i:\windows\system32\drivers\NBVolUp.sys
2011-10-07 11:28 . 2011-07-13 11:39 56496 ----a-w- i:\windows\system32\drivers\NBVol.sys
2011-10-07 11:23 . 2011-10-07 11:23 -------- d-----w- i:\program files\Microsoft.NET
2011-10-07 11:21 . 2010-05-26 09:41 2106216 ----a-w- i:\windows\system32\D3DCompiler_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1868128 ----a-w- i:\windows\system32\d3dcsx_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 470880 ----a-w- i:\windows\system32\d3dx10_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 248672 ----a-w- i:\windows\system32\d3dx11_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1998168 ----a-w- i:\windows\system32\D3DX9_43.dll
2011-10-01 08:00 . 2011-10-01 08:00 -------- d--h--w- i:\windows\PIF
2011-10-01 07:01 . 2011-10-01 07:01 -------- d-----w- i:\program files\Common Files\Windows Live
2011-10-01 06:28 . 2011-10-01 06:28 -------- d-----w- i:\documents and settings\ortig\Application Data\ElevatedDiagnostics
2011-10-01 06:13 . 2011-10-01 06:13 -------- d-----w- i:\documents and settings\ortig\Application Data\AskToolbar
2011-10-01 06:13 . 2011-10-01 06:13 -------- d-----w- i:\documents and settings\ortig\Local Settings\Application Data\AskToolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-29 21:55 . 2011-07-26 21:26 196608 ----a-w- i:\windows\system32\drivers\nStandard.bin
2011-10-13 20:36 . 2011-07-27 01:32 414368 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-07 03:48 . 2011-07-27 16:02 6668624 ----a-w- i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-03 03:06 . 2011-07-27 16:57 472808 ----a-w- i:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2011-07-27 16:57 73728 ----a-w- i:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2008-07-29 17:59 611328 ----a-w- i:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2007-07-27 12:00 220160 ----a-w- i:\windows\system32\oleacc.dll
2011-09-26 09:41 . 2007-07-27 12:00 20480 ----a-w- i:\windows\system32\oleaccrc.dll
2011-09-18 11:29 . 2011-09-18 10:12 47360 ----a-w- i:\documents and settings\ortig\Application Data\pcouffin.sys
2011-09-13 04:30 . 2011-03-16 14:03 32592 ----a-w- i:\windows\system32\drivers\avgrkx86.sys
2011-09-09 09:12 . 2007-07-27 12:00 599040 ----a-w- i:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2007-07-27 12:00 1858944 ----a-w- i:\windows\system32\win32k.sys
2011-09-05 13:56 . 2007-07-27 12:00 667136 ----a-w- i:\windows\system32\wininet.dll
2011-09-05 13:56 . 2007-07-27 12:00 61952 ----a-w- i:\windows\system32\tdc.ocx
2011-09-05 13:56 . 2007-07-27 12:00 81920 ----a-w- i:\windows\system32\ieencode.dll
2011-09-05 12:35 . 2007-07-27 12:00 369664 ----a-w- i:\windows\system32\html.iec
2011-08-31 15:00 . 2011-08-21 18:06 22216 ----a-w- i:\windows\system32\drivers\mbam.sys
2011-08-19 09:26 . 2011-05-26 04:05 4334624 ----a-w- i:\windows\system32\drivers\lvuvc.sys
2011-08-19 09:26 . 2011-05-26 04:05 545056 ----a-w- i:\windows\system32\LVUI2.dll
2011-08-19 09:26 . 2011-05-26 04:05 540960 ----a-w- i:\windows\system32\LVUI2RC.dll
2011-08-19 09:26 . 2011-08-19 09:26 196896 ----a-w- i:\windows\system32\lvci13301394.dll
2011-08-19 09:26 . 2011-05-26 04:05 315808 ----a-w- i:\windows\system32\drivers\lvrs.sys
2011-08-19 09:26 . 2011-05-26 04:05 307488 ----a-w- i:\windows\system32\lvcodec2.dll
2011-08-19 09:26 . 2011-05-26 04:05 336408 ----a-w- i:\windows\system32\DevManagerCore.dll
2011-08-19 09:26 . 2011-05-26 04:05 10898456 ----a-w- i:\windows\system32\LogiDPP.dll
2011-08-19 09:26 . 2011-05-26 04:05 104472 ----a-w- i:\windows\system32\LogiDPPApp.exe
2011-08-17 13:49 . 2007-07-27 12:00 138496 ----a-w- i:\windows\system32\drivers\afd.sys
2011-08-12 10:20 . 2011-08-12 10:20 15896 ----a-w- i:\windows\system32\drivers\iKeyLFT2.dll
2011-08-08 04:08 . 2011-03-01 12:25 40016 ----a-w- i:\windows\system32\drivers\avgmfx86.sys
2011-08-03 11:49 . 2011-08-10 07:49 914024 ----a-w- i:\windows\system32\nvdispco32.dll
2011-08-03 11:49 . 2011-08-10 07:49 875112 ----a-w- i:\windows\system32\nvgenco32.dll
2011-08-03 11:49 . 2011-08-09 07:24 253952 ----a-w- i:\windows\system32\nvrsth.dll
2011-08-03 11:49 . 2011-08-09 07:24 600680 ----a-w- i:\windows\system32\easyupdatusapiu.dll
2011-08-03 11:49 . 2011-05-21 04:01 61440 ----a-w- i:\windows\system32\OpenCL.dll
2011-08-03 11:49 . 2011-05-21 04:01 5427200 ----a-w- i:\windows\system32\nvcuda.dll
2011-08-03 11:49 . 2011-05-21 04:01 2387560 ----a-w- i:\windows\system32\nvcuvid.dll
2011-08-03 11:49 . 2011-05-21 04:01 2090088 ----a-w- i:\windows\system32\nvcuvenc.dll
2011-08-03 11:49 . 2011-05-21 04:01 17186816 ----a-w- i:\windows\system32\nvcompiler.dll
2011-08-03 11:49 . 2007-06-28 16:43 54272 ----a-w- i:\windows\system32\nvwddi.dll
2011-08-03 11:49 . 2007-06-28 16:43 4210816 ----a-w- i:\windows\system32\nv4_disp.dll
2011-08-03 11:49 . 2007-06-28 16:43 335872 ----a-w- i:\windows\system32\nvrsar.dll
2011-08-03 11:49 . 2007-06-28 16:43 331776 ----a-w- i:\windows\system32\nvrshe.dll
2011-08-03 11:49 . 2007-06-28 16:43 286720 ----a-w- i:\windows\system32\nvrsfr.dll
2011-08-03 11:49 . 2007-06-28 16:43 282624 ----a-w- i:\windows\system32\nvrsit.dll
2011-08-03 11:49 . 2007-06-28 16:43 282624 ----a-w- i:\windows\system32\nvrses.dll
2011-08-03 11:49 . 2007-06-28 16:43 282624 ----a-w- i:\windows\system32\nvrsel.dll
2011-08-03 11:49 . 2007-06-28 16:43 278528 ----a-w- i:\windows\system32\nvrsde.dll
2011-08-03 11:49 . 2007-06-28 16:43 274432 ----a-w- i:\windows\system32\nvrspt.dll
2011-08-03 11:49 . 2007-06-28 16:43 274432 ----a-w- i:\windows\system32\nvrsnl.dll
2011-08-03 11:49 . 2007-06-28 16:43 274432 ----a-w- i:\windows\system32\nvrsesm.dll
2011-08-03 11:49 . 2007-06-28 16:43 270336 ----a-w- i:\windows\system32\nvrsru.dll
2011-08-03 11:49 . 2007-06-28 16:43 270336 ----a-w- i:\windows\system32\nvrsptb.dll
2011-08-03 11:49 . 2007-06-28 16:43 270336 ----a-w- i:\windows\system32\nvrsja.dll
2011-08-03 11:49 . 2007-06-28 16:43 266240 ----a-w- i:\windows\system32\nvrsko.dll
2011-08-03 11:49 . 2007-06-28 16:43 262144 ----a-w- i:\windows\system32\nvrshu.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrstr.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrssl.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrssk.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrspl.dll
2011-08-03 11:49 . 2007-06-28 16:43 253952 ----a-w- i:\windows\system32\nvrssv.dll
2011-08-03 11:49 . 2007-06-28 16:43 253952 ----a-w- i:\windows\system32\nvrsno.dll
2011-08-03 11:49 . 2007-06-28 16:43 253952 ----a-w- i:\windows\system32\nvrsda.dll
2011-08-03 11:49 . 2007-06-28 16:43 249856 ----a-w- i:\windows\system32\nvrsfi.dll
2011-08-03 11:49 . 2007-06-28 16:43 249856 ----a-w- i:\windows\system32\nvrseng.dll
2011-08-03 11:49 . 2007-06-28 16:43 249856 ----a-w- i:\windows\system32\nvrscs.dll
2011-08-03 11:49 . 2007-06-28 16:43 2404864 ----a-w- i:\windows\system32\nvapi.dll
2011-08-03 11:49 . 2007-06-28 16:43 229376 ----a-w- i:\windows\system32\nvrszhc.dll
2011-08-03 11:49 . 2007-06-28 16:43 16191488 ----a-w- i:\windows\system32\nvoglnt.dll
2011-08-03 11:49 . 2007-06-28 16:43 146024 ----a-w- i:\windows\system32\nvsvc32.exe
2011-08-03 11:49 . 2007-06-28 16:43 145000 ----a-w- i:\windows\system32\nvcolor.exe
2011-08-03 11:49 . 2007-06-28 16:43 13892200 ----a-w- i:\windows\system32\nvcpl.dll
2011-08-03 11:49 . 2007-06-28 16:43 126976 ----a-w- i:\windows\system32\nvrszht.dll
2011-08-03 11:49 . 2007-06-28 16:43 12542592 ----a-w- i:\windows\system32\drivers\nv4_mini.sys
2011-08-03 11:49 . 2007-06-28 16:43 111208 ----a-w- i:\windows\system32\nvmctray.dll
2011-09-30 21:16 . 2011-07-26 22:04 134104 ----a-w- i:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-05-30 09:33 2495816 ----a-w- i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- i:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "i:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"AVG_TRAY"="i:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"NvCplDaemon"="i:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"nwiz"="i:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"PWRISOVM.EXE"="i:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"MSC"="i:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"LWS"="i:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"EvtMgr6"="i:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1386776]
"ASUSGamerOSD"="i:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
i:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - i:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- i:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0i:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
i:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-18 01:06 1848648 ----a-w- i:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-11 01:20 689488 ----a-w- i:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-03-04 10:45 2741616 ----a-w- i:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2011-01-13 02:01 6129496 ----a-w- i:\program files\Logitech\Vid HD\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 15:00 449608 ----a-w- i:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-09-01 11:39 966712 ----a-w- i:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 07:27 17351304 ----a-r- i:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"i:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"i:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"i:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
.
R0 AVGIDSEH;AVGIDSEH;i:\windows\system32\drivers\AVGIDSEH.sys [22. 2. 2011 7:13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;i:\windows\system32\drivers\avgrkx86.sys [16. 3. 2011 15:03 32592]
R0 NBVol;Nero Backup Volume Filter Driver;i:\windows\system32\drivers\NBVol.sys [7. 10. 2011 12:28 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;i:\windows\system32\drivers\NBVolUp.sys [7. 10. 2011 12:28 12464]
R1 Avgldx86;AVG AVI Loader Driver;i:\windows\system32\drivers\avgldx86.sys [7. 1. 2011 5:41 229840]
R1 Avgtdix;AVG TDI Driver;i:\windows\system32\drivers\avgtdix.sys [4. 4. 2011 23:59 295248]
R1 MpKsl2f727e67;MpKsl2f727e67;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{905A15E9-51F8-4175-B4F5-6C6CBE623BFD}\MpKsl2f727e67.sys [30. 10. 2011 17:47 28752]
R2 avgfws;AVG Firewall;i:\program files\AVG\AVG2012\avgfws.exe [19. 8. 2011 5:24 2399560]
R2 AVGIDSAgent;AVGIDSAgent;i:\program files\AVG\AVG2012\AVGIDSAgent.exe [12. 9. 2011 5:23 5265248]
R2 avgwd;AVG WatchDog;i:\program files\AVG\AVG2012\avgwdsvc.exe [2. 8. 2011 5:09 192776]
R2 LBeepKE;Logitech Beep Suppression Driver;i:\windows\system32\drivers\LBeepKE.sys [27. 7. 2011 13:31 12184]
R2 nvUpdatusService;NVIDIA Update Service Daemon;i:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9. 8. 2011 8:24 2255464]
R2 SpeechGridService;SpeechGridService;i:\program files\SpeechGrid\SpeechGridService.exe [9. 9. 2011 0:20 47984]
R2 UMVPFSrv;UMVPFSrv;i:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [26. 5. 2011 5:05 450848]
R2 vToolbarUpdater;vToolbarUpdater;i:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [11. 9. 2011 17:46 246600]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;i:\windows\system32\drivers\l151x86.sys [6. 4. 2009 5:40 37376]
R3 Avgfwdx;Avgfwdx;i:\windows\system32\drivers\avgfwdx.sys [12. 7. 2010 3:33 30944]
R3 AVGIDSDriver;AVGIDSDriver;i:\windows\system32\drivers\AVGIDSDriver.sys [14. 4. 2011 20:28 134608]
R3 AVGIDSFilter;AVGIDSFilter;i:\windows\system32\drivers\AVGIDSFilter.sys [10. 2. 2011 6:53 24272]
R3 AVGIDSShim;AVGIDSShim;i:\windows\system32\drivers\AVGIDSShim.sys [10. 2. 2011 6:53 16720]
S1 klbugotm;klbugotm;\??\i:\windows\system32\drivers\klbugotm.sys --> i:\windows\system32\drivers\klbugotm.sys [?]
S1 MpKsl66d216a1;MpKsl66d216a1;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEFD8E68-69E5-4131-A364-A62B670B9070}\MpKsl66d216a1.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEFD8E68-69E5-4131-A364-A62B670B9070}\MpKsl66d216a1.sys [?]
S1 MpKsl798393d1;MpKsl798393d1;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CD520F7-D556-49C7-8A60-4261EB6E925B}\MpKsl798393d1.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CD520F7-D556-49C7-8A60-4261EB6E925B}\MpKsl798393d1.sys [?]
S1 MpKsle63aab18;MpKsle63aab18;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BC91B02-8D4D-4881-AF44-DA9903D81FC2}\MpKsle63aab18.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BC91B02-8D4D-4881-AF44-DA9903D81FC2}\MpKsle63aab18.sys [?]
S1 MpKsleb2f36c3;MpKsleb2f36c3;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D9A05CC-8DD8-48D2-A0F3-242470FFD7B0}\MpKsleb2f36c3.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D9A05CC-8DD8-48D2-A0F3-242470FFD7B0}\MpKsleb2f36c3.sys [?]
S1 qtudkgmn;qtudkgmn;\??\i:\windows\system32\drivers\qtudkgmn.sys --> i:\windows\system32\drivers\qtudkgmn.sys [?]
S1 wgvhhdzp;wgvhhdzp;\??\i:\windows\system32\drivers\wgvhhdzp.sys --> i:\windows\system32\drivers\wgvhhdzp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 12:16 130384]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;i:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [29. 7. 2011 15:51 1025352]
S3 Avgfwfd;AVG network filter service;i:\windows\system32\drivers\avgfwdx.sys [12. 7. 2010 3:33 30944]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;i:\windows\system32\drivers\nmwcdnsu.sys [7. 8. 2011 16:33 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;i:\windows\system32\drivers\nmwcdnsuc.sys [7. 8. 2011 16:33 8576]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;i:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 12:16 753504]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL2F727E67
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- i:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-30 i:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-879983540-839522115-1003Core.job
- i:\documents and settings\ortig\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-02 13:12]
.
2011-10-30 i:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-879983540-839522115-1003UA.job
- i:\documents and settings\ortig\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-02 13:12]
.
2011-10-30 i:\windows\Tasks\MP Scheduled Scan.job
- i:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
2011-10-30 i:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- i:\program files\Ask.com\UpdateTask.exe [2010-02-04 14:50]
.
.
------- Supplementary Scan -------
.
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - i:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-TaskTray - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-facemoods - i:\program files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-30 19:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1444)
i:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Completion time: 2011-10-30 19:05:15
ComboFix-quarantined-files.txt 2011-10-30 18:05
.
Pre-Run: 868 069 048 320 bytes free
Post-Run: 868 096 679 936 bytes free
.
- - End Of File - - 43D5DF55C72B057509C3B12B9BC89DE3

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
i:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu



V systému jsou 2 antiviry: AVGIS a MSSE. Jeden z nich odinstalujte. Může docházet k sw kolizím.

ComboFix 11-10-30.02 - Administrator . 11. 2011 12:15:45.3.4 - x86
Running from: i:\documents and settings\ortig\Desktop\ComboFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((( Files Created from 2011-10-01 to 2011-11-01 )))))))))))))))))))))))))))))))
.
.
2011-10-30 20:36 . 2011-10-30 20:37 -------- d-----w- i:\documents and settings\Administrator\Application Data\Nero
2011-10-30 20:35 . 2011-10-30 20:35 -------- d-s---w- i:\documents and settings\Administrator\UserData
2011-10-30 20:28 . 2011-10-30 20:28 -------- d-----w- i:\documents and settings\Administrator\Application Data\Photo DVD Maker
2011-10-30 20:21 . 2011-10-30 20:21 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-10-30 20:14 . 2011-10-30 20:14 -------- d--h--w- i:\windows\system32\GroupPolicy
2011-10-30 19:24 . 2011-10-30 20:21 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Temp
2011-10-30 19:24 . 2011-10-30 19:29 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Google
2011-10-30 19:12 . 2011-10-30 19:12 -------- d-----w- i:\documents and settings\Administrator\Application Data\Anvsoft
2011-10-30 19:09 . 2011-10-30 19:09 -------- d-----w- i:\program files\AnvSoft Photo Flash Maker Professional
2011-10-30 18:53 . 2011-10-30 18:53 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Thunderbird
2011-10-30 18:53 . 2011-10-30 18:53 -------- d-----w- i:\documents and settings\Administrator\Application Data\Thunderbird
2011-10-30 18:51 . 2011-10-30 18:52 -------- d-----w- i:\documents and settings\Administrator\Application Data\Vso
2011-10-30 18:46 . 2011-10-30 20:32 -------- d-----w- i:\documents and settings\Administrator\Application Data\Skype
2011-10-30 18:17 . 2011-10-30 18:17 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2011-10-30 18:15 . 2011-10-30 18:15 -------- d-----w- I:\AVG2012
2011-10-30 18:15 . 2011-10-30 18:15 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\AskToolbar
2011-10-30 18:05 . 2011-10-30 18:05 -------- d-----w- i:\documents and settings\Administrator\Application Data\Logitech
2011-10-30 18:05 . 2008-04-14 00:12 221184 ----a-w- i:\windows\system32\wmpns.dll
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- I:\rsit
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- i:\program files\trend micro
2011-10-30 09:34 . 2011-10-30 09:37 -------- d-----w- i:\program files\Spybot - Search & Destroy
2011-10-30 08:09 . 2011-10-30 08:09 5874 ----a-w- i:\windows\system32\PerfStringBackup.TMP
2011-10-30 08:05 . 2011-10-30 08:05 -------- d-----w- i:\windows\system32\wbem\Repository
2011-10-28 19:00 . 2011-10-28 19:00 -------- d--h--w- i:\documents and settings\All Users\Application Data\CanonIJEGV
2011-10-19 13:21 . 2011-10-19 13:21 -------- d-----w- i:\program files\Common Files\Java
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- i:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 11:46 . 2011-10-07 15:24 -------- d-----w- i:\documents and settings\ortig\Local Settings\Application Data\Nero_AG
2011-10-07 11:28 . 2011-07-13 11:39 12464 ----a-w- i:\windows\system32\drivers\NBVolUp.sys
2011-10-07 11:28 . 2011-07-13 11:39 56496 ----a-w- i:\windows\system32\drivers\NBVol.sys
2011-10-07 11:23 . 2011-10-07 11:23 -------- d-----w- i:\program files\Microsoft.NET
2011-10-07 11:21 . 2010-05-26 09:41 2106216 ----a-w- i:\windows\system32\D3DCompiler_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1868128 ----a-w- i:\windows\system32\d3dcsx_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 470880 ----a-w- i:\windows\system32\d3dx10_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 248672 ----a-w- i:\windows\system32\d3dx11_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1998168 ----a-w- i:\windows\system32\D3DX9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-29 21:55 . 2011-07-26 21:26 196608 ----a-w- i:\windows\system32\drivers\nStandard.bin
2011-10-13 20:36 . 2011-07-27 01:32 414368 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 03:06 . 2011-07-27 16:57 472808 ----a-w- i:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2011-07-27 16:57 73728 ----a-w- i:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2008-07-29 17:59 611328 ----a-w- i:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2007-07-27 12:00 220160 ----a-w- i:\windows\system32\oleacc.dll
2011-09-26 09:41 . 2007-07-27 12:00 20480 ----a-w- i:\windows\system32\oleaccrc.dll
2011-09-18 11:29 . 2011-09-18 10:12 47360 ----a-w- i:\documents and settings\ortig\Application Data\pcouffin.sys
2011-09-13 04:30 . 2011-03-16 14:03 32592 ----a-w- i:\windows\system32\drivers\avgrkx86.sys
2011-09-09 09:12 . 2007-07-27 12:00 599040 ----a-w- i:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2007-07-27 12:00 1858944 ----a-w- i:\windows\system32\win32k.sys
2011-09-05 13:56 . 2007-07-27 12:00 667136 ----a-w- i:\windows\system32\wininet.dll
2011-09-05 13:56 . 2007-07-27 12:00 61952 ----a-w- i:\windows\system32\tdc.ocx
2011-09-05 13:56 . 2007-07-27 12:00 81920 ----a-w- i:\windows\system32\ieencode.dll
2011-09-05 12:35 . 2007-07-27 12:00 369664 ----a-w- i:\windows\system32\html.iec
2011-08-31 15:00 . 2011-08-21 18:06 22216 ----a-w- i:\windows\system32\drivers\mbam.sys
2011-08-19 09:26 . 2011-05-26 04:05 4334624 ----a-w- i:\windows\system32\drivers\lvuvc.sys
2011-08-19 09:26 . 2011-05-26 04:05 545056 ----a-w- i:\windows\system32\LVUI2.dll
2011-08-19 09:26 . 2011-05-26 04:05 540960 ----a-w- i:\windows\system32\LVUI2RC.dll
2011-08-19 09:26 . 2011-08-19 09:26 196896 ----a-w- i:\windows\system32\lvci13301394.dll
2011-08-19 09:26 . 2011-05-26 04:05 315808 ----a-w- i:\windows\system32\drivers\lvrs.sys
2011-08-19 09:26 . 2011-05-26 04:05 307488 ----a-w- i:\windows\system32\lvcodec2.dll
2011-08-19 09:26 . 2011-05-26 04:05 336408 ----a-w- i:\windows\system32\DevManagerCore.dll
2011-08-19 09:26 . 2011-05-26 04:05 10898456 ----a-w- i:\windows\system32\LogiDPP.dll
2011-08-19 09:26 . 2011-05-26 04:05 104472 ----a-w- i:\windows\system32\LogiDPPApp.exe
2011-08-17 13:49 . 2007-07-27 12:00 138496 ----a-w- i:\windows\system32\drivers\afd.sys
2011-08-12 10:20 . 2011-08-12 10:20 15896 ----a-w- i:\windows\system32\drivers\iKeyLFT2.dll
2011-08-08 04:08 . 2011-03-01 12:25 40016 ----a-w- i:\windows\system32\drivers\avgmfx86.sys
2011-08-03 11:49 . 2011-08-10 07:49 914024 ----a-w- i:\windows\system32\nvdispco32.dll
2011-08-03 11:49 . 2011-08-10 07:49 875112 ----a-w- i:\windows\system32\nvgenco32.dll
2011-08-03 11:49 . 2011-08-09 07:24 253952 ----a-w- i:\windows\system32\nvrsth.dll
2011-08-03 11:49 . 2011-08-09 07:24 600680 ----a-w- i:\windows\system32\easyupdatusapiu.dll
2011-08-03 11:49 . 2011-05-21 04:01 61440 ----a-w- i:\windows\system32\OpenCL.dll
2011-08-03 11:49 . 2011-05-21 04:01 5427200 ----a-w- i:\windows\system32\nvcuda.dll
2011-08-03 11:49 . 2011-05-21 04:01 2387560 ----a-w- i:\windows\system32\nvcuvid.dll
2011-08-03 11:49 . 2011-05-21 04:01 2090088 ----a-w- i:\windows\system32\nvcuvenc.dll
2011-08-03 11:49 . 2011-05-21 04:01 17186816 ----a-w- i:\windows\system32\nvcompiler.dll
2011-08-03 11:49 . 2007-06-28 16:43 54272 ----a-w- i:\windows\system32\nvwddi.dll
2011-08-03 11:49 . 2007-06-28 16:43 4210816 ----a-w- i:\windows\system32\nv4_disp.dll
2011-08-03 11:49 . 2007-06-28 16:43 335872 ----a-w- i:\windows\system32\nvrsar.dll
2011-08-03 11:49 . 2007-06-28 16:43 331776 ----a-w- i:\windows\system32\nvrshe.dll
2011-08-03 11:49 . 2007-06-28 16:43 286720 ----a-w- i:\windows\system32\nvrsfr.dll
2011-08-03 11:49 . 2007-06-28 16:43 282624 ----a-w- i:\windows\system32\nvrsit.dll
2011-08-03 11:49 . 2007-06-28 16:43 282624 ----a-w- i:\windows\system32\nvrses.dll
2011-08-03 11:49 . 2007-06-28 16:43 282624 ----a-w- i:\windows\system32\nvrsel.dll
2011-08-03 11:49 . 2007-06-28 16:43 278528 ----a-w- i:\windows\system32\nvrsde.dll
2011-08-03 11:49 . 2007-06-28 16:43 274432 ----a-w- i:\windows\system32\nvrspt.dll
2011-08-03 11:49 . 2007-06-28 16:43 274432 ----a-w- i:\windows\system32\nvrsnl.dll
2011-08-03 11:49 . 2007-06-28 16:43 274432 ----a-w- i:\windows\system32\nvrsesm.dll
2011-08-03 11:49 . 2007-06-28 16:43 270336 ----a-w- i:\windows\system32\nvrsru.dll
2011-08-03 11:49 . 2007-06-28 16:43 270336 ----a-w- i:\windows\system32\nvrsptb.dll
2011-08-03 11:49 . 2007-06-28 16:43 270336 ----a-w- i:\windows\system32\nvrsja.dll
2011-08-03 11:49 . 2007-06-28 16:43 266240 ----a-w- i:\windows\system32\nvrsko.dll
2011-08-03 11:49 . 2007-06-28 16:43 262144 ----a-w- i:\windows\system32\nvrshu.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrstr.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrssl.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrssk.dll
2011-08-03 11:49 . 2007-06-28 16:43 258048 ----a-w- i:\windows\system32\nvrspl.dll
2011-08-03 11:49 . 2007-06-28 16:43 253952 ----a-w- i:\windows\system32\nvrssv.dll
2011-08-03 11:49 . 2007-06-28 16:43 253952 ----a-w- i:\windows\system32\nvrsno.dll
2011-08-03 11:49 . 2007-06-28 16:43 253952 ----a-w- i:\windows\system32\nvrsda.dll
2011-08-03 11:49 . 2007-06-28 16:43 249856 ----a-w- i:\windows\system32\nvrsfi.dll
2011-08-03 11:49 . 2007-06-28 16:43 249856 ----a-w- i:\windows\system32\nvrseng.dll
2011-08-03 11:49 . 2007-06-28 16:43 249856 ----a-w- i:\windows\system32\nvrscs.dll
2011-08-03 11:49 . 2007-06-28 16:43 2404864 ----a-w- i:\windows\system32\nvapi.dll
2011-08-03 11:49 . 2007-06-28 16:43 229376 ----a-w- i:\windows\system32\nvrszhc.dll
2011-08-03 11:49 . 2007-06-28 16:43 16191488 ----a-w- i:\windows\system32\nvoglnt.dll
2011-08-03 11:49 . 2007-06-28 16:43 146024 ----a-w- i:\windows\system32\nvsvc32.exe
2011-08-03 11:49 . 2007-06-28 16:43 145000 ----a-w- i:\windows\system32\nvcolor.exe
2011-08-03 11:49 . 2007-06-28 16:43 13892200 ----a-w- i:\windows\system32\nvcpl.dll
2011-08-03 11:49 . 2007-06-28 16:43 126976 ----a-w- i:\windows\system32\nvrszht.dll
2011-08-03 11:49 . 2007-06-28 16:43 12542592 ----a-w- i:\windows\system32\drivers\nv4_mini.sys
2011-08-03 11:49 . 2007-06-28 16:43 111208 ----a-w- i:\windows\system32\nvmctray.dll
2011-09-30 21:16 . 2011-07-26 22:04 134104 ----a-w- i:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-30_18.03.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-01 06:07 . 2011-11-01 06:07 16384 i:\windows\Temp\Perflib_Perfdata_c88.dat
+ 2011-10-30 19:34 . 2011-10-30 19:34 22016 i:\windows\Installer\2084d87.msi
+ 2011-10-30 18:46 . 2011-10-30 18:46 371272 i:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
- 2011-10-13 22:21 . 2011-10-13 22:21 371272 i:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-05-30 09:33 2495816 ----a-w- i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- i:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "i:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "i:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="i:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"AVG_TRAY"="i:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"NvCplDaemon"="i:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"nwiz"="i:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"PWRISOVM.EXE"="i:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"LWS"="i:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"EvtMgr6"="i:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1386776]
"ASUSGamerOSD"="i:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- i:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0i:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
i:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-18 01:06 1848648 ----a-w- i:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-11 01:20 689488 ----a-w- i:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-03-04 10:45 2741616 ----a-w- i:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2011-01-13 02:01 6129496 ----a-w- i:\program files\Logitech\Vid HD\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 15:00 449608 ----a-w- i:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-09-01 11:39 966712 ----a-w- i:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 07:27 17351304 ----a-r- i:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"i:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"i:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"i:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 klbugotm;klbugotm;i:\windows\system32\drivers\klbugotm.sys [x]
R1 MpKsl66d216a1;MpKsl66d216a1;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEFD8E68-69E5-4131-A364-A62B670B9070}\MpKsl66d216a1.sys [x]
R1 MpKsl798393d1;MpKsl798393d1;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CD520F7-D556-49C7-8A60-4261EB6E925B}\MpKsl798393d1.sys [x]
R1 MpKsle63aab18;MpKsle63aab18;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BC91B02-8D4D-4881-AF44-DA9903D81FC2}\MpKsle63aab18.sys [x]
R1 MpKsleb2f36c3;MpKsleb2f36c3;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D9A05CC-8DD8-48D2-A0F3-242470FFD7B0}\MpKsleb2f36c3.sys [x]
R1 qtudkgmn;qtudkgmn;i:\windows\system32\drivers\qtudkgmn.sys [x]
R1 wgvhhdzp;wgvhhdzp;i:\windows\system32\drivers\wgvhhdzp.sys [x]
R2 avgfws;AVG Firewall;i:\program files\AVG\AVG2012\avgfws.exe [2011-08-19 2399560]
R2 AVGIDSAgent;AVGIDSAgent;i:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 136176]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;i:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]
R3 Avgfwfd;AVG network filter service;i:\windows\system32\DRIVERS\avgfwdx.sys [2011-05-22 30944]
R3 gupdatem;Služba Google Update (gupdatem);i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 136176]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;i:\windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;i:\windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;i:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;i:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;i:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 NBVol;Nero Backup Volume Filter Driver;i:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;i:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
S1 Avgldx86;AVG AVI Loader Driver;i:\windows\system32\DRIVERS\avgldx86.sys [2011-07-10 229840]
S1 Avgtdix;AVG TDI Driver;i:\windows\system32\DRIVERS\avgtdix.sys [2011-07-10 295248]
S2 avgwd;AVG WatchDog;i:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 LBeepKE;Logitech Beep Suppression Driver;i:\windows\system32\Drivers\LBeepKE.sys [2011-04-30 12184]
S2 nvUpdatusService;NVIDIA Update Service Daemon;i:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 SpeechGridService;SpeechGridService;i:\program files\SpeechGrid\SpeechGridService.exe [2011-09-08 47984]
S2 UMVPFSrv;UMVPFSrv;i:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S2 vToolbarUpdater;vToolbarUpdater;i:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-11 246600]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;i:\windows\system32\DRIVERS\l151x86.sys [2009-04-06 37376]
S3 Avgfwdx;Avgfwdx;i:\windows\system32\DRIVERS\avgfwdx.sys [2011-05-22 30944]
S3 AVGIDSDriver;AVGIDSDriver;i:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 134608]
S3 AVGIDSFilter;AVGIDSFilter;i:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 24272]
S3 AVGIDSShim;AVGIDSShim;i:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-10 16720]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- i:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-01 i:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 19:24]
.
2011-11-01 i:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 19:24]
.
2011-11-01 i:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- i:\program files\Ask.com\UpdateTask.exe [2010-02-04 14:50]
.
.
------- Supplementary Scan -------
.
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - i:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - i:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0sn3a6p7.default\
FF - prefs.js: browser.startup.homepage - www.zoznam.sk
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-01 12:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1436)
i:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(588)
i:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
i:\windows\system32\Msi.dll
i:\program files\Common Files\Microsoft Shared\Web Components\10\1029\OWCI10.DLL
i:\windows\system32\WPDShServiceObj.dll
i:\windows\system32\PortableDeviceTypes.dll
i:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-11-01 12:19:26
ComboFix-quarantined-files.txt 2011-11-01 11:19
ComboFix2.txt 2011-11-01 11:04
ComboFix3.txt 2011-10-30 18:05
.
Pre-Run: 868 341 567 488 bytes free
Post-Run: 12 adresárov, 868 325 388 288 voľných bajtov
.
- - End Of File - - 5ACB3349C3B36C64CCA37C1CCE718EAA

CF nebyl spuštěn skriptem, položky nebyly smazány. Zkuste to znovu.

Už 4 krát som to tam dal všetko prebehne normálne,ale neprepíše to?

ComboFix 11-11-01.02 - Administrator . 11. 2011 15:20:30.4.4 - x86
Running from: i:\documents and settings\ortig\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-01 to 2011-11-01 )))))))))))))))))))))))))))))))
.
.
2011-10-30 20:36 . 2011-10-30 20:37 -------- d-----w- i:\documents and settings\Administrator\Application Data\Nero
2011-10-30 20:35 . 2011-10-30 20:35 -------- d-s---w- i:\documents and settings\Administrator\UserData
2011-10-30 20:28 . 2011-10-30 20:28 -------- d-----w- i:\documents and settings\Administrator\Application Data\Photo DVD Maker
2011-10-30 20:21 . 2011-10-30 20:21 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-10-30 20:14 . 2011-10-30 20:14 -------- d--h--w- i:\windows\system32\GroupPolicy
2011-10-30 19:24 . 2011-10-30 20:21 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Temp
2011-10-30 19:24 . 2011-10-30 19:29 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Google
2011-10-30 19:12 . 2011-10-30 19:12 -------- d-----w- i:\documents and settings\Administrator\Application Data\Anvsoft
2011-10-30 19:09 . 2011-10-30 19:09 -------- d-----w- i:\program files\AnvSoft Photo Flash Maker Professional
2011-10-30 18:53 . 2011-10-30 18:53 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Thunderbird
2011-10-30 18:53 . 2011-10-30 18:53 -------- d-----w- i:\documents and settings\Administrator\Application Data\Thunderbird
2011-10-30 18:51 . 2011-10-30 18:52 -------- d-----w- i:\documents and settings\Administrator\Application Data\Vso
2011-10-30 18:46 . 2011-10-30 20:32 -------- d-----w- i:\documents and settings\Administrator\Application Data\Skype
2011-10-30 18:17 . 2011-10-30 18:17 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2011-10-30 18:15 . 2011-10-30 18:15 -------- d-----w- I:\AVG2012
2011-10-30 18:15 . 2011-10-30 18:15 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\AskToolbar
2011-10-30 18:05 . 2011-10-30 18:05 -------- d-----w- i:\documents and settings\Administrator\Application Data\Logitech
2011-10-30 18:05 . 2008-04-14 00:12 221184 ----a-w- i:\windows\system32\wmpns.dll
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- I:\rsit
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- i:\program files\trend micro
2011-10-30 09:34 . 2011-10-30 09:37 -------- d-----w- i:\program files\Spybot - Search & Destroy
2011-10-30 08:09 . 2011-10-30 08:09 5874 ----a-w- i:\windows\system32\PerfStringBackup.TMP
2011-10-30 08:05 . 2011-10-30 08:05 -------- d-----w- i:\windows\system32\wbem\Repository
2011-10-28 19:00 . 2011-10-28 19:00 -------- d--h--w- i:\documents and settings\All Users\Application Data\CanonIJEGV
2011-10-19 13:21 . 2011-10-19 13:21 -------- d-----w- i:\program files\Common Files\Java
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- i:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 11:46 . 2011-10-07 15:24 -------- d-----w- i:\documents and settings\ortig\Local Settings\Application Data\Nero_AG
2011-10-07 11:28 . 2011-07-13 11:39 12464 ----a-w- i:\windows\system32\drivers\NBVolUp.sys
2011-10-07 11:28 . 2011-07-13 11:39 56496 ----a-w- i:\windows\system32\drivers\NBVol.sys
2011-10-07 11:23 . 2011-10-07 11:23 -------- d-----w- i:\program files\Microsoft.NET
2011-10-07 11:21 . 2010-05-26 09:41 2106216 ----a-w- i:\windows\system32\D3DCompiler_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1868128 ----a-w- i:\windows\system32\d3dcsx_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 470880 ----a-w- i:\windows\system32\d3dx10_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 248672 ----a-w- i:\windows\system32\d3dx11_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1998168 ----a-w- i:\windows\system32\D3DX9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-29 21:55 . 2011-07-26 21:26 196608 ----a-w- i:\windows\system32\drivers\nStandard.bin
2011-10-13 20:36 . 2011-07-27 01:32 414368 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 03:06 . 2011-07-27 16:57 472808 ----a-w- i:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2011-07-27 16:57 73728 ----a-w- i:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2008-07-29 17:59 611328 ----a-w- i:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2007-07-27 12:00 220160 ----a-w- i:\windows\system32\oleacc.dll
2011-09-26 09:41 . 2007-07-27 12:00 20480 ----a-w- i:\windows\system32\oleaccrc.dll
2011-09-18 11:29 . 2011-09-18 10:12 47360 ----a-w- i:\documents and settings\ortig\Application Data\pcouffin.sys
2011-09-13 04:30 . 2011-03-16 14:03 32592 ----a-w- i:\windows\system32\drivers\avgrkx86.sys
2011-09-09 09:12 . 2007-07-27 12:00 599040 ----a-w- i:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2007-07-27 12:00 1858944 ----a-w- i:\windows\system32\win32k.sys
2011-09-05 13:56 . 2007-07-27 12:00 667136 ----a-w- i:\windows\system32\wininet.dll
2011-09-05 13:56 . 2007-07-27 12:00 61952 ----a-w- i:\windows\system32\tdc.ocx
2011-09-05 13:56 . 2007-07-27 12:00 81920 ----a-w- i:\windows\system32\ieencode.dll
2011-09-05 12:35 . 2007-07-27 12:00 369664 ----a-w- i:\windows\system32\html.iec
2011-08-31 15:00 . 2011-08-21 18:06 22216 ----a-w- i:\windows\system32\drivers\mbam.sys
2011-08-19 09:26 . 2011-05-26 04:05 4334624 ----a-w- i:\windows\system32\drivers\lvuvc.sys
2011-08-19 09:26 . 2011-05-26 04:05 545056 ----a-w- i:\windows\system32\LVUI2.dll
2011-08-19 09:26 . 2011-05-26 04:05 540960 ----a-w- i:\windows\system32\LVUI2RC.dll
2011-08-19 09:26 . 2011-08-19 09:26 196896 ----a-w- i:\windows\system32\lvci13301394.dll
2011-08-19 09:26 . 2011-05-26 04:05 315808 ----a-w- i:\windows\system32\drivers\lvrs.sys
2011-08-19 09:26 . 2011-05-26 04:05 307488 ----a-w- i:\windows\system32\lvcodec2.dll
2011-08-19 09:26 . 2011-05-26 04:05 336408 ----a-w- i:\windows\system32\DevManagerCore.dll
2011-08-19 09:26 . 2011-05-26 04:05 10898456 ----a-w- i:\windows\system32\LogiDPP.dll
2011-08-19 09:26 . 2011-05-26 04:05 104472 ----a-w- i:\windows\system32\LogiDPPApp.exe
2011-08-17 13:49 . 2007-07-27 12:00 138496 ----a-w- i:\windows\system32\drivers\afd.sys
2011-08-12 10:20 . 2011-08-12 10:20 15896 ----a-w- i:\windows\system32\drivers\iKeyLFT2.dll
2011-08-08 04:08 . 2011-03-01 12:25 40016 ----a-w- i:\windows\system32\drivers\avgmfx86.sys
2011-09-30 21:16 . 2011-07-26 22:04 134104 ----a-w- i:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-30_18.03.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-01 14:01 . 2011-11-01 14:01 16384 i:\windows\Temp\Perflib_Perfdata_fb4.dat
+ 2011-10-30 19:34 . 2011-10-30 19:34 22016 i:\windows\Installer\2084d87.msi
+ 2011-10-30 18:46 . 2011-10-30 18:46 371272 i:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
- 2011-10-13 22:21 . 2011-10-13 22:21 371272 i:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-05-30 09:33 2495816 ----a-w- i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- i:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "i:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "i:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="i:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"AVG_TRAY"="i:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"NvCplDaemon"="i:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"nwiz"="i:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"PWRISOVM.EXE"="i:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"LWS"="i:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"EvtMgr6"="i:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1386776]
"ASUSGamerOSD"="i:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- i:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0i:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
i:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-18 01:06 1848648 ----a-w- i:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-11 01:20 689488 ----a-w- i:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-03-04 10:45 2741616 ----a-w- i:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2011-01-13 02:01 6129496 ----a-w- i:\program files\Logitech\Vid HD\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 15:00 449608 ----a-w- i:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-09-01 11:39 966712 ----a-w- i:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 07:27 17351304 ----a-r- i:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"i:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"i:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"i:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 klbugotm;klbugotm;i:\windows\system32\drivers\klbugotm.sys [x]
R1 MpKsl66d216a1;MpKsl66d216a1;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEFD8E68-69E5-4131-A364-A62B670B9070}\MpKsl66d216a1.sys [x]
R1 MpKsl798393d1;MpKsl798393d1;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CD520F7-D556-49C7-8A60-4261EB6E925B}\MpKsl798393d1.sys [x]
R1 MpKsle63aab18;MpKsle63aab18;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BC91B02-8D4D-4881-AF44-DA9903D81FC2}\MpKsle63aab18.sys [x]
R1 MpKsleb2f36c3;MpKsleb2f36c3;i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D9A05CC-8DD8-48D2-A0F3-242470FFD7B0}\MpKsleb2f36c3.sys [x]
R1 qtudkgmn;qtudkgmn;i:\windows\system32\drivers\qtudkgmn.sys [x]
R1 wgvhhdzp;wgvhhdzp;i:\windows\system32\drivers\wgvhhdzp.sys [x]
R2 avgfws;AVG Firewall;i:\program files\AVG\AVG2012\avgfws.exe [2011-08-19 2399560]
R2 AVGIDSAgent;AVGIDSAgent;i:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 136176]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;i:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]
R3 Avgfwfd;AVG network filter service;i:\windows\system32\DRIVERS\avgfwdx.sys [2011-05-22 30944]
R3 gupdatem;Služba Google Update (gupdatem);i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 136176]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;i:\windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;i:\windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;i:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;i:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;i:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 NBVol;Nero Backup Volume Filter Driver;i:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;i:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
S1 Avgldx86;AVG AVI Loader Driver;i:\windows\system32\DRIVERS\avgldx86.sys [2011-07-10 229840]
S1 Avgtdix;AVG TDI Driver;i:\windows\system32\DRIVERS\avgtdix.sys [2011-07-10 295248]
S2 avgwd;AVG WatchDog;i:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 LBeepKE;Logitech Beep Suppression Driver;i:\windows\system32\Drivers\LBeepKE.sys [2011-04-30 12184]
S2 nvUpdatusService;NVIDIA Update Service Daemon;i:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 SpeechGridService;SpeechGridService;i:\program files\SpeechGrid\SpeechGridService.exe [2011-09-08 47984]
S2 UMVPFSrv;UMVPFSrv;i:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S2 vToolbarUpdater;vToolbarUpdater;i:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-11 246600]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;i:\windows\system32\DRIVERS\l151x86.sys [2009-04-06 37376]
S3 Avgfwdx;Avgfwdx;i:\windows\system32\DRIVERS\avgfwdx.sys [2011-05-22 30944]
S3 AVGIDSDriver;AVGIDSDriver;i:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 134608]
S3 AVGIDSFilter;AVGIDSFilter;i:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 24272]
S3 AVGIDSShim;AVGIDSShim;i:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-10 16720]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- i:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-01 i:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 19:24]
.
2011-11-01 i:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 19:24]
.
2011-11-01 i:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- i:\program files\Ask.com\UpdateTask.exe [2010-02-04 14:50]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - i:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - i:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0sn3a6p7.default\
FF - prefs.js: browser.startup.homepage - www.zoznam.sk
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-01 15:23
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1440)
i:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(1116)
i:\windows\system32\msi.dll
i:\windows\system32\WPDShServiceObj.dll
i:\windows\system32\PortableDeviceTypes.dll
i:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-11-01 15:24:38
ComboFix-quarantined-files.txt 2011-11-01 14:24
ComboFix2.txt 2011-11-01 11:19
ComboFix3.txt 2011-11-01 11:04
ComboFix4.txt 2011-10-30 18:05
.
Pre-Run: 868 135 616 512 bytes free
Post-Run: 12 adresárov, 868 123 090 944 voľných bajtov
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2DED87A71C9BDC72898DEF651935BD93

V záhlaví logu není psáno, že by byl spuštěn s přepinačem Použité ovládací přepínače :: i:\documents and settings\ortig\Desktop\CFScript.txt To je důkaz, že jste skript nepřetáhl nad ikonu ComboFix, kterou máte na ploše.

Moja chyba zle som napísal CFScript.txt a zato to neprešlo. Až keď vyhodilo tabulku Were you trying to run CFScript? The name, CFScript appears to be incorrectly spelt ..som prišiel na chybu.

ComboFix 11-11-01.04 - ortig 01.11.2011 18:24:18.5.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3327.2760 [GMT 1:00]
Running from: i:\documents and settings\ortig\Desktop\ComboFix.exe
Command switches used :: i:\documents and settings\ortig\Desktop\CFScript.txt.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
i:\program files\Ask.com
i:\program files\Ask.com\cobrand.ico
i:\program files\Ask.com\config.xml
i:\program files\Ask.com\favicon.ico
i:\program files\Ask.com\GenericAskToolbar.dll
i:\program files\Ask.com\mupcfg.xml
i:\program files\Ask.com\SaUpdate.exe
i:\program files\Ask.com\UpdateTask.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-01 to 2011-11-01 )))))))))))))))))))))))))))))))
.
.
2011-10-30 20:36 . 2011-10-30 20:37 -------- d-----w- i:\documents and settings\Administrator\Application Data\Nero
2011-10-30 20:35 . 2011-10-30 20:35 -------- d-s---w- i:\documents and settings\Administrator\UserData
2011-10-30 20:28 . 2011-10-30 20:28 -------- d-----w- i:\documents and settings\Administrator\Application Data\Photo DVD Maker
2011-10-30 20:21 . 2011-10-30 20:21 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2011-10-30 20:14 . 2011-10-30 20:14 -------- d--h--w- i:\windows\system32\GroupPolicy
2011-10-30 19:24 . 2011-10-30 20:21 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Temp
2011-10-30 19:24 . 2011-10-30 19:29 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Google
2011-10-30 19:12 . 2011-10-30 19:12 -------- d-----w- i:\documents and settings\Administrator\Application Data\Anvsoft
2011-10-30 19:09 . 2011-10-30 19:09 -------- d-----w- i:\program files\AnvSoft Photo Flash Maker Professional
2011-10-30 18:53 . 2011-10-30 18:53 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Thunderbird
2011-10-30 18:53 . 2011-10-30 18:53 -------- d-----w- i:\documents and settings\Administrator\Application Data\Thunderbird
2011-10-30 18:51 . 2011-10-30 18:52 -------- d-----w- i:\documents and settings\Administrator\Application Data\Vso
2011-10-30 18:46 . 2011-10-30 20:32 -------- d-----w- i:\documents and settings\Administrator\Application Data\Skype
2011-10-30 18:17 . 2011-10-30 18:17 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2011-10-30 18:15 . 2011-10-30 18:15 -------- d-----w- I:\AVG2012
2011-10-30 18:15 . 2011-10-30 18:15 -------- d-----w- i:\documents and settings\Administrator\Local Settings\Application Data\AskToolbar
2011-10-30 18:05 . 2011-10-30 18:05 -------- d-----w- i:\documents and settings\Administrator\Application Data\Logitech
2011-10-30 18:05 . 2008-04-14 00:12 221184 ----a-w- i:\windows\system32\wmpns.dll
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- I:\rsit
2011-10-30 11:57 . 2011-10-30 11:57 -------- d-----w- i:\program files\trend micro
2011-10-30 09:34 . 2011-10-30 09:37 -------- d-----w- i:\program files\Spybot - Search & Destroy
2011-10-30 08:09 . 2011-10-30 08:09 5874 ----a-w- i:\windows\system32\PerfStringBackup.TMP
2011-10-30 08:05 . 2011-10-30 08:05 -------- d-----w- i:\windows\system32\wbem\Repository
2011-10-28 19:00 . 2011-10-28 19:00 -------- d--h--w- i:\documents and settings\All Users\Application Data\CanonIJEGV
2011-10-19 13:21 . 2011-10-19 13:21 -------- d-----w- i:\program files\Common Files\Java
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- i:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 11:46 . 2011-10-07 15:24 -------- d-----w- i:\documents and settings\ortig\Local Settings\Application Data\Nero_AG
2011-10-07 11:28 . 2011-07-13 11:39 12464 ----a-w- i:\windows\system32\drivers\NBVolUp.sys
2011-10-07 11:28 . 2011-07-13 11:39 56496 ----a-w- i:\windows\system32\drivers\NBVol.sys
2011-10-07 11:23 . 2011-10-07 11:23 -------- d-----w- i:\program files\Microsoft.NET
2011-10-07 11:21 . 2010-05-26 09:41 2106216 ----a-w- i:\windows\system32\D3DCompiler_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1868128 ----a-w- i:\windows\system32\d3dcsx_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 470880 ----a-w- i:\windows\system32\d3dx10_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 248672 ----a-w- i:\windows\system32\d3dx11_43.dll
2011-10-07 11:21 . 2010-05-26 09:41 1998168 ----a-w- i:\windows\system32\D3DX9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-29 21:55 . 2011-07-26 21:26 196608 ----a-w- i:\windows\system32\drivers\nStandard.bin
2011-10-13 20:36 . 2011-07-27 01:32 414368 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 03:06 . 2011-07-27 16:57 472808 ----a-w- i:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2011-07-27 16:57 73728 ----a-w- i:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2008-07-29 17:59 611328 ----a-w- i:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2007-07-27 12:00 220160 ----a-w- i:\windows\system32\oleacc.dll
2011-09-26 09:41 . 2007-07-27 12:00 20480 ----a-w- i:\windows\system32\oleaccrc.dll
2011-09-18 11:29 . 2011-09-18 10:12 47360 ----a-w- i:\documents and settings\ortig\Application Data\pcouffin.sys
2011-09-13 04:30 . 2011-03-16 14:03 32592 ----a-w- i:\windows\system32\drivers\avgrkx86.sys
2011-09-09 09:12 . 2007-07-27 12:00 599040 ----a-w- i:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2007-07-27 12:00 1858944 ----a-w- i:\windows\system32\win32k.sys
2011-09-05 13:56 . 2007-07-27 12:00 667136 ----a-w- i:\windows\system32\wininet.dll
2011-09-05 13:56 . 2007-07-27 12:00 61952 ----a-w- i:\windows\system32\tdc.ocx
2011-09-05 13:56 . 2007-07-27 12:00 81920 ----a-w- i:\windows\system32\ieencode.dll
2011-09-05 12:35 . 2007-07-27 12:00 369664 ----a-w- i:\windows\system32\html.iec
2011-08-31 15:00 . 2011-08-21 18:06 22216 ----a-w- i:\windows\system32\drivers\mbam.sys
2011-08-19 09:26 . 2011-05-26 04:05 4334624 ----a-w- i:\windows\system32\drivers\lvuvc.sys
2011-08-19 09:26 . 2011-05-26 04:05 545056 ----a-w- i:\windows\system32\LVUI2.dll
2011-08-19 09:26 . 2011-05-26 04:05 540960 ----a-w- i:\windows\system32\LVUI2RC.dll
2011-08-19 09:26 . 2011-08-19 09:26 196896 ----a-w- i:\windows\system32\lvci13301394.dll
2011-08-19 09:26 . 2011-05-26 04:05 315808 ----a-w- i:\windows\system32\drivers\lvrs.sys
2011-08-19 09:26 . 2011-05-26 04:05 307488 ----a-w- i:\windows\system32\lvcodec2.dll
2011-08-19 09:26 . 2011-05-26 04:05 336408 ----a-w- i:\windows\system32\DevManagerCore.dll
2011-08-19 09:26 . 2011-05-26 04:05 10898456 ----a-w- i:\windows\system32\LogiDPP.dll
2011-08-19 09:26 . 2011-05-26 04:05 104472 ----a-w- i:\windows\system32\LogiDPPApp.exe
2011-08-17 13:49 . 2007-07-27 12:00 138496 ----a-w- i:\windows\system32\drivers\afd.sys
2011-08-12 10:20 . 2011-08-12 10:20 15896 ----a-w- i:\windows\system32\drivers\iKeyLFT2.dll
2011-08-08 04:08 . 2011-03-01 12:25 40016 ----a-w- i:\windows\system32\drivers\avgmfx86.sys
2011-09-30 21:16 . 2011-07-26 22:04 134104 ----a-w- i:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-30_18.03.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-01 14:01 . 2011-11-01 14:01 16384 i:\windows\Temp\Perflib_Perfdata_fb4.dat
+ 2011-10-30 19:34 . 2011-10-30 19:34 22016 i:\windows\Installer\2084d87.msi
+ 2011-10-30 18:46 . 2011-10-30 18:46 371272 i:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
- 2011-10-13 22:21 . 2011-10-13 22:21 371272 i:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-05-30 09:33 2495816 ----a-w- i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="i:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"AVG_TRAY"="i:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"NvCplDaemon"="i:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"nwiz"="i:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"PWRISOVM.EXE"="i:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"LWS"="i:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"EvtMgr6"="i:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1386776]
"ASUSGamerOSD"="i:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"Adobe ARM"="i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="i:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
i:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - i:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- i:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0i:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
i:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-18 01:06 1848648 ----a-w- i:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-11 01:20 689488 ----a-w- i:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-03-04 10:45 2741616 ----a-w- i:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2011-01-13 02:01 6129496 ----a-w- i:\program files\Logitech\Vid HD\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 15:00 449608 ----a-w- i:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-09-01 11:39 966712 ----a-w- i:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 07:27 17351304 ----a-r- i:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"i:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"i:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"i:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"i:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AVGIDSEH;AVGIDSEH;i:\windows\system32\drivers\AVGIDSEH.sys [22.2.2011 7:13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;i:\windows\system32\drivers\avgrkx86.sys [16.3.2011 15:03 32592]
R0 NBVol;Nero Backup Volume Filter Driver;i:\windows\system32\drivers\NBVol.sys [7.10.2011 12:28 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;i:\windows\system32\drivers\NBVolUp.sys [7.10.2011 12:28 12464]
R1 Avgldx86;AVG AVI Loader Driver;i:\windows\system32\drivers\avgldx86.sys [7.1.2011 5:41 229840]
R1 Avgtdix;AVG TDI Driver;i:\windows\system32\drivers\avgtdix.sys [4.4.2011 23:59 295248]
R2 avgwd;AVG WatchDog;i:\program files\AVG\AVG2012\avgwdsvc.exe [2.8.2011 5:09 192776]
R2 LBeepKE;Logitech Beep Suppression Driver;i:\windows\system32\drivers\LBeepKE.sys [27.7.2011 13:31 12184]
R2 nvUpdatusService;NVIDIA Update Service Daemon;i:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9.8.2011 8:24 2255464]
R2 SpeechGridService;SpeechGridService;i:\program files\SpeechGrid\SpeechGridService.exe [9.9.2011 0:20 47984]
R2 UMVPFSrv;UMVPFSrv;i:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [26.5.2011 5:05 450848]
R2 vToolbarUpdater;vToolbarUpdater;i:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [11.9.2011 17:46 246600]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;i:\windows\system32\drivers\l151x86.sys [6.4.2009 5:40 37376]
R3 Avgfwdx;Avgfwdx;i:\windows\system32\drivers\avgfwdx.sys [12.7.2010 3:33 30944]
R3 AVGIDSDriver;AVGIDSDriver;i:\windows\system32\drivers\AVGIDSDriver.sys [14.4.2011 20:28 134608]
R3 AVGIDSFilter;AVGIDSFilter;i:\windows\system32\drivers\AVGIDSFilter.sys [10.2.2011 6:53 24272]
R3 AVGIDSShim;AVGIDSShim;i:\windows\system32\drivers\AVGIDSShim.sys [10.2.2011 6:53 16720]
S1 klbugotm;klbugotm;\??\i:\windows\system32\drivers\klbugotm.sys --> i:\windows\system32\drivers\klbugotm.sys [?]
S1 MpKsl66d216a1;MpKsl66d216a1;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEFD8E68-69E5-4131-A364-A62B670B9070}\MpKsl66d216a1.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEFD8E68-69E5-4131-A364-A62B670B9070}\MpKsl66d216a1.sys [?]
S1 MpKsl798393d1;MpKsl798393d1;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CD520F7-D556-49C7-8A60-4261EB6E925B}\MpKsl798393d1.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CD520F7-D556-49C7-8A60-4261EB6E925B}\MpKsl798393d1.sys [?]
S1 MpKsle63aab18;MpKsle63aab18;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BC91B02-8D4D-4881-AF44-DA9903D81FC2}\MpKsle63aab18.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BC91B02-8D4D-4881-AF44-DA9903D81FC2}\MpKsle63aab18.sys [?]
S1 MpKsleb2f36c3;MpKsleb2f36c3;\??\i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D9A05CC-8DD8-48D2-A0F3-242470FFD7B0}\MpKsleb2f36c3.sys --> i:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D9A05CC-8DD8-48D2-A0F3-242470FFD7B0}\MpKsleb2f36c3.sys [?]
S1 qtudkgmn;qtudkgmn;\??\i:\windows\system32\drivers\qtudkgmn.sys --> i:\windows\system32\drivers\qtudkgmn.sys [?]
S1 wgvhhdzp;wgvhhdzp;\??\i:\windows\system32\drivers\wgvhhdzp.sys --> i:\windows\system32\drivers\wgvhhdzp.sys [?]
S2 avgfws;AVG Firewall;i:\program files\AVG\AVG2012\avgfws.exe [19.8.2011 5:24 2399560]
S2 AVGIDSAgent;AVGIDSAgent;i:\program files\AVG\AVG2012\AVGIDSAgent.exe [12.9.2011 5:23 5265248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 gupdate;Služba Google Update (gupdate);i:\program files\Google\Update\GoogleUpdate.exe [30.10.2011 20:24 136176]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;i:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [29.7.2011 15:51 1025352]
S3 Avgfwfd;AVG network filter service;i:\windows\system32\drivers\avgfwdx.sys [12.7.2010 3:33 30944]
S3 gupdatem;Služba Google Update (gupdatem);i:\program files\Google\Update\GoogleUpdate.exe [30.10.2011 20:24 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;i:\windows\system32\drivers\nmwcdnsu.sys [7.8.2011 16:33 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;i:\windows\system32\drivers\nmwcdnsuc.sys [7.8.2011 16:33 8576]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;i:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- i:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-01 i:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 19:24]
.
2011-11-01 i:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- i:\program files\Google\Update\GoogleUpdate.exe [2011-10-30 19:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zoznam.sk/
IE: E&xportovat do aplikace Microsoft Excel - i:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - i:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - i:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - i:\documents and settings\ortig\Application Data\Mozilla\Firefox\Profiles\tlwapz0z.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - www.zoznam.sk
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4e32c90e&v=7.007.026.001&i=26&tp=ab&iy=&ychte=us&lng=sk&q=
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-01 18:28
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1440)
i:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Completion time: 2011-11-01 18:29:46
ComboFix-quarantined-files.txt 2011-11-01 17:29
ComboFix2.txt 2011-11-01 14:24
ComboFix3.txt 2011-11-01 11:19
ComboFix4.txt 2011-11-01 11:04
ComboFix5.txt 2011-11-01 17:11
.
Pre-Run: 868 087 300 096 bytes free
Post-Run: 12 adresárov, 868 069 380 096 voľných bajtov
.
- - End Of File - - D4BAA83233D2F945AECB5D79E921336B

Teď je to v pořádku. Nastala nějaká změna?

Zatiaľ stále rovnako, bez zmeny.

Pak to není virový problém. Zkuste obnovu systému k datu, kdy korektně fungoval.

To som skúšal hneď, ale nepomohlo to. Dík za snahu.

Zkuste opravit XPManagerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=17549 .

PC je ok len tie ikony na ploche by som potreboval opraviť,aby tam neboli tie tiene pod ikonamy.
Ten WinXP Manager som skúšal ale aj tam zostali na ploche ikony bez zmeny.