VIRY.CZ

Zdravím, tento počítač máme 4 roky, a je totálne spomalený a avast vyhadzuje vírusi ktoré sa nedajú vôbec odstrániť.. Prosím skontrolovať log, a určite sa tam najde najmenej 20 a viac vírusov.

Prikladám log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-03-31 08:39:10
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 103 GB (67%) free of 153 GB
Total RAM: 511 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:39:28, on 31.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
C:\WINDOWS\system32\taskmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14780&l=dis
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: MAX EN Atube Toolbar - {b6315c48-f861-4913-9578-1b5fac41ebe0} - C:\Program Files\MAX_EN_Atube\tbMAX_.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MAX EN Atube Toolbar - {b6315c48-f861-4913-9578-1b5fac41ebe0} - C:\Program Files\MAX_EN_Atube\tbMAX_.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MAX EN Atube Toolbar - {b6315c48-f861-4913-9578-1b5fac41ebe0} - C:\Program Files\MAX_EN_Atube\tbMAX_.dll
O3 - Toolbar: VDownloader Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O6 "USB001" /M "Stylus C43"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.80\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.80\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - http://i.imdb.com/Photos/Ss/0172495/th-9
O24 - Desktop Component 1: (no name) - http://tbn0.google.com/images?q=tbn:JH9 ... /tiger.jpg
O24 - Desktop Component 2: (no name) - http://62.168.117.253/o/74/js/functions7.js

--
End of file - 8461 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6315c48-f861-4913-9578-1b5fac41ebe0}]
MAX EN Atube Toolbar - C:\Program Files\MAX_EN_Atube\tbMAX_.dll [2010-02-22 2353176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
VDownloader Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{b6315c48-f861-4913-9578-1b5fac41ebe0} - MAX EN Atube Toolbar - C:\Program Files\MAX_EN_Atube\tbMAX_.dll [2010-02-22 2353176]
{D4027C7F-154A-4066-A1AD-4243D8127440} - VDownloader Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-04 16120832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-04-28 7573504]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-04-28 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"EPSON Stylus C43 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-12-10 75776]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 241704]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\Warcraft III.exe"="D:\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\War3.exe"="D:\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Sierra\SWAT3\swat.exe"="C:\Program Files\Sierra\SWAT3\swat.exe:*:Enabled:Swat 3 : Close Quarters Battle"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\CS\HL.EXE"="D:\CS\HL.EXE:*:Enabled:Half-Life Launcher"
"D:\CS\CSTRIKE.EXE"="D:\CS\CSTRIKE.EXE:*:Disabled:Half-Life Launcher"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Edisk\eDisk klient\eDisk klient.exe"="C:\Program Files\Edisk\eDisk klient\eDisk klient.exe:*:Enabled:eDisk klient"
"C:\Program Files\Counter Strike\Valve\hl.exe"="C:\Program Files\Counter Strike\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Administrator\Desktop\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe"="C:\Documents and Settings\Administrator\Desktop\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Documents and Settings\Administrator\Desktop\World of Warcraft\BackgroundDownloader.exe"="C:\Documents and Settings\Administrator\Desktop\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\Documents and Settings\Administrator\Desktop\WoW 3.1.3\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe"="C:\Documents and Settings\Administrator\Desktop\WoW 3.1.3\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Documents and Settings\Administrator\Desktop\WoW 3.1.3\BackgroundDownloader.exe"="C:\Documents and Settings\Administrator\Desktop\WoW 3.1.3\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Administrator\temp\TeamViewer\Version5\TeamViewer.exe"="C:\Documents and Settings\Administrator\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe9e1874-01b1-11de-be5b-001617736b06}]
shell\AutoRun\command - E:\Installer.exe

======List of files/folders created in the last 1 months======

2010-03-31 08:39:10 ----D---- C:\rsit
2010-03-30 13:13:16 ----D---- C:\Program Files\trend micro
2010-03-30 13:07:43 ----D---- C:\Documents and Settings\Administrator\Application Data\TeamViewer
2010-03-17 22:27:41 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-17 22:27:35 ----D---- C:\Program Files\MSBuild
2010-03-17 22:27:32 ----D---- C:\WINDOWS\system32\en-US
2010-03-17 22:27:22 ----D---- C:\Program Files\Reference Assemblies
2010-03-17 22:26:18 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-17 22:26:18 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-17 22:26:18 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-17 22:26:17 ----D---- C:\adfd5db93d8e1917216d6cbddba2
2010-03-17 22:16:19 ----D---- C:\Program Files\VDownloaders
2010-03-17 21:56:41 ----D---- C:\Program Files\Ask.com
2010-03-17 21:56:20 ----A---- C:\Program Files\Common Files\AskToolbarInstaller.exe
2010-03-17 21:13:19 ----D---- C:\Program Files\MSXML 6.0
2010-03-17 15:17:47 ----D---- C:\Program Files\Conduit
2010-03-17 15:17:45 ----D---- C:\Program Files\MAX_EN_Atube
2010-03-17 15:15:35 ----D---- C:\Program Files\DsNET Corp
2010-03-08 18:28:02 ----D---- C:\Program Files\Common Files\Skype
2010-03-08 18:27:58 ----RD---- C:\Program Files\Skype

======List of files/folders modified in the last 1 months======

2010-03-31 08:34:39 ----D---- C:\WINDOWS\msagent
2010-03-31 08:33:30 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-31 08:33:06 ----D---- C:\Program Files\Mozilla Firefox
2010-03-31 08:32:49 ----D---- C:\WINDOWS\Prefetch
2010-03-31 08:18:37 ----D---- C:\Program Files\Valve
2010-03-31 07:34:25 ----D---- C:\WINDOWS\Temp
2010-03-30 21:35:16 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2010-03-30 16:00:13 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2010-03-30 13:13:16 ----RD---- C:\Program Files
2010-03-29 19:01:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-29 08:05:21 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2010-03-28 22:18:57 ----HD---- C:\WINDOWS\inf
2010-03-28 20:28:18 ----D---- C:\WINDOWS\system32
2010-03-28 20:28:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-18 15:04:02 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-18 15:04:00 ----RSD---- C:\WINDOWS\assembly
2010-03-18 08:29:32 ----D---- C:\Program Files\Common Files
2010-03-18 08:21:14 ----D---- C:\WINDOWS
2010-03-17 22:29:40 ----SHD---- C:\WINDOWS\Installer
2010-03-17 22:29:40 ----SHD---- C:\Config.Msi
2010-03-17 22:27:30 ----RSD---- C:\WINDOWS\Fonts
2010-03-17 22:26:55 ----D---- C:\WINDOWS\system32\spool
2010-03-17 22:26:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-17 22:25:32 ----D---- C:\WINDOWS\WinSxS
2010-03-17 22:22:42 ----D---- C:\WINDOWS\system32\mui
2010-03-17 21:56:54 ----SD---- C:\WINDOWS\Tasks
2010-03-17 21:43:03 ----D---- C:\Program Files\Webteh
2010-03-08 18:27:57 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-03-01 20:56:14 ----D---- C:\WINDOWS\system32\config
2010-03-01 20:55:47 ----D---- C:\WINDOWS\system32\wbem
2010-03-01 20:55:46 ----D---- C:\WINDOWS\Registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-23 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-23 55936]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-06 4258816]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-04-28 3663040]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-08-24 10368]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 adxapie;adxapie; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\adxapie.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-02-04 25280]
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 ovt519;VGA USB Camera; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-09-25 174530]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-05-01 88688]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2006-08-24 223128]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-10-24 61504]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-04-28 143426]
R2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
S2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Hezké dopoledne

Kde Avast viry hlásí? V kterých souborech?

odinstalujte Askbar a daemon tools toolbar

Taktiež mi blbnu nejak ikonky, vôbec su neni prehladné ale su modré a pozadie stým modrým to je špatné, nedá sa to spraviť tak aby to bolo prehliadne tie ikonky? A taktiež mi niečo vypisuje dole v pravom rohu že nejaký windows legal či čoto, a popritom sme windows dostali z kúpou počítača. A taktiež to vypisuje pri štarte počítača stým windowsom, mohli by ste to nejak odstrániť prosím?

Obrázek

Deamon Tools Bar odinštalovaný a taktiež všetky iné, a ten Askbar vôbec nemám ako program na odinštalovanie

Tak zvyčajne dávam presunuť do truhly, je ich tam okolo 1000, tu su tie zvyčajne ktoré furt nabiehajú

Obrázek

Podle toho co Vám windows píše, tak je máte nelegální. Máte někde na bedně počítače takový štítek s licenčním číslem?

Pro jistotu si zazálohujte důležitá data

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

Combofix,

ComboFix 10-03-29.04 - Administrator 31.03.2010 10:50:12.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.511.201 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100330-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\noskrnl.config
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((( Files Created from 2010-02-28 to 2010-03-31 )))))))))))))))))))))))))))))))
.

2010-03-31 06:43 . 2010-03-31 06:43 -------- d-----w- c:\program files\CCleaner
2010-03-30 11:07 . 2010-03-30 11:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer
2010-03-30 11:07 . 2010-03-30 11:07 -------- d-----w- c:\documents and settings\Administrator\temp
2010-03-17 20:33 . 2010-03-17 20:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\VDownloader
2010-03-17 20:28 . 2010-03-29 17:01 2432 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-03-17 20:27 . 2010-03-17 20:27 -------- d-----w- c:\windows\system32\XPSViewer
2010-03-17 20:16 . 2010-03-29 18:44 -------- d-----w- c:\program files\VDownloaders
2010-03-17 19:56 . 2010-02-10 15:18 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
2010-03-17 19:13 . 2010-03-17 19:13 -------- d-----w- c:\program files\MSXML 6.0
2010-03-17 13:17 . 2010-03-17 13:17 -------- d-----w- c:\program files\Conduit
2010-03-17 13:17 . 2010-03-17 13:17 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Conduit
2010-03-17 13:17 . 2010-01-20 11:17 52224 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\f2jvb1dt.default\extensions\{b6315c48-f861-4913-9578-1b5fac41ebe0}\components\FFExternalAlert.dll
2010-03-17 13:17 . 2010-01-20 11:17 101376 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\f2jvb1dt.default\extensions\{b6315c48-f861-4913-9578-1b5fac41ebe0}\components\RadioWMPCore.dll
2010-03-17 13:15 . 2010-03-17 13:15 -------- d-----w- c:\program files\DsNET Corp
2010-03-08 16:28 . 2010-03-08 16:28 -------- d-----w- c:\program files\Common Files\Skype
2010-03-08 16:27 . 2010-03-31 07:00 -------- d-----r- c:\program files\Skype
2010-03-01 18:55 . 2010-03-01 18:55 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-31 08:47 . 2008-09-05 16:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2010-03-31 08:13 . 2009-11-23 08:05 -------- d-----w- c:\program files\Valve
2010-03-31 08:05 . 2008-09-05 16:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2010-03-31 07:25 . 2006-08-23 08:40 66504 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-31 06:58 . 2006-08-23 09:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-31 06:58 . 2009-10-27 14:35 -------- d-----w- c:\program files\Lineage II
2010-03-31 06:57 . 2008-04-02 14:00 -------- d-----w- c:\program files\ICQToolbar
2010-03-29 06:05 . 2009-08-06 07:58 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-03-17 20:27 . 2010-03-17 20:27 -------- d-----w- c:\program files\MSBuild
2010-03-17 20:27 . 2010-03-17 20:27 -------- d-----w- c:\program files\Reference Assemblies
2010-03-17 19:43 . 2006-08-23 12:52 -------- d-----w- c:\program files\Webteh
2010-03-08 16:27 . 2008-09-05 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2007-02-06 11:54 . 2007-02-06 11:54 5632 --sha-w- c:\program files\Thumbs.db
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-02-22 26101032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-04 16120832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-28 7573504]
"nwiz"="nwiz.exe" [2006-04-28 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-28 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"EPSON Stylus C43 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE" [2002-12-10 75776]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-06-02 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Counter Strike\\Valve\\hl.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\WoW 3.1.3\\BackgroundDownloader.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.4.2008 21:04 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.4.2008 21:04 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.8.2006 16:31 717296]
S3 adxapie;adxapie;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\adxapie.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\adxapie.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [24.8.2006 16:32 223128]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eu.ask.com?o=14780&l=dis
IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 3.80\AMVConverter\grab.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 3.80\MediaManager\grab.html
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\f2jvb1dt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2189222&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2189222&q=
FF - component: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\f2jvb1dt.default\extensions\{b6315c48-f861-4913-9578-1b5fac41ebe0}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\f2jvb1dt.default\extensions\{b6315c48-f861-4913-9578-1b5fac41ebe0}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-ComandoDeinstKey - c:\program files\Eidos Interactive\Pyro\Commandos\DeIsL3.isu

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-31 10:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1715567821-1801674531-725345543-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Completion time: 2010-03-31 10:58:25
ComboFix-quarantined-files.txt 2010-03-31 08:58

Pre-Run: 112 023 834 624 bytes free
Post-Run: 11 adresárov, 112 073 289 728 voľných bajtov

- - End Of File - - FF2AAC33DBFF8CBA6D179E6987716818

Nálepku nemám zaujímave, windows tam bol. Opýtam sa nato. Dá sa odstrániť aspon ta tabulka v rohu? Ked zatvorím process WGtray tak sa zruší ale zase nabehne.

Pořád Avast něco hlásí? Poprosím Vás, na disku C je složka qoobox, zazipujte ji a upladněte na www.letecka.posta.cz, do sz mi napište link.

Té hlášky se asi nezbavíte, dokud nekoupíte legální windows. Pokud jste počítač zakoupili s nainstalovaným systémem, který měl být legální, reklamujte ho.

Link: http://leteckaposta.cz/393015020 a tie ikonky, sa budu dať spraviť?

Popravdě nevím, nemáte ty ikonky tak od doby, kdy Vám vyskakuje hláška o nelegálním systému?

Hej od tedy to je také, aj pozadie sa mení po reštarte na čierne..

Tak to s tím nic nenaděláme, protože to Vám dělají ty nelegální windows.

Ještě Avast něco hlásí?

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

A prosím smažte ten link na leteckou poštu, už to mám staženo

Motji, prosím pomoc

Čo stým spravim dal som skenovať a teraz mi tu avast hlási milion vírov, dávam presúvať do truhly, a ked nedám nič tak vyskoćí znova, ale mbam sa nepohne ďalej musím ho presunuť do truhly, ale on sa objavuje stale tu su tie ktore si zapisujem

C:\System Volume Information\_restore{A2634C60-01F2-4EF3-9183-653E260EB602}\RP730\A0673098.exe
Win32:Zhelatin-BJL [Wrm]
Vírus/červ

C:\System Volume Information\_restore{A2634C60-01F2-4EF3-9183-653E260EB602}\RP730\A0673099.exe
Win32:Zhelatin-BJL [Wrm]
Vírus/červ

C:\WINDOWS\SoftwareDistribution\Download\0a3ab8220bb2f21b89ddf93c5cf28325\_install.exe
Win32:Zhelatin-BJL [Wrm]
Vírus/červ

C:\WINDOWS\SoftwareDistribution\Download\0a3ab8220bb2f21b89ddf93c5cf28325\update\_install.exe
Win32:Zhelatin-BJL [Wrm]
Vírus/červ

C:\WINDOWS\SoftwareDistribution\Download\115be7432752f1eec2b0cdd6ef406571\_install.exe
Win32:Zhelatin-BJL [Wrm]
Vírus/červ

C:\WINDOWS\SoftwareDistribution\Download\115be7432752f1eec2b0cdd6ef406571\sp2gdr\_install.exe
Win32:Zhelatin-BJL [Wrm]
Vírus/červ

C:\WINDOWS\SoftwareDistribution\Download\115be7432752f1eec2b0cdd6ef406571\sp2qfe\_install.exe
Win32:Zhelatin-BJL [Wrm]
Vírus/červ

Pridávam ďaľší z systemu32, bolo ich asi 10 takých podobných ako tentoň

(toto vyskočilo za 30 sekund po sebe)

C:\WINDOWS\system32\oobe\_install.exe
C:\WINDOWS\system32\dllcache\_install.exe
C:\WINDOWS\system32\Macromed\Director\_install.exe
C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\_install.exe
C:\WINDOWS\system32\Restore\_install.exe
C:\WINDOWS\system32\Com\_install.exe
C:\WINDOWS\system32\mui\041b\_install.exe
C:\WINDOWS\system32\wbem\_install.exe
C:\WINDOWS\system32\wbem\MUI\041b\_install.exe
C:\WINDOWS\inf\_install.exe

tam máte nějakého červíka Pepíka

Můžete jeden z těch souborů otestovat na virustotalu, at víme, co je zač, a pak nasadíme léčbu

VIRY.CZ

Totálne spomalený počítač, a neodstranitelné vírusi.

Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.

Re: Totálne spomalený počítač, a neodstranitelné vírusi.