Prosim o radu , Nod32 nasiel nejake 2 infikovane subory ...

[skazatoN]

robil som smart scan v node a toto bolo na konci :
D:\WINDOWS\system32\BeGl86jAn1.txt - probably a variant of Win32/Injector.APK trojan - cleaned by deleting - quarantined [1]
D:\WINDOWS\system32\BG1KbMIE0J.txt - probably a variant of Win32/Injector.APK trojan - cleaned by deleting - quarantined [1]

je to uz prec alebo nie ? prikladam log z RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Miso at 2010-02-20 19:21:38
Systém Microsoft Windows XP Professional Service Pack 2
System drive D: has 4 GB (18%) free of 20 GB
Total RAM: 1023 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:43, on 20. 2. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\ATKKBService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\System32\PAStiSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\Analog Devices\SoundMAX\Smax4.exe
D:\Program Files\DrayTek\Vigor318 ADSL\CnxDslTb.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\system32\ctfmon.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Miso.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] D:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [CnxDslTaskBar] "D:\Program Files\DrayTek\Vigor318 ADSL\CnxDslTb.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Startup] D:\Documents and Settings\Miso\Data aplikací\Microsoft\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{69B24D18-4EB4-43AF-B5E8-96B4F02A3E0E}: NameServer = 195.146.128.62 195.146.132.58
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Unknown owner - D:\WINDOWS\system32\LEXBCES.EXE (file missing)
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: STI Simulator - Unknown owner - D:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 5006 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=D:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"SoundMAX"=D:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-04-10 729088]
"JMB36X Configure"=D:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]
"CnxDslTaskBar"=D:\Program Files\DrayTek\Vigor318 ADSL\CnxDslTb.exe [2004-05-06 516096]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-03-20 217544]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-17 39408]
"PlayNC Launcher"= []
"Startup"=D:\Documents and Settings\Miso\Data aplikací\Microsoft\svchost.exe [2010-02-18 720896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\WINDOWS\system32\dpvsetup.exe"="D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\WINDOWS\system32\rundll32.exe"="D:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Steam\steamapps\mastodontt\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\mastodontt\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Warcraft III\Warcraft III.exe"="C:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Starcraft\StarCraft.exe"="C:\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"D:\WINDOWS\system32\dpnsvr.exe"="D:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\Steam\steamapps\poncho77\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\poncho77\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\valve\hl.exe"="C:\valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe"="C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:*:Enabled:Gears of War"
"C:\Program Files\Steam\steamapps\mastodontt\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\mastodontt\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\mastodontt\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\mastodontt\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Octoshape Streaming Services\Miso\OctoshapeClient.exe"="D:\Program Files\Octoshape Streaming Services\Miso\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\Mass Effect\Binaries\MassEffect.exe"="C:\Program Files\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"C:\Program Files\Mass Effect\MassEffectLauncher.exe"="C:\Program Files\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\World of Warcraft\Repair.exe"="C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
"D:\Documents and Settings\Miso\Local Settings\Temp\ElectronicArts_Patcher_000.exe"="D:\Documents and Settings\Miso\Local Settings\Temp\ElectronicArts_Patcher_000.exe:*:Enabled:Red Alert 3 Beta Launcher"
"C:\Program Files\EA Games\Red Alert 3 Beta\RetailExe\1.3\ra3game.dat"="C:\Program Files\EA Games\Red Alert 3 Beta\RetailExe\1.3\ra3game.dat:*:Enabled:Command & Conquer™ Red Alert 3™"
"C:\Program Files\Activision\Tony Hawk's Underground 2\Game\THUG2.exe"="C:\Program Files\Activision\Tony Hawk's Underground 2\Game\THUG2.exe:*:Enabled:THUG2"
"C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Left 4 Dead\left4dead.exe"="C:\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\cod 4\Call.of.Duty.4.Modern.Warfare\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\cod 4\Call.of.Duty.4.Modern.Warfare\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp"
"C:\Dead space instalacka\Dead Space.exe"="C:\Dead space instalacka\Dead Space.exe:*:Enabled:Dead Space ™"
"C:\Program Files\Half-Life 2\hl2.exe"="C:\Program Files\Half-Life 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Quake III Arena\quake3.exe"="C:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3"
"D:\Program Files\Mozilla Firefox\firefox.exe"="D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat"="C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\nonsteam\hl.exe"="C:\nonsteam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Codemasters\DiRT\DiRT.exe"="C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Disabled:SLVoice"
"C:\Program Files\Dark Sector\Dark Sector\DS.exe"="C:\Program Files\Dark Sector\Dark Sector\DS.exe:*:Enabled:Dark Sector"
"C:\Race.Driver.GRID_by_Cr4cK\Grid\GRID.exe"="C:\Race.Driver.GRID_by_Cr4cK\Grid\GRID.exe:*:Disabled:GRID Executable"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe:*:Enabled:ShaunWhiteSnowboardingGame"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\PES\pes2010.exe"="C:\PES\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe"="C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\tf2\hl2.exe"="C:\tf2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\EA Sports\NHL 09\nhl2009.exe"="C:\Program Files\EA Sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"C:\Program Files\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"C:\Program Files\Activision\Modern Warfare 2\iw4mp.exe"="C:\Program Files\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\Steam\steamapps\common\zombie bowl-o-rama\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\zombie bowl-o-rama\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Steam\steamapps\common\trackmania nations forever\TmForever.exe"="C:\Program Files\Steam\steamapps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe"="C:\Program Files\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\StarCraft II Beta\StarCraft II.exe"="C:\Program Files\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\StarCraft II Beta\Versions\Base13891\SC2.exe"="C:\Program Files\StarCraft II Beta\Versions\Base13891\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\Aliens vs. Predator\AvP.exe"="C:\Program Files\Aliens vs. Predator\AvP.exe:*:Enabled:Aliens vs. Predator (DX9)"
"C:\Program Files\Aliens vs. Predator\AvP_DX11.exe"="C:\Program Files\Aliens vs. Predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator (DX11)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{97d16051-a7a4-11de-8c21-8442b948775c}]
shell\AutoRun\command - J:\AutoTransfer.exe


======List of files/folders created in the last 1 months======

2010-02-20 19:21:38 ----D---- D:\rsit
2010-02-20 17:47:28 ----D---- D:\WINDOWS\LastGood
2010-02-20 17:47:05 ----D---- D:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-19 23:39:48 ----N---- D:\WINDOWS\SC.exe
2010-02-19 15:00:03 ----A---- D:\WINDOWS\Dark Sector Uninstall Log.txt
2010-02-11 20:17:55 ----D---- D:\Documents and Settings\All Users\Data aplikací\BioWare
2010-02-08 16:38:57 ----D---- D:\Intel
2010-02-06 18:53:05 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
2010-02-01 19:28:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\TrackMania
2010-01-30 15:45:59 ----D---- D:\Documents and Settings\Miso\Data aplikací\Logitech
2010-01-30 15:44:11 ----D---- D:\Documents and Settings\All Users\Data aplikací\LogiShrd
2010-01-30 15:43:10 ----HDC---- D:\WINDOWS\$NtUninstallWdf01005$
2010-01-30 15:41:56 ----D---- D:\Program Files\Common Files\Logishrd

======List of files/folders modified in the last 1 months======

2010-02-20 19:21:19 ----D---- D:\WINDOWS\Temp
2010-02-20 19:04:33 ----D---- D:\WINDOWS\system32
2010-02-20 18:08:10 ----D---- D:\Program Files\Mozilla Firefox
2010-02-20 17:48:03 ----SHD---- D:\WINDOWS\Installer
2010-02-20 17:47:55 ----HD---- D:\WINDOWS\inf
2010-02-20 17:47:55 ----D---- D:\WINDOWS\system32\drivers
2010-02-20 17:47:28 ----D---- D:\WINDOWS
2010-02-20 17:12:31 ----D---- D:\Documents and Settings\Miso\Data aplikací\mIRC
2010-02-20 15:12:15 ----D---- D:\WINDOWS\system32\CatRoot2
2010-02-20 14:46:36 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-02-20 14:13:43 ----D---- D:\WINDOWS\system32\DirectX
2010-02-20 12:12:42 ----D---- D:\WINDOWS\Prefetch
2010-02-20 11:33:57 ----HD---- D:\Program Files\InstallShield Installation Information
2010-02-20 04:08:38 ----SD---- D:\Documents and Settings\Miso\Data aplikací\Microsoft
2010-02-19 18:06:19 ----D---- D:\Program Files\Common Files\Blizzard Entertainment
2010-02-19 18:06:19 ----D---- D:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2010-02-19 18:02:04 ----RD---- D:\Program Files
2010-02-19 18:00:48 ----D---- D:\Documents and Settings\Miso\Data aplikací\uTorrent
2010-02-18 17:01:20 ----A---- D:\WINDOWS\NeroDigital.ini
2010-02-13 12:44:13 ----D---- D:\WINDOWS\WinSxS
2010-02-11 20:14:38 ----D---- D:\Documents and Settings\Miso\Data aplikací\Dark Sector
2010-02-10 15:03:43 ----D---- D:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-02-08 16:38:55 ----D---- D:\Program Files\Intel
2010-02-06 18:53:05 ----D---- D:\Program Files\Google
2010-02-06 18:53:04 ----SD---- D:\WINDOWS\Tasks
2010-02-06 16:11:46 ----D---- D:\Program Files\Bonjour
2010-02-06 16:10:48 ----DC---- D:\WINDOWS\system32\DRVSTORE
2010-01-30 15:43:29 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-01-30 15:41:56 ----D---- D:\Program Files\Common Files
2010-01-29 20:34:08 ----D---- D:\WINDOWS\Minidump
2010-01-29 20:15:39 ----D---- D:\Documents and Settings\Miso\Data aplikací\Skype
2010-01-29 20:15:15 ----D---- D:\Documents and Settings\Miso\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 asuskbnt;Enhanced Display Driver Helper Service; D:\WINDOWS\system32\drivers\atkkbnt.sys [2006-10-31 11008]
R1 ehdrv;ehdrv; D:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 eamon;eamon; D:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 EIO;EIO; \??\D:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; D:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; D:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-25 3565568]
R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver; D:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-04-28 60288]
R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; D:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-04-28 646400]
R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver; D:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2004-04-29 108771]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-02-27 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\pcouffin.sys [2008-06-02 47360]
R3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24\RivaTuner32.sys []
R3 SenFiltService;SenFilt Service; D:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Video3D;ASUS Video3D Service; D:\WINDOWS\System32\Drivers\Video3D32.sys [2006-09-29 10752]
R4 atidgllk;atidgllk; \??\D:\WINDOWS\atidgllk.sys []
S3 a1lo7jdi;a1lo7jdi; D:\WINDOWS\system32\drivers\a1lo7jdi.sys []
S3 ar8zd40q;ar8zd40q; D:\WINDOWS\system32\drivers\ar8zd40q.sys []
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-28 34944]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GarenaPEngine;GarenaPEngine; \??\D:\DOCUME~1\Miso\LOCALS~1\Temp\RLS30.tmp []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; D:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; D:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; D:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; D:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 PAC207;SoC PC-Camer@; D:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
S3 Ser2pl;MAT Serial port driver; D:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 tbhsd;Tunebite High-Speed Dubbing; D:\WINDOWS\system32\drivers\tbhsd.sys [2009-01-23 37664]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; D:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 ATKKeyboardService;ATK Keyboard Service; D:\WINDOWS\ATKKBService.exe [2006-09-29 258560]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 STI Simulator;STI Simulator; D:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-17 194032]
S2 LexBceS;LexBce Server; D:\WINDOWS\system32\LEXBCES.EXE []
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usprserv;User Privilege Service; D:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


dakujem za pomoc

[skazatoN]

Teraz som urobil rychly scan v MBAM a napisalo mi toto
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CLASSES_ROOT\PotDll.PotGo (Trojan.Agent) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\startup (Backdoor.Bot) -> No action taken.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
D:\Documents and Settings\Miso\Data aplikací\Microsoft\svchost.exe (Backdoor.Bot) -> No action taken.

co s tym ?:(

[motji]

Dobrý večer
Co našel mbam, smažte

Combofix stahněte takto:
- pravým myšítkem klikněte na odkaz combofixu --uložit jako.. ,a teď ho přejmenujte na Potvora.com a uložte.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem