Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

BUBINO · Příspěvek od **BUBINO** » pon 11. úno 2008, 21:34

To je divne. Momentalne ma nic nenapada. No nic. Sp, zatial nechaj tak. Este nieco pokukam.

solda1 · Příspěvek od **solda1** » pon 11. úno 2008, 22:05

zatim je to okej,diky moc

BUBINO · Příspěvek od **BUBINO** » pon 11. úno 2008, 22:10

Zatial nemas zac. V pripade problemov napis.

solda1 · Příspěvek od **solda1** » úte 12. úno 2008, 21:08

jo nemej strach

diky moc a zatim ahoj a bubi napis z kama ses SZ a kolik ti je...

BUBINO · Příspěvek od **BUBINO** » úte 12. úno 2008, 21:40

Nemas zac, aj na buduce

Pocuj, potreboval by som, keby si zlozky:
c:\avenger
c:\combofix
c:\quarantine

dal do jednej zlozky, zraroval ho pomocou winraru, zahesloval a odoslal mi na email, alebo po icq? Bol by som ti vdacny

Mozes to urobit podla navodu sem :
http://www.viry.cz/forum/viewtopic.php?t=40696

Ten, co napisal Riffman.

Diky

solda1 · Příspěvek od **solda1** » stř 13. úno 2008, 17:57

ja to uz smazal....ale pred chvili me docela vytuhl comp,asi zas nejaky vir,ale uz to mozu srat

solda1 · Příspěvek od **solda1** » stř 13. úno 2008, 21:35

je prosim Vas toto oukej ?

Combo :

ComboFix 08-02-13.2 - Administrator 2008-02-13 21:30:55.16 - NTFSx86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.838 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\.exe

.
((((((((((((((((((((((((( Files Created from 2008-01-13 to 2008-02-13 )))))))))))))))))))))))))))))))
.

2008-02-13 17:55 . 2008-02-13 17:55 <DIR> d-------- C:\Temp
2008-02-13 15:25 . 2002-08-29 01:32 21,760 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-02-13 08:52 . 2008-02-13 08:52 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2008-02-13 08:41 . 2008-02-13 08:41 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-12 15:06 . 2008-02-12 15:06 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-11 18:25 . 2008-02-11 18:25 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Comodo
2008-02-11 18:25 . 2008-02-11 18:25 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Comodo
2008-02-11 18:22 . 2008-02-11 18:22 <DIR> d-------- C:\Program Files\Comodo
2008-02-10 16:25 . 2007-04-04 14:58 24,344 --a------ C:\WINDOWS\system32\drivers\klim5.sys
2008-02-10 16:18 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-10 16:18 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-10 16:18 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-10 16:18 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-10 16:18 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-10 16:18 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-10 16:18 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-10 16:18 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-10 12:17 . 2008-02-10 12:17 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2008-02-10 11:53 . 2008-02-10 11:53 <DIR> d-------- C:\Program Files\CCleaner
2008-02-09 18:35 . 2008-02-11 19:11 <DIR> d-------- C:\WINDOWS\EHome
2008-02-09 18:08 . 2008-02-09 18:08 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-09 17:45 . 2001-10-25 13:00 87,040 --a------ C:\WINDOWS\system32\srvsvc.dll
2008-02-09 17:45 . 2001-10-25 13:00 87,040 --a------ C:\WINDOWS\system32\dllcache\srvsvc.dll
2008-02-09 17:33 . 2008-02-09 17:33 <DIR> d-------- C:\Program Files\Zamykatko
2008-02-09 17:33 . 2007-12-13 20:13 17,264 --a------ C:\WINDOWS\system32\drivers\mprifl.sys
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:18 . 2002-09-20 18:05 201,728 --a------ C:\WINDOWS\system32\dllcache\wordpad.exe
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 17:07 . 2001-10-25 13:00 493,568 --a------ C:\WINDOWS\system32\hypertrm.dll
2008-02-05 16:58 . 2002-09-20 18:03 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2002-09-20 18:04 171,034 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2002-09-20 18:00 117,248 --a------ C:\WINDOWS\system32\dllcache\dhtmled.ocx
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:13 . 2004-08-03 14:13 1,081,112 --a------ C:\WINDOWS\system32\wuaueng.dll
2008-02-05 14:13 . 2004-08-03 14:00 421,144 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:13 . 2004-08-03 14:02 167,704 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:13 . 2004-08-03 13:59 120,288 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:13 . 2004-08-03 13:58 119,064 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:13 . 2004-08-03 13:58 113,944 --a------ C:\WINDOWS\system32\wuauclt.exe
2008-02-05 14:13 . 2004-08-03 13:58 71,448 --a------ C:\WINDOWS\system32\cdm.dll
2008-02-05 14:13 . 2004-08-03 14:00 39,704 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 16:16 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:39 . 2008-02-04 21:39 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\atitray
2008-02-04 21:38 . 2008-02-04 21:38 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 20:11 . 2008-02-04 20:11 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2008-02-04 18:27 . 2008-02-13 08:34 <DIR> d-------- C:\Downloads
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 18:18 . 2008-02-04 18:20 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2008-02-04 17:54 . 2008-02-08 16:43 <DIR> d-------- C:\Program Files\QIP
2008-02-04 15:47 . 2008-02-04 15:47 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-04 15:44 . 2008-02-04 15:44 <DIR> d-------- C:\Program Files\Crawler
2008-02-04 15:44 . 2008-02-10 18:19 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-02-04 15:43 . 2008-02-10 18:19 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-04 15:21 . 2008-02-04 15:21 <DIR> d-------- C:\Program Files\Lavalys
2008-02-04 15:12 . 2008-02-10 15:17 <DIR> d-------- C:\Program Files\ICQToolbar
2008-02-04 15:12 . 2008-02-09 10:36 <DIR> d-------- C:\Program Files\ICQLite
2008-02-04 15:12 . 2008-02-04 15:12 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQLite
2008-02-04 15:09 . 2008-02-04 15:09 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-04 15:08 . 2008-02-04 15:08 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-04 15:07 . 2005-01-28 13:44 2,370,296 --a--c--- C:\WINDOWS\system32\dllcache\wmvcore.dll
2008-02-04 15:07 . 2005-01-28 13:44 224,768 --a--c--- C:\WINDOWS\system32\dllcache\wmasf.dll
2008-02-04 15:06 . 2008-02-04 15:06 <DIR> d-------- C:\Program Files\Webteh
2008-02-04 15:05 . 2008-02-06 11:01 <DIR> d-------- C:\Program Files\Opera

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 16:10 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
2008-02-08 16:10 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2008-02-08 16:07 133,120 ----a-w C:\WINDOWS\system32\sfc_os.dll
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ESET
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 07:21 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2007-12-21 07:20 30,216 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 07:19 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 19:12 3142236]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-02-11 18:22 1115728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-02-04 13:53:14 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-04 13:52:38 434176]

R0 MPRIFL;MPRIFL;C:\WINDOWS\System32\DRIVERS\MPRIFL.SYS [2007-12-13 20:13]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 21:31:50
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-13 21:32:04
ComboFix-quarantined-files.txt 2008-02-13 20:32:02
ComboFix2.txt 2008-02-11 17:12:07
ComboFix3.txt 2008-02-10 15:31:09
ComboFix4.txt 2008-02-08 15:17:46
ComboFix5.txt 2008-02-08 14:53:20
.
2008-02-10 21:25:15 --- E O F ---

Hjk :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 213227, on 13.2.2008
Platform Windows XP SP1 (WinNT 5.01.2600)
MSIE Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode Safe mode with network support

Running processes
CWINDOWSSystem32smss.exe
CWINDOWSsystem32winlogon.exe
CWINDOWSsystem32services.exe
CWINDOWSsystem32lsass.exe
CWINDOWSsystem32svchost.exe
CWINDOWSSystem32svchost.exe
CWINDOWSexplorer.exe
CProgram FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = httpwww.daemon-search.comstartpage

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = httpwww.yahoo.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = httpwww.crawler.comsearchie.aspxtb_id=60327
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,CustomizeSearch = httpdnl.crawler.comsupportsa_customize.aspxTbId=60327
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = httpwww.yahoo.com
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = httpwww.yahoo.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Odkazy
O2 - BHO Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - CProgram FilesYahoo!CompanionInstallscpnycomp5_6_0_1.dll
O2 - BHO XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - CProgram FilesICQToolbartoolbaru.dll
O2 - BHO (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - CPROGRA~1CrawlerToolbarctbr.dll
O2 - BHO BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - CProgram FilesBitComettoolsBitCometBHO_1.2.1.2.dll
O3 - Toolbar &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - CProgram FilesYahoo!CompanionInstallscpnycomp5_6_0_1.dll
O3 - Toolbar ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - CProgram FilesICQToolbartoolbaru.dll
O3 - Toolbar &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - CPROGRA~1CrawlerToolbarctbr.dll
O3 - Toolbar &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - CWINDOWSSystem32msdxm.ocx
O4 - HKLM..Run [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM..Run [SpywareTerminator] CPROGRA~1SPYWAR~1SpywareTerminatorShield.exe
O4 - HKLM..Run [avast!] CPROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run [COMODO Firewall Pro] CProgram FilesComodoFirewallCPF.exe background
O4 - HKCU..Run [CTFMON.EXE] CWINDOWSSystem32ctfmon.exe
O4 - HKCU..Run [LDM] CProgram FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - HKCU..Run [AtiTrayTools] CProgram FilesRay AdamsATI Tray Toolsatitray.exe
O4 - HKCU..RunOnce [ICQ Lite] CProgram FilesICQLiteICQLite.exe -trayboot
O4 - HKUSS-1-5-19..Run [CTFMON.EXE] CWINDOWSSystem32CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run [CTFMON.EXE] CWINDOWSSystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run [CTFMON.EXE] CWINDOWSSystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run [CTFMON.EXE] CWINDOWSSystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup Logitech Desktop Messenger.lnk = CProgram FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup Logitech SetPoint.lnk = CProgram FilesLogitechSetPointSetPoint.exe
O8 - Extra context menu item Crawler Search - tbriemenu
O8 - Extra context menu item Stáhnout odkaz s použitím BitCometu - resCProgram FilesBitCometBitComet.exeAddLink.htm
O8 - Extra context menu item Stáhnout všechna videa s použitím BitCometu - resCProgram FilesBitCometBitComet.exeAddVideo.htm
O8 - Extra context menu item Stáhnout všechny odkazy s použitím BitCometu - resCProgram FilesBitCometBitComet.exeAddAllLink.htm
O9 - Extra button ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - CProgram FilesICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - CProgram FilesICQLiteICQLite.exe
O9 - Extra button BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - resCProgram FilesBitComettoolsBitCometBHO_1.2.1.2.dll206 (file missing)
O9 - Extra button Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram FilesMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram FilesMessengerMSMSGS.EXE
O17 - HKLMSystemCCSServicesTcpip..{05DD93D2-FB60-41E3-83C9-6658F4241DAF} NameServer = 62.240.178.250,10.0.0.1
O17 - HKLMSystemCS1ServicesTcpip..{05DD93D2-FB60-41E3-83C9-6658F4241DAF} NameServer = 62.240.178.250,10.0.0.1
O17 - HKLMSystemCS2ServicesTcpip..{05DD93D2-FB60-41E3-83C9-6658F4241DAF} NameServer = 62.240.178.250,10.0.0.1
O18 - Protocol bw+0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw+0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw-0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw-0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw00 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw00s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw10 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw10s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw20 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw20s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw30 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw30s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw40 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw40s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw50 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw50s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw60 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw60s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw70 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw70s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw80 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw80s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw90 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bw90s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwa0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwa0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwb0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwb0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwc0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwc0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwd0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwd0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwe0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwe0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwf0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwf0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - CProgram FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol bwg0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwg0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwh0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwh0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwi0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwi0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwj0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwj0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwk0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwk0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwl0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwl0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwm0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwm0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwn0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwn0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwo0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwo0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwp0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwp0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwq0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwq0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwr0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwr0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bws0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bws0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwt0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwt0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwu0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwu0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwv0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwv0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bww0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bww0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwx0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwx0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwy0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwy0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwz0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol bwz0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol offline-8876480 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - CProgram FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - CPROGRA~1CrawlerToolbarctbr.dll
O23 - Service avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - CProgram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service Ati HotKey Poller - ATI Technologies Inc. - CWINDOWSSystem32Ati2evxx.exe
O23 - Service ATI Smart - Unknown owner - CWINDOWSsystem32ati2sgag.exe
O23 - Service avast! Antivirus - ALWIL Software - CProgram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service avast! Mail Scanner - ALWIL Software - CProgram FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service avast! Web Scanner - ALWIL Software - CProgram FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service Comodo Application Agent (CmdAgent) - COMODO - CProgram FilesComodoFirewallcmdagent.exe
O23 - Service Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - CPROGRA~1SPYWAR~1sp_rsser.exe

--
End of file - 17794 bytes

BUBINO · Příspěvek od **BUBINO** » stř 13. úno 2008, 21:54

Do avengeru napis:

Files to delete:
C:\WINDOWS\imsins.BAK

Folders to delete:
C:\WINDOWS\rundll16.exe

Toto otestuj na virustotal.com
C:\WINDOWS\WMSysPr9.prx

Combo stale zmazava subor .exe Ten musi nieco vytvarat. Urob logy z IceSword.

solda1 · Příspěvek od **solda1** » stř 13. úno 2008, 22:09

vse OK, avanger udelal co mel a ten soubor C:\WINDOWS\WMSysPr9.prx je taky OK.....du na ten icesword...a jinak mam dotaz....Avast me hlasi ze avanger vidi jako vir....ale to asi neva , ze ?

BUBINO · Příspěvek od **BUBINO** » stř 13. úno 2008, 22:12

Jedine co moze nahlasit je c:\avenger, alebo c:\quarantine na detekciu virusov co zmazal, ale tie su neskodne.

solda1 · Příspěvek od **solda1** » stř 13. úno 2008, 22:12

Tu sefe...

Process:

Process:

System Idle Process
System
C:\WINDOWS\system32\alg.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.exe
C:\PROGRA~1\SPYWAR~1\Spywareterminatorshield.Exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Comodo\Firewall\cpf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Plocha\IceSword122en\IceSword.exe

A tu sefe Module :

Kernel Module:

\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
xenpnxpp.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
sr.sys
MPRIFL.SYS
KSecDD.sys
Ntfs.sys
inspect.sys
\WINDOWS\System32\DRIVERS\NDIS.SYS
Mup.sys
\SystemRoot\System32\DRIVERS\processr.sys
\SystemRoot\System32\DRIVERS\ati2mtag.sys
\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\HDAudBus.sys
\SystemRoot\System32\DRIVERS\Rtenicxp.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\i8042prt.sys
\SystemRoot\System32\DRIVERS\L8042Kbd.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\DRIVERS\ks.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\psched.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\DRIVERS\cmdmon.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\??\C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys
\SystemRoot\System32\Drivers\Aavmker4.SYS
\SystemRoot\System32\Drivers\LHidUsbK.Sys
\SystemRoot\System32\Drivers\HIDCLASS.SYS
\SystemRoot\System32\Drivers\HIDPARSE.SYS
\SystemRoot\System32\DRIVERS\LHidKE.Sys
\SystemRoot\System32\DRIVERS\mouhid.sys
\SystemRoot\System32\DRIVERS\LMouKE.Sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\atiok3x2.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\System32\Drivers\aswMon2.SYS
\SystemRoot\System32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\DRIVERS\secdrv.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\System32\Drivers\IsDrv122.sys
\WINDOWS\system32\ntdll.dll

diky

solda1 · Příspěvek od **solda1** » stř 13. úno 2008, 22:17

A kdyz dam to SSDT proc tam mam tolik cervenych vecí ?

Tu zlomek...mensi foto..

http://img215.imageshack.us/my.php?image=dadalb6.jpg

A toto ukazuje ten avast na avangera...

http://img81.imageshack.us/my.php?image=avangerip0.jpg

BUBINO · Příspěvek od **BUBINO** » stř 13. úno 2008, 22:26

Program ich nerozozna, ale su tie veci ok.

Toto sa mi nezda:
xenpnxpp.sys

V google nie je o nom nic.

Do avengera hod :

Files to delete:
c:\WINDOWS\System32\DRIVERS\xenpnxpp.sys

solda1 · Příspěvek od **solda1** » pát 15. úno 2008, 15:02

Provedeno uz to nedela

BUBINO · Příspěvek od **BUBINO** » pát 15. úno 2008, 17:18

Stiahni najnovsie aktualizacie do Avastu.

solda1 · Příspěvek od **solda1** » sob 23. úno 2008, 14:33

Ahoj,me se kompl nejake zase jebe...Tak bych poprosil Bubino jestli by ses me na to nekoukl...prosim (vypisy z HjK a combo)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:13, on 23.2.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{05DD93D2-FB60-41E3-83C9-6658F4241DAF}: NameServer = 62.240.178.250,10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05DD93D2-FB60-41E3-83C9-6658F4241DAF}: NameServer = 62.240.178.250,10.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05DD93D2-FB60-41E3-83C9-6658F4241DAF}: NameServer = 62.240.178.250,10.0.0.1
O18 - Protocol: bw+0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files\Prime95\prime95.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 17722 bytes

ComboFix 08-02-13.2 - Administrator 2008-02-23 14:21:28.17 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.839 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-23 to 2008-02-23 )))))))))))))))))))))))))))))))
.

2008-02-20 16:04 . 2008-02-23 14:05 <DIR> d-------- C:\Program Files\Prime95
2008-02-20 14:41 . 2008-02-20 14:41 67,776 --ah----- C:\WINDOWS\MEMORY.DMP
2008-02-18 11:18 . 2008-02-18 11:18 <DIR> d-------- C:\Program Files\Futuremark
2008-02-18 11:18 . 1999-11-02 10:01 6,173 --a------ C:\WINDOWS\system32\drivers\Entech.vxd
2008-02-18 11:18 . 2004-06-22 15:44 5,632 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
2008-02-18 10:04 . 2008-02-18 10:04 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\ATI
2008-02-18 09:59 . 2008-02-18 09:59 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2008-02-18 09:33 . 2008-02-18 09:33 <DIR> d-------- C:\WINDOWS\system32\Futuremark
2008-02-18 09:33 . 2004-10-25 20:02 21,664 --a------ C:\WINDOWS\system32\drivers\Entech.sys
2008-02-18 09:33 . 2001-11-19 19:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys
2008-02-13 22:06 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-13 22:06 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-13 22:06 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-13 22:06 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-13 22:06 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-13 22:04 . 2004-10-28 02:31 680,960 --a--c--- C:\WINDOWS\system32\dllcache\lsasrv.dll
2008-02-13 22:04 . 2004-11-17 18:58 497,152 --a------ C:\WINDOWS\system32\hypertrm.dll
2008-02-13 22:04 . 2004-10-28 02:31 116,736 --a--c--- C:\WINDOWS\system32\dllcache\shsvcs.dll
2008-02-13 22:04 . 2004-03-30 02:53 36,864 --a------ C:\WINDOWS\system32\mf3216.dll
2008-02-13 22:04 . 2004-03-30 02:53 36,864 --a--c--- C:\WINDOWS\system32\dllcache\mf3216.dll
2008-02-13 22:03 . 2006-08-25 10:14 599,040 --a------ C:\WINDOWS\system32\xpsp2res.dll
2008-02-13 21:39 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-13 21:39 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-13 21:39 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-13 21:39 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-13 21:39 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-13 17:55 . 2008-02-13 17:55 <DIR> d-------- C:\Temp
2008-02-13 15:25 . 2002-08-29 01:32 21,760 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-02-13 08:52 . 2008-02-13 08:52 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2008-02-13 08:41 . 2008-02-13 22:06 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-12 15:06 . 2008-02-12 15:06 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-11 18:25 . 2008-02-11 18:25 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Comodo
2008-02-11 18:25 . 2008-02-11 18:25 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Comodo
2008-02-11 18:25 . 2008-02-11 18:25 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Comodo
2008-02-11 18:25 . 2008-02-11 18:25 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Comodo
2008-02-11 18:22 . 2008-02-11 18:22 <DIR> d-------- C:\Program Files\Comodo
2008-02-10 16:25 . 2007-04-04 14:58 24,344 --a------ C:\WINDOWS\system32\drivers\klim5.sys
2008-02-10 16:18 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-10 16:18 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-10 16:18 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-10 16:18 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-10 16:18 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-10 16:18 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-10 16:18 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-10 16:18 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-10 11:53 . 2008-02-10 11:53 <DIR> d-------- C:\Program Files\CCleaner
2008-02-09 18:35 . 2008-02-15 14:39 <DIR> d-------- C:\WINDOWS\EHome
2008-02-09 18:08 . 2008-02-09 18:08 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-09 17:45 . 2004-12-07 20:35 79,872 --a------ C:\WINDOWS\system32\srvsvc.dll
2008-02-09 17:33 . 2008-02-09 17:33 <DIR> d-------- C:\Program Files\Zamykatko
2008-02-09 17:33 . 2007-12-13 20:13 17,264 --a------ C:\WINDOWS\system32\drivers\mprifl.sys
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:19 . 2005-03-02 19:18 1,928,704 --a------ C:\WINDOWS\system32\ntkrnlpa.exe
2008-02-05 17:19 . 2005-03-02 19:18 1,900,032 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2008-02-05 17:19 . 2006-05-05 10:31 433,152 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-02-05 17:19 . 2006-05-05 10:31 433,152 --a------ C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-02-05 17:19 . 2006-05-05 10:40 166,656 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2008-02-05 17:19 . 2006-05-05 10:40 166,656 --a------ C:\WINDOWS\system32\dllcache\rdbss.sys
2008-02-05 17:19 . 2004-10-28 02:31 92,672 --a------ C:\WINDOWS\system32\dllcache\cscdll.dll
2008-02-05 17:19 . 2004-10-28 02:31 92,672 --a------ C:\WINDOWS\system32\cscdll.dll
2008-02-05 17:18 . 2002-09-20 18:05 201,728 --a------ C:\WINDOWS\system32\dllcache\wordpad.exe
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2002-09-20 18:00 117,248 --a------ C:\WINDOWS\system32\dllcache\dhtmled.ocx
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:25 . 2008-02-12 22:07 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d-------- C:\WINDOWS\$hf_mig$
2008-02-05 15:25 . 2004-07-01 23:10 360,448 --a------ C:\WINDOWS\system32\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 16:16 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-05 11:41 . 2008-02-08 16:16 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-05 11:41 . 2008-02-08 16:16 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:39 . 2008-02-04 21:39 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\atitray
2008-02-04 21:39 . 2008-02-04 21:39 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\atitray
2008-02-04 21:39 . 2008-02-04 21:39 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\atitray
2008-02-04 21:38 . 2008-02-18 10:22 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 20:11 . 2008-02-04 20:11 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2008-02-04 20:11 . 2008-02-04 20:11 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2008-02-04 20:11 . 2008-02-04 20:11 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2008-02-04 18:27 . 2008-02-22 19:31 <DIR> d-------- C:\Downloads
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 18:18 . 2008-02-04 18:20 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 10:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-18 09:01 --------- d-----w C:\Program Files\ATI Technologies
2008-02-08 16:10 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
2008-02-08 16:10 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2008-02-08 16:07 133,120 ----a-w C:\WINDOWS\system32\sfc_os.dll
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ESET
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2008-01-22 21:38 2,845,696 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-01-22 20:44 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-01-22 20:43 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-01-22 20:39 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-01-22 20:36 9,949,184 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-01-22 20:35 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-01-22 20:35 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-01-22 20:35 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-01-22 20:35 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-01-22 20:35 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-01-22 20:34 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-01-22 20:33 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-01-22 20:25 3,121,920 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-01-22 20:14 1,664,256 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-01-22 20:04 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-01-22 20:01 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-01-22 19:59 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-01-22 19:58 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-01-22 19:58 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-01-22 19:57 163,840 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-01-22 19:53 503,808 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-01-22 13:42 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 19:12 3142236]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-02-11 18:22 1115728]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-02-04 13:53:14 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-04 13:52:38 434176]

R0 MPRIFL;MPRIFL;C:\WINDOWS\System32\DRIVERS\MPRIFL.SYS [2007-12-13 20:13]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-23 14:22:56
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-23 14:23:30
ComboFix-quarantined-files.txt 2008-02-23 13:23:21
ComboFix2.txt 2008-02-11 17:12:07
ComboFix3.txt 2008-02-10 15:31:09
ComboFix4.txt 2008-02-08 15:17:46
ComboFix5.txt 2008-02-08 14:53:20
.
2008-02-15 13:43:28 --- E O F ---

Baron Prášil

njn,Bubino je dobrej Obrázek

tak alespoň toto
http://www.microsoft.com/cze/windows/xp/sp2/topten.mspx

solda1 · Příspěvek od **solda1** » sob 23. úno 2008, 17:50

aj ty me muzes pomoct barone,ty si taky na to profik,jestli se ti chce...a s tema SP2 tyjo...me nesli instalnout tak sem se na to vykaslal..

Baron Prášil

člověče, na mě je to už trochu dlouhý a nepřehledný

BUBINO se v tom vyzná.
co byl problém při tý instalaci?

solda1 · Příspěvek od **solda1** » sob 23. úno 2008, 18:38

najela tak do ctvrtky a jako by uz dal ne.Tak sem ju zrusil a znova a to same,proste nahovno