pls pomoc, mám problém, errory po najetí a při používání

[kn0t3k]

systém mi najíždí opravdu velmi pomalu (já vím není se čemu divit-amd athlon 1,28 Ghz, RAM 1,5 Gb, OS XP profesional). KDyž nastartuju komp, tak jakmile najíždí plocha, tak najede error: potential errors in the system registry were found. Prosím poradte co s tím má dělat. PS komp mám 4 roky a včera jsem ho odvirivával avastem. Pro bližší info můžu poslat přesný obrázek této chyby.

jestli vám to pomůže, tak tady je log z hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:15, on 17.2.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\System32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\windows\System32\lwtrvqyw.exe
C:\windows\System32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\windows\SOUNDMAN.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Common Files\StorageProtector\strpmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
C:\Program Files\SMC\SMC2602W 11Mbps Wirelss PCI Card\WLANUtility.exe
\Sblan2\pc\MARTIN\FirefoxPortable\App\firefox\firefox.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [e4f1d5da] rundll32.exe "C:\windows\System32\duvnclwl.dll",b
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\StorageProtector\strpmon.exe" dm=http://storageprotector.com ad=http://storageprotector.com sd=http://inspaid.storageprotector.com
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: NOTFOUND.lnk = ?
O4 - Startup: SMC2602W 11Mbps WLAN Monitor.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C6A3C70-0909-4DF0-A7B3-F1F89F275E6C}: NameServer = 217.112.160.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DomainService - - C:\windows\System32\lwtrvqyw.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 6729 bytes

[BUBINO]

Hned napisem navod

[BUBINO]

Toto v programe zafixuj:

O4 - HKLM\..\Run: [e4f1d5da] rundll32.exe "C:\windows\System32\duvnclwl.dll",b
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\StorageProtector\strpmon.exe" dm=http://storageprotector.com ad=http://storageprotector.com sd=http://inspaid.storageprotector.com

Odinstaluj :
StorageProtector


Stiahni si avenger :
Podla navodu sa dopracuj k tomu okne.Do neho skopiruj toto dole:

Drivers to unload:
DomainService

Files to delete:
C:\windows\System32\lwtrvqyw.exe
C:\windows\System32\duvnclwl.dll

Done >> Semafor >> Ok
Pocitac sa resetuje.Po restarte nabehne log, ktory skopiruj sem. Je v c:\avenger.txt + urob novy log z HJT.
[/quote]

[kn0t3k]

spolehlivý postup?

[solda1]

jo je...bubino je na toto fakt master

[kn0t3k]

HIJACK:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:03, on 18.2.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\System32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\windows\System32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\windows\SOUNDMAN.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
C:\windows\system32\notepad.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
\Sblan2\pc\MARTIN\FirefoxPortable\App\firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {59376F02-5190-4718-8C20-40174B21C5DF} - C:\windows\System32\sstqp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: {bd9a63c4-4a80-6d99-fb84-22bf2b45b218} - {812b54b2-fb22-48bf-99d6-08a44c36a9db} - C:\windows\System32\avstchev.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\windows\System32\yqejhhjf.dll
O2 - BHO: (no name) - {E9BD0828-1FD9-410C-A50F-43EBE65D310F} - C:\WINDOWS\System32\xxywtsq.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [e4f1d5da] rundll32.exe "C:\windows\System32\ejmujpuw.dll",b
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: NOTFOUND.lnk = ?
O4 - Startup: SMC2602W 11Mbps WLAN Monitor.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C6A3C70-0909-4DF0-A7B3-F1F89F275E6C}: NameServer = 217.112.160.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: xxywtsq - C:\windows\SYSTEM32\xxywtsq.dll
O20 - Winlogon Notify: yqejhhjf - C:\windows\SYSTEM32\yqejhhjf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 7127 bytes


AVENGER:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\tlrundee

*******************

Script file located at: \??\C:\kfjuokvi.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Driver DomainService unloaded successfully.
File C:\windows\System32\lwtrvqyw.exe deleted successfully.


File C:\windows\System32\duvnclwl.dll not found!
Deletion of file C:\windows\System32\duvnclwl.dll failed!

Could not process line:
C:\windows\System32\duvnclwl.dll
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.



Error při startu tam je furt

[kn0t3k]

HIJACK:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:03, on 18.2.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\System32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\windows\System32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\windows\SOUNDMAN.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
C:\windows\system32\notepad.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
\Sblan2\pc\MARTIN\FirefoxPortable\App\firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {59376F02-5190-4718-8C20-40174B21C5DF} - C:\windows\System32\sstqp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: {bd9a63c4-4a80-6d99-fb84-22bf2b45b218} - {812b54b2-fb22-48bf-99d6-08a44c36a9db} - C:\windows\System32\avstchev.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\windows\System32\yqejhhjf.dll
O2 - BHO: (no name) - {E9BD0828-1FD9-410C-A50F-43EBE65D310F} - C:\WINDOWS\System32\xxywtsq.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [e4f1d5da] rundll32.exe "C:\windows\System32\ejmujpuw.dll",b
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: NOTFOUND.lnk = ?
O4 - Startup: SMC2602W 11Mbps WLAN Monitor.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C6A3C70-0909-4DF0-A7B3-F1F89F275E6C}: NameServer = 217.112.160.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: xxywtsq - C:\windows\SYSTEM32\xxywtsq.dll
O20 - Winlogon Notify: yqejhhjf - C:\windows\SYSTEM32\yqejhhjf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 7127 bytes


AVENGER:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\tlrundee

*******************

Script file located at: \??\C:\kfjuokvi.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Driver DomainService unloaded successfully.
File C:\windows\System32\lwtrvqyw.exe deleted successfully.


File C:\windows\System32\duvnclwl.dll not found!
Deletion of file C:\windows\System32\duvnclwl.dll failed!

Could not process line:
C:\windows\System32\duvnclwl.dll
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.



Error při startu tam je furt

[Baron Prášil]

pěkně rozdrážděný potvory!

zkontroluj že máš zapnutej firewall ve win(později nahodíš normální firewall)

Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem klávesy 1
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log, který se ti zobrazí, jinak ho najdeš zde: C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[kn0t3k]

ComboFix 08-02-18.1 - My 2008-02-18 14:57:48.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.0.1250.1.1029.18.1191 [GMT 1:00]
Running from: C:\Documents and Settings\My\Plocha\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\windows\system32\xxywtsq.dll
C:\windows\system32\yqejhhjf.dll
C:\Documents and Settings\My\Data aplikací\macromedia\Flash Player\#SharedObjects\HD5JBSFB\www.inter-focus.cn
C:\Documents and Settings\My\Data aplikací\macromedia\Flash Player\#SharedObjects\HD5JBSFB\www.inter-focus.cn\IFFLASHAD_PLAYER.sol
C:\Documents and Settings\My\Data aplikací\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn
C:\Documents and Settings\My\Data aplikací\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn\settings.sol
C:\check_LSA7.txt
C:\Program Files\Accoona
C:\Program Files\Accoona\acache.hst
C:\Program Files\Accoona\acache2.hst
C:\Program Files\Accoona\AToolbarConfig.xml
C:\Program Files\Accoona\icon-a.ico
C:\Program Files\Accoona\icon-sa.ico
C:\Program Files\Accoona\INSTALL1.LOG
C:\Program Files\Accoona\SARemove.exe
C:\Program Files\Accoona\tbquiesce.exe
C:\Program Files\Common Files\StorageProtector
C:\Program Files\Common Files\StorageProtector\strpmon.exe
C:\Program Files\download plugin
C:\Program Files\download plugin\DlPlugin-Moz\buddy.dat
C:\Program Files\download plugin\DlPlugin-Moz\buddy.uri
C:\Program Files\download plugin\DlPlugin-Moz\npdlplug.dll
C:\Program Files\network monitor
C:\Program Files\videokeycodec
C:\windows\cookies.ini
C:\WINDOWS\system32\adeeg.bak1
C:\WINDOWS\system32\adeeg.bak2
C:\WINDOWS\system32\adeeg.ini
C:\windows\system32\adltrfab.ini
C:\windows\system32\adumytuq.ini
C:\windows\system32\aeehuero.ini
C:\windows\system32\ajcxfqjq.exe
C:\windows\system32\aljyclgl.dll
C:\WINDOWS\system32\amgmvoot.ini
C:\windows\system32\amohcuia.dll
C:\windows\system32\anagtfal.dll
C:\windows\system32\atfngmcv.ini
C:\windows\system32\avstchev.dll
C:\windows\system32\awtsq.dll
C:\windows\system32\awvtq.dll
C:\windows\system32\awvvv.dll
C:\WINDOWS\system32\aycdd.bak1
C:\WINDOWS\system32\aycdd.bak2
C:\WINDOWS\system32\aycdd.ini
C:\windows\system32\aykjgoyc.ini
C:\WINDOWS\system32\bbdnuchk.ini
C:\WINDOWS\system32\bbeeg.bak1
C:\windows\system32\bbeeg.ini
C:\windows\system32\bcpepxym.dll
C:\WINDOWS\system32\bdeeg.bak1
C:\WINDOWS\system32\bdeeg.ini
C:\windows\system32\bduyoqyc.ini
C:\windows\system32\bebotytu.dll
C:\windows\system32\behhvdrg.exe
C:\windows\system32\bfwtadjp.exe
C:\windows\system32\bgwkbdfj.dll
C:\windows\system32\bhjupdua.ini
C:\windows\system32\bjmvqtfc.dll
C:\windows\system32\bkxpgsyc.exe
C:\windows\system32\blmguxrj.dll
C:\windows\system32\bmocirtw.exe
C:\windows\system32\bncoidlc.dll
C:\windows\system32\bngisbeh.ini
C:\windows\system32\bqcobhgs.exe
C:\windows\system32\btkitkxd.exe
C:\windows\system32\btnmdfxe.exe
C:\windows\system32\bvmgyaaa.ini
C:\windows\system32\bvrkvgby.dll
C:\windows\system32\bwrwwkqu.ini
C:\windows\system32\bxaqptue.exe
C:\windows\system32\bxumfncu.dll
C:\windows\system32\cabkobxo.exe
C:\windows\system32\cakrovdo.exe
C:\windows\system32\camprvql.dll
C:\WINDOWS\system32\cdeeg.bak1
C:\WINDOWS\system32\cdeeg.bak2
C:\windows\system32\cdeeg.ini
C:\windows\system32\cegtpamy.dll
C:\windows\system32\cetyilxs.ini
C:\windows\system32\cewbygok.dll
C:\WINDOWS\system32\cfhkj.bak1
C:\WINDOWS\system32\cfhkj.bak2
C:\windows\system32\cfhkj.ini
C:\windows\system32\cgcuwdfm.ini
C:\windows\system32\cgkekigg.exe
C:\windows\system32\ciampjtm.dll
C:\windows\system32\cictnjeh.exe
C:\windows\system32\ciivwkon.ini
C:\WINDOWS\system32\cisaenme.ini
C:\WINDOWS\system32\cixwiwaw.ini
C:\windows\system32\clogbbks.ini
C:\windows\system32\clwfuqml.ini
C:\windows\system32\cmbnfcyf.exe
C:\windows\system32\cpeydlwk.ini
C:\windows\system32\cplkbodc.dll
C:\windows\system32\cqdpijjh.exe
C:\windows\system32\crwrhias.exe
C:\windows\system32\ctkkadrg.ini
C:\windows\system32\cwfelafx.ini
C:\windows\system32\cxgrqqxb.exe
C:\windows\system32\cyhwxbev.exe
C:\windows\system32\daueysqu.dll
C:\windows\system32\ddaby.dll
C:\windows\system32\ddayw.dll
C:\windows\system32\ddbpkwlq.ini
C:\windows\system32\ddcyx.dll
C:\WINDOWS\system32\ddeeg.bak1
C:\WINDOWS\system32\ddeeg.bak2
C:\WINDOWS\system32\ddeeg.ini
C:\windows\system32\ddwvxgdq.ini
C:\windows\system32\dejbxipv.dll
C:\windows\system32\dfobyfso.exe
C:\windows\system32\dftvgvnv.ini
C:\windows\system32\dhemxmir.dll
C:\windows\system32\dhtxvnfb.exe
C:\windows\system32\dovwodnp.exe
C:\windows\system32\dspkbpxp.ini
C:\windows\system32\dwrytjep.exe
C:\windows\system32\dxcmgkjp.exe
C:\windows\system32\dxmagxkg.ini
C:\windows\system32\dyfwkdtw.ini
C:\windows\system32\eavxjrxc.dll
C:\windows\system32\ecwmeqwe.dll
C:\WINDOWS\system32\edeeg.bak1
C:\windows\system32\edeeg.ini
C:\windows\system32\ednugiuf.ini
C:\windows\system32\eelyouui.ini
C:\windows\system32\efcbyww.dll
C:\windows\system32\efmqawih.exe
C:\windows\system32\ejalpmrk.dll
C:\windows\system32\ejmujpuw.dll
C:\windows\system32\ejncqobb.exe
C:\windows\system32\ejrxaspf.ini
C:\windows\system32\ejwggxde.exe
C:\windows\system32\eknrptat.ini
C:\windows\system32\ekogasuo.exe
C:\windows\system32\eksjwpgo.ini
C:\windows\system32\eljcfctj.ini
C:\windows\system32\emneasic.dll
C:\windows\system32\eoivebnr.exe
C:\windows\system32\eosggwmy.dll
C:\windows\system32\eoxrdbgx.dll
C:\WINDOWS\system32\etcfligr.ini
C:\windows\system32\etlhwjbt.dll
C:\windows\system32\etwdrsuq.exe
C:\windows\system32\euyecfmq.exe
C:\windows\system32\ewkrcmfh.dll
C:\windows\system32\ewqfdgji.ini
C:\windows\system32\exndwdla.exe
C:\windows\system32\exqyevwh.dll
C:\windows\system32\fbplkkaq.dll
C:\windows\system32\ffwrjhoa.exe
C:\windows\system32\fgbgvllu.ini
C:\windows\system32\fgdefviu.ini
C:\windows\system32\fgnrtbsx.exe
C:\windows\system32\fguppqvv.exe
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\fhhkj.bak2
C:\WINDOWS\system32\fhhkj.ini
C:\windows\system32\fhynkdrb.exe
C:\windows\system32\fonfecjr.dll
C:\windows\system32\fonpkpem.ini
C:\windows\system32\foxgfbxi.exe
C:\windows\system32\frgjqtpl.ini
C:\windows\system32\ftmhpvru.exe
C:\windows\system32\fwajdvsx.exe
C:\windows\system32\fysvydmn.exe
C:\WINDOWS\system32\gatoajwh.ini
C:\windows\system32\gblttdui.ini
C:\windows\system32\gbxlnwig.exe
C:\windows\system32\gbygplko.ini
C:\windows\system32\gcrjkprr.dll
C:\windows\system32\gdhauibq.dll
C:\windows\system32\gdiorprn.exe
C:\windows\system32\gdvfbdyv.ini
C:\windows\system32\gebbcby.dll
C:\windows\system32\gebcy.dll
C:\windows\system32\gebyv.dll
C:\windows\system32\geeda.dll
C:\windows\system32\geedb.dll
C:\windows\system32\gfsctiiq.exe
C:\WINDOWS\system32\ggjlm.bak1
C:\WINDOWS\system32\ggjlm.ini
C:\windows\system32\ghfbdhgp.exe
C:\WINDOWS\system32\ghhkj.bak1
C:\windows\system32\ghhkj.ini
C:\windows\system32\giyxcwap.ini
C:\WINDOWS\system32\gjkkj.bak1
C:\windows\system32\gjkkj.ini
C:\WINDOWS\system32\gjkmp.bak1
C:\WINDOWS\system32\gjkmp.ini
C:\windows\system32\gjlexblk.exe
C:\windows\system32\gjutrqoj.ini
C:\windows\system32\glvtqhlu.exe
C:\windows\system32\gnpcrblp.ini
C:\windows\system32\gpdgkpdf.exe
C:\windows\system32\gpsdsltb.exe
C:\windows\system32\gqodmcoq.exe
C:\windows\system32\gscmxqil.dll
C:\windows\system32\gtjncuop.exe
C:\windows\system32\gtpbrflf.dll
C:\windows\system32\gwyhsgmf.ini
C:\WINDOWS\system32\gxktujfm.ini
C:\windows\system32\gykwskuu.ini
C:\windows\system32\hbweaskg.ini
C:\windows\system32\heeiqhsf.ini
C:\windows\system32\hgywtnqe.dll
C:\WINDOWS\system32\hhkmp.bak1
C:\WINDOWS\system32\hhkmp.bak2
C:\WINDOWS\system32\hhkmp.ini
C:\WINDOWS\system32\hjjlm.bak1
C:\windows\system32\hjjlm.ini
C:\WINDOWS\system32\hjkkj.ini
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\hjkmp.ini
C:\WINDOWS\system32\hjllm.bak1
C:\WINDOWS\system32\hjllm.bak2
C:\WINDOWS\system32\hjllm.ini
C:\windows\system32\hlanrfsu.ini
C:\windows\system32\hlbrpifs.dll
C:\windows\system32\hmhqfqey.ini
C:\windows\system32\hnllkahd.ini
C:\windows\system32\hogpxmmw.dll
C:\windows\system32\hpqsxmfv.dll
C:\windows\system32\hqbexulf.ini
C:\windows\system32\hqxsnoaj.ini
C:\windows\system32\hsbkhqhv.dll
C:\windows\system32\hsheveok.dll
C:\windows\system32\hslbyklf.exe
C:\windows\system32\hsomguqi.exe
C:\windows\system32\hsqneaci.ini
C:\windows\system32\hwjaotag.dll
C:\windows\system32\hwjofhoe.exe
C:\windows\system32\hxlvaxve.exe
C:\windows\system32\hxtemshb.dll
C:\windows\system32\hxvjknkc.dll
C:\windows\system32\chkntvqg.dll
C:\windows\system32\iasgxqmw.exe
C:\windows\system32\iepwmjvs.dll
C:\windows\system32\ievcgsur.exe
C:\windows\system32\ifrqttop.exe
C:\WINDOWS\system32\ijkmp.bak1
C:\windows\system32\ijkmp.ini
C:\WINDOWS\system32\ijllm.bak1
C:\WINDOWS\system32\ijllm.bak2
C:\WINDOWS\system32\ijllm.ini
C:\WINDOWS\system32\ilkkj.bak1
C:\WINDOWS\system32\ilkkj.bak2
C:\WINDOWS\system32\ilkkj.ini
C:\windows\system32\iltbsctu.ini
C:\windows\system32\imbygspv.ini
C:\windows\system32\iodsfoiq.ini
C:\windows\system32\ioprctbu.dll
C:\windows\system32\ipccebnn.dll
C:\windows\system32\ipcoyncj.exe
C:\windows\system32\iqkbesyb.dll
C:\windows\system32\irakgldp.dll
C:\windows\system32\isixndlh.dll
C:\windows\system32\itfngyvd.dll
C:\windows\system32\iuuryytx.dll
C:\windows\system32\ivfwmvgu.ini
C:\windows\system32\iwbddeph.ini
C:\windows\system32\jaeqlwlf.exe
C:\windows\system32\jcaeteme.ini
C:\windows\system32\jdmpvqid.exe
C:\windows\system32\jduylwij.exe
C:\windows\system32\jeepdpaa.exe
C:\windows\system32\jgiyuhtw.exe
C:\windows\system32\jgyakudd.dll
C:\WINDOWS\system32\jhjypahv.ini
C:\windows\system32\jihbbwbg.ini
C:\WINDOWS\system32\jjkkj.bak1
C:\WINDOWS\system32\jjkkj.ini
C:\WINDOWS\system32\jjkmp.bak1
C:\WINDOWS\system32\jjkmp.ini
C:\windows\system32\jkbwipsv.dll
C:\WINDOWS\system32\jkgjqckm.ini
C:\windows\system32\jkhfc.dll
C:\windows\system32\jkhhf.dll
C:\windows\system32\jkkjg.dll
C:\windows\system32\jkkjh.dll
C:\windows\system32\jkkjj.dll
C:\windows\system32\jkkjk.dll
C:\windows\system32\jkkli.dll
C:\windows\system32\jlcgifqf.dll
C:\windows\system32\jnkskqhh.ini
C:\windows\system32\jotklxnr.exe
C:\windows\system32\jpqchomo.ini
C:\windows\system32\jqposebc.dll
C:\windows\system32\jrvbgurh.dll
C:\windows\system32\jtfdbegv.exe
C:\windows\system32\jttfkhdr.ini
C:\windows\system32\juvjmkiu.ini
C:\windows\system32\jvdylxdn.ini
C:\windows\system32\kbctxilt.exe
C:\windows\system32\kclvtrcu.dll
C:\windows\system32\kcxgamvw.ini
C:\windows\system32\keknconc.exe
C:\windows\system32\kfwsxsng.exe
C:\windows\system32\khcundbb.dll
C:\windows\system32\khqcfswo.exe
C:\windows\system32\khsenqqq.exe
C:\windows\system32\kjclxgki.dll
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\kjkkj.bak2
C:\WINDOWS\system32\kjkkj.ini
C:\WINDOWS\system32\kjkmp.bak1
C:\WINDOWS\system32\kjkmp.ini
C:\windows\system32\kjvyxyuw.exe
C:\windows\system32\kkjcdxdd.dll
C:\windows\system32\klswjhlm.dll
C:\windows\system32\kltwlhbk.exe
C:\WINDOWS\system32\kmllm.bak1
C:\WINDOWS\system32\kmllm.ini
C:\windows\system32\kmponlsm.ini
C:\windows\system32\kmutwbyk.exe
C:\windows\system32\knmckdwx.ini
C:\WINDOWS\system32\knnmp.bak1
C:\WINDOWS\system32\knnmp.bak2
C:\WINDOWS\system32\knnmp.ini
C:\windows\system32\kodjnbce.ini
C:\windows\system32\kprptjto.dll
C:\windows\system32\kqepmeok.dll
C:\windows\system32\kremigil.exe
C:\windows\system32\ksyvrbwm.ini
C:\windows\system32\kthavbkx.ini
C:\windows\system32\ktpjkajy.ini
C:\windows\system32\kuielsxu.ini
C:\windows\system32\kutafngo.dll
C:\windows\system32\kwdsluoy.exe
C:\windows\system32\lajchnbj.ini
C:\windows\system32\lbptylsi.ini
C:\windows\system32\lcirbxpv.dll
C:\windows\system32\lcwoioci.exe
C:\windows\system32\lengobbt.exe
C:\windows\system32\leorakgs.ini
C:\windows\system32\lfoxkknk.dll
C:\windows\system32\lgmruvuw.ini
C:\windows\system32\lgxcjuqm.dll
C:\windows\system32\liqxmcsg.ini
C:\windows\system32\lirxdwfk.ini
C:\windows\system32\ljfiwkxt.ini
C:\windows\system32\lkddtpgj.dll
C:\windows\system32\lkswnqpb.exe
C:\windows\system32\lluitggy.exe
C:\windows\system32\llyxddhb.exe
C:\windows\system32\lnmqgbai.dll
C:\windows\system32\lnupqlqq.exe
C:\windows\system32\lnvgdmhe.ini
C:\windows\system32\loahilav.dll
C:\windows\system32\lpimnymt.ini
C:\windows\system32\lqyorbtk.ini
C:\windows\system32\lrkvgxuw.ini
C:\windows\system32\lrqemvpx.exe
C:\windows\system32\ltgjaylo.dll
C:\windows\system32\luqjjriv.dll
C:\windows\system32\lwlcnvud.ini
C:\windows\system32\lwrkxqsx.exe
C:\windows\system32\lymaujxl.dll
C:\windows\system32\mbagfntx.dll
C:\windows\system32\mbdlkymy.dll
C:\windows\system32\mcrh.tmp
C:\windows\system32\mdygmyvd.ini
C:\windows\system32\medifgme.exe
C:\windows\system32\mfjutkxg.dll
C:\windows\system32\mfsfgbju.ini
C:\windows\system32\mhdpxtrl.ini
C:\windows\system32\mchsvcpm.dll
C:\windows\system32\mjhsbujb.exe
C:\windows\system32\mjllxuhu.dll
C:\windows\system32\mkcqjgkj.dll
C:\windows\system32\mljxkdgf.exe
C:\windows\system32\mlljh.dll
C:\windows\system32\mllji.dll
C:\windows\system32\mllmk.dll
C:\windows\system32\mllmn.dll
C:\WINDOWS\system32\mlnmp.bak1
C:\WINDOWS\system32\mlnmp.bak2
C:\WINDOWS\system32\mlnmp.ini
C:\windows\system32\mnljwcpi.dll
C:\windows\system32\movtrpyg.dll
C:\windows\system32\mpiadlib.dll
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\mpqss.ini
C:\windows\system32\mrpnbtfo.ini
C:\windows\system32\mrthgyje.dll
C:\windows\system32\mtjvrfil.dll
C:\windows\system32\mvfqfrnt.exe
C:\windows\system32\mvtnxaol.exe
C:\windows\system32\mwxymvop.ini
C:\windows\system32\myjgvfoq.exe
C:\windows\system32\ndsnvoqt.exe
C:\windows\system32\nfsuxdyy.dll
C:\windows\system32\nfuldgfo.ini
C:\windows\system32\nhbftllx.exe
C:\windows\system32\nhdipeqh.ini
C:\windows\system32\nhervhwc.ini
C:\windows\system32\niorngig.ini
C:\windows\system32\nllyatas.exe
C:\windows\system32\nlmvdnxb.ini
C:\WINDOWS\system32\nmllm.bak1
C:\WINDOWS\system32\nmllm.ini
C:\windows\system32\nmntasyu.ini
C:\windows\system32\nmqrdtxl.exe
C:\windows\system32\nobjolso.dll
C:\windows\system32\nqnuafhs.ini
C:\windows\system32\nstwmjhb.exe
C:\windows\system32\nthxrhqm.exe
C:\windows\system32\nueukyjv.dll
C:\windows\system32\nvuqfuee.exe
C:\windows\system32\nxltihan.exe
C:\windows\system32\nyvmthwe.ini
C:\windows\system32\obmwbyjd.ini
C:\windows\system32\obxbtefd.ini
C:\windows\system32\odbsdrlq.exe
C:\windows\system32\odhpdxdd.ini
C:\windows\system32\odulsokh.ini
C:\windows\system32\oiobhobb.exe
C:\windows\system32\oioriaan.exe
C:\windows\system32\okhtxjhm.exe
C:\windows\system32\oouuxxnx.exe
C:\windows\system32\opmmnlfy.dll
C:\windows\system32\oqnkmbau.ini
C:\windows\system32\oqrjyjcq.ini
C:\windows\system32\oqrtkuqq.exe
C:\windows\system32\oqxljijy.exe
C:\windows\system32\orgagpql.dll
C:\WINDOWS\system32\orutv.bak1
C:\WINDOWS\system32\orutv.ini
C:\windows\system32\orxrsdvi.dll
C:\windows\system32\oslojbon.ini
C:\windows\system32\oufjqfml.ini
C:\windows\system32\oulexegx.exe
C:\windows\system32\ovqnxlxj.dll
C:\windows\system32\owgqixph.exe
C:\windows\system32\oxyfkiyv.exe
C:\windows\system32\pabqvtnh.exe
C:\windows\system32\pataeitr.exe
C:\windows\system32\pcnaxuso.ini
C:\windows\system32\pecwdcln.exe
C:\windows\system32\pgatllau.exe
C:\windows\system32\phwnduhf.dll
C:\windows\system32\pieelffi.exe
C:\windows\system32\pissolpw.exe
C:\windows\system32\pkokucjb.exe
C:\windows\system32\pmkgsumn.exe
C:\windows\system32\pmkhi.dll
C:\windows\system32\pmkjg.dll
C:\windows\system32\pmkjh.dll
C:\windows\system32\pmkjk.dll
C:\windows\system32\pmnlm.dll
C:\windows\system32\pmnnk.dll
C:\windows\system32\pphgbrfd.ini
C:\windows\system32\ppoumtjb.exe
C:\windows\system32\pqgsswcu.exe
C:\WINDOWS\system32\pqtss.bak1
C:\WINDOWS\system32\pqtss.bak2
C:\WINDOWS\system32\pqtss.ini
C:\windows\system32\probfpqh.exe
C:\windows\system32\pumioywg.dll
C:\windows\system32\pvnaomsn.dll
C:\windows\system32\pwmykadf.ini
C:\windows\system32\pyegmrjg.dll
C:\windows\system32\qajbcexg.ini
C:\windows\system32\qamwjxcg.exe
C:\windows\system32\qcpesfvb.dll
C:\windows\system32\qddyfhhl.ini
C:\windows\system32\qfdeplxp.exe
C:\windows\system32\qhgfonig.dll
C:\windows\system32\qirkcnjl.exe
C:\windows\system32\qlilaywg.dll
C:\windows\system32\qllhgftu.ini
C:\windows\system32\qoxgpnaw.ini
C:\windows\system32\qplbhkar.exe
C:\windows\system32\qqrqfunv.dll
C:\windows\system32\qropmved.ini
C:\windows\system32\qrtluumj.ini
C:\windows\system32\qsoxuaxy.dll
C:\WINDOWS\system32\qstwa.bak1
C:\WINDOWS\system32\qstwa.bak2
C:\windows\system32\qstwa.ini
C:\WINDOWS\system32\qtstv.bak1
C:\WINDOWS\system32\qtstv.bak2
C:\windows\system32\qtstv.ini
C:\WINDOWS\system32\qtutv.bak1
C:\WINDOWS\system32\qtutv.bak2
C:\windows\system32\qtutv.ini
C:\WINDOWS\system32\qtvwa.bak1
C:\WINDOWS\system32\qtvwa.bak2
C:\windows\system32\qtvwa.ini
C:\windows\system32\qulnwbpm.dll
C:\windows\system32\qunklpyv.exe
C:\windows\system32\qunogabc.dll
C:\windows\system32\qxlkqmdl.ini
C:\windows\system32\rdbdymmg.exe
C:\windows\system32\reosrkba.exe
C:\windows\system32\rfecgsxi.ini
C:\windows\system32\rfunmiqb.dll
C:\windows\system32\rgilfcte.dll
C:\windows\system32\rgtqsfoo.ini
C:\windows\system32\ripyqoel.dll
C:\windows\system32\riyfkpfm.exe
C:\windows\system32\rjlkbdem.exe
C:\windows\system32\rjywtqro.exe
C:\windows\system32\rkkuhmel.ini
C:\windows\system32\rmeeshgu.ini
C:\windows\system32\rmxghhla.dll
C:\windows\system32\rqmaudlr.dll
C:\windows\system32\rqpojmcg.exe
C:\WINDOWS\system32\rqstv.bak1
C:\WINDOWS\system32\rqstv.bak2
C:\windows\system32\rqstv.ini
C:\WINDOWS\system32\rqtss.bak1
C:\WINDOWS\system32\rqtss.ini
C:\WINDOWS\system32\rqtwa.bak1
C:\WINDOWS\system32\rqtwa.ini
C:\WINDOWS\system32\rrpkjrcg.ini
C:\WINDOWS\system32\rrutv.bak1
C:\WINDOWS\system32\rrutv.bak2
C:\WINDOWS\system32\rrutv.ini
C:\windows\system32\rtippbxa.exe
C:\WINDOWS\system32\rttss.bak1
C:\windows\system32\rttss.ini
C:\windows\system32\rtxtichs.exe
C:\windows\system32\rxejbvxg.exe
C:\windows\system32\rxenxmba.ini
C:\windows\system32\rxfdfwuu.ini
C:\windows\system32\rxifcjjw.dll
C:\windows\system32\rxqajixs.dll
C:\windows\system32\rxtdolek.ini
C:\windows\system32\rymmxked.dll
C:\windows\system32\saotxugj.ini
C:\windows\system32\satultmm.exe
C:\windows\system32\sbdkohoc.ini
C:\windows\system32\sbktfout.dll
C:\windows\system32\seguttgo.dll
C:\windows\system32\semxgxpl.ini
C:\windows\system32\seoxrakx.ini
C:\windows\system32\sigccttc.dll
C:\windows\system32\silcwhqx.exe
C:\windows\system32\sipeqmir.dll
C:\windows\system32\skgxlkns.exe
C:\WINDOWS\system32\slauhwdy.ini
C:\windows\system32\slucakff.ini
C:\windows\system32\smdiabea.ini
C:\windows\system32\sobrnfio.ini
C:\windows\system32\soscwvys.exe
C:\windows\system32\srfjxdmd.exe
C:\windows\system32\srfqhiwj.dll
C:\windows\system32\srtllxuk.ini
C:\windows\system32\sstqp.dll
C:\windows\system32\ssttt.dll
C:\windows\system32\ssttu.dll
C:\windows\system32\svkcqiuq.dll
C:\windows\system32\svnawiro.ini
C:\windows\system32\swehangg.dll
C:\windows\system32\swhrvkrq.exe
C:\windows\system32\sxebtmyx.exe
C:\windows\system32\sydqwvba.ini
C:\windows\system32\syjepyte.exe
C:\windows\system32\tahixxwr.ini
C:\windows\system32\taxqplip.ini
C:\windows\system32\tbttlbux.dll
C:\windows\system32\tcibamdf.dll
C:\windows\system32\tdgpdcdd.dll
C:\windows\system32\teugcwgy.dll
C:\windows\system32\teydhfyd.exe
C:\windows\system32\tgvjxsqh.dll
C:\windows\system32\thescfoy.ini
C:\windows\system32\thggjoru.exe
C:\windows\system32\tkbsfoyx.ini
C:\windows\system32\tkjnhcem.exe
C:\windows\system32\tmoyenau.ini
C:\windows\system32\tnispoje.exe
C:\windows\system32\tocfxxan.exe
C:\windows\system32\tomvnebn.dll
C:\windows\system32\toovmgma.dll
C:\windows\system32\traddaha.dll
C:\windows\system32\trvybuga.exe
C:\windows\system32\tsavmehk.dll
C:\windows\system32\ttpotgow.exe
C:\WINDOWS\system32\tttss.bak1
C:\WINDOWS\system32\tttss.ini
C:\windows\system32\ttwwyjms.dll
C:\windows\system32\tumqhhfp.ini
C:\windows\system32\tuyonxbb.dll
C:\windows\system32\tvakvxki.exe
C:\windows\system32\tvluqtqh.ini
C:\WINDOWS\system32\txlquohu.ini
C:\windows\system32\tyudvpni.exe
C:\windows\system32\uaiwaogx.dll
C:\windows\system32\ueaiypkd.ini
C:\windows\system32\uebbilbq.exe
C:\windows\system32\ueqkngcr.exe
C:\windows\system32\ueqrpxca.ini
C:\windows\system32\ufcusexg.dll
C:\windows\system32\ufmrsneh.dll
C:\windows\system32\ugamokjl.exe
C:\windows\system32\uhouqlxt.dll
C:\windows\system32\uhuwvgqe.exe
C:\windows\system32\ujbgfsfm.dll
C:\windows\system32\uluoeegc.exe
C:\windows\system32\uomeqqbi.ini
C:\WINDOWS\system32\uqsyeuad.ini
C:\windows\system32\urkmiirg.exe
C:\windows\system32\urxjaipx.dll
C:\WINDOWS\system32\utstv.bak1
C:\WINDOWS\system32\utstv.ini
C:\WINDOWS\system32\uttss.bak1
C:\WINDOWS\system32\uttss.ini
C:\windows\system32\utvbhjgl.dll
C:\windows\system32\uwbieloa.dll
C:\windows\system32\uwghaqta.dll
C:\windows\system32\uwsahoao.ini
C:\windows\system32\uydykqda.ini
C:\windows\system32\uyfjteox.ini
C:\windows\system32\uylhitsu.exe
C:\windows\system32\vagtbilp.ini
C:\windows\system32\vauylndj.ini
C:\windows\system32\vbroiicf.ini
C:\windows\system32\vcaqykya.ini
C:\windows\system32\vcpullqt.ini
C:\windows\system32\vexrtcph.exe
C:\windows\system32\vfnubfpq.dll
C:\windows\system32\vfucmisp.ini
C:\windows\system32\vgxpuijo.exe
C:\windows\system32\vhapyjhj.dll
C:\windows\system32\vhqhkbsh.ini
C:\windows\system32\vjqkedvq.dll
C:\windows\system32\vjrmskko.dll
C:\windows\system32\vkxhnhnj.ini
C:\windows\system32\vmlxjqci.exe
C:\windows\system32\vmpcarop.dll
C:\windows\system32\vmwrjxsf.ini
C:\windows\system32\vnbhtqhx.dll
C:\windows\system32\vobhrblh.dll
C:\windows\system32\vodeedve.exe
C:\windows\system32\voysnxyw.ini
C:\windows\system32\vpmnutah.ini
C:\windows\system32\vrvelnyr.exe
C:\windows\system32\vsaveqkh.exe
C:\windows\system32\vsgjhhmi.exe
C:\windows\system32\vshehlqe.ini
C:\WINDOWS\system32\vspiwbkj.ini
C:\windows\system32\vswuegnm.exe
C:\windows\system32\vtnblixb.exe
C:\windows\system32\vtpdvlmk.dll
C:\windows\system32\vtsqr.dll
C:\windows\system32\vtstq.dll
C:\windows\system32\vtstu.dll
C:\windows\system32\vturo.dll
C:\windows\system32\vturr.dll
C:\windows\system32\vtutq.dll
C:\windows\system32\vvjgbsgx.exe
C:\windows\system32\vvkdphoe.exe
C:\windows\system32\vvuedigl.ini
C:\WINDOWS\system32\vvvwa.bak1
C:\WINDOWS\system32\vvvwa.ini
C:\windows\system32\vxfcenue.ini
C:\windows\system32\vxnikfgu.ini
C:\WINDOWS\system32\vybeg.bak1
C:\WINDOWS\system32\vybeg.bak2
C:\WINDOWS\system32\vybeg.ini
C:\windows\system32\vydbfvdg.dll
C:\windows\system32\waagvovw.ini
C:\windows\system32\wawiwxic.dll
C:\windows\system32\wbyhogbu.exe
C:\windows\system32\wccjiduw.dll
C:\windows\system32\wdnivdyw.exe
C:\windows\system32\wescwmsf.exe
C:\windows\system32\wesknlfh.dll
C:\windows\system32\wfcnkjvm.dll
C:\windows\system32\whnjgxaq.ini
C:\windows\system32\whpvweww.exe
C:\windows\system32\whwsidqq.exe
C:\windows\system32\wifavcas.ini
C:\windows\system32\windows
C:\windows\system32\wjbkcfkm.exe
C:\windows\system32\wlpvahjp.dll
C:\windows\system32\wlxcbgyu.ini
C:\windows\system32\wmcbpkvi.ini
C:\windows\system32\wmlvjeax.ini
C:\WINDOWS\system32\wmmxpgoh.ini
C:\windows\system32\wnmchvva.ini
C:\windows\system32\wppdxjgt.dll
C:\windows\system32\wpuvyfur.exe
C:\windows\system32\wqghtlpg.ini
C:\windows\system32\wtdkwfyd.dll
C:\windows\system32\wtfhjldv.ini
C:\windows\system32\wupjumje.ini
C:\windows\system32\wvdtidjx.exe
C:\windows\system32\wvmvmsuv.exe
C:\windows\system32\wxtrdjij.exe
C:\WINDOWS\system32\wyadd.bak1
C:\WINDOWS\system32\wyadd.bak2
C:\WINDOWS\system32\wyadd.ini
C:\windows\system32\wyljuohn.ini
C:\windows\system32\xangggvv.exe
C:\windows\system32\xbmlgsxj.ini
C:\windows\system32\xclddvhe.exe
C:\windows\system32\xcocxkkq.ini
C:\windows\system32\xcucdywq.dll
C:\windows\system32\xdxtufet.exe
C:\windows\system32\xesomaxt.ini
C:\windows\system32\xjioirqv.dll
C:\windows\system32\xkvptuqn.exe
C:\windows\system32\xlibnfqn.dll
C:\windows\system32\xmqlxjyx.ini
C:\windows\system32\xmsunwgr.exe
C:\windows\system32\xnecwnxb.ini
C:\windows\system32\xnkmikej.exe
C:\windows\system32\xsnvjjdq.exe
C:\windows\system32\xtsjyhub.exe
C:\windows\system32\xufegimg.ini
C:\windows\system32\xvxttofk.exe
C:\windows\system32\xwmstnol.exe
C:\windows\system32\xxqpdonf.exe
C:\windows\system32\xxvbatee.exe
C:\windows\system32\xxywtsq.dll
C:\windows\system32\xybicxog.exe
C:\WINDOWS\system32\xycdd.bak1
C:\WINDOWS\system32\xycdd.bak2
C:\WINDOWS\system32\xycdd.ini
C:\windows\system32\xyfrbinl.exe
C:\windows\system32\yadbblfr.ini
C:\windows\system32\yayyaxv.dll
C:\WINDOWS\system32\ybadd.bak1
C:\WINDOWS\system32\ybadd.bak2
C:\WINDOWS\system32\ybadd.ini
C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.bak2
C:\WINDOWS\system32\ycbeg.ini
C:\windows\system32\ydwhuals.dll
C:\windows\system32\yefornqt.dll
C:\windows\system32\yewolfwm.ini
C:\windows\system32\ygopwnay.exe
C:\windows\system32\yhblxkis.dll
C:\windows\system32\yidueugg.dll
C:\windows\system32\yinnkrog.exe
C:\windows\system32\yjmlsxrl.ini
C:\windows\system32\ykdouyuc.dll
C:\windows\system32\ykwilmdp.exe
C:\windows\system32\ymlsskjq.ini
C:\windows\system32\ymwggsoe.ini
C:\windows\system32\yomqlavw.exe
C:\windows\system32\ypqadngw.exe
C:\windows\system32\ypusenox.dll
C:\windows\system32\yqejhhjf.dll
C:\windows\system32\yqejhhjf.dllbox
C:\windows\system32\yrskbdfr.ini
C:\windows\system32\yssgbhkb.dll
C:\windows\system32\ysvkixqq.ini
C:\windows\system32\yurmxrfx.exe
C:\windows\system32\yvhqbsud.dll
C:\windows\system32\yvyentib.dll
C:\windows\system32\yxqbvpoj.exe
C:\windows\system32\yxqdvfer.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE


((((((((((((((((((((((((( Files Created from 2008-01-18 to 2008-02-18 )))))))))))))))))))))))))))))))
.

2008-02-18 14:23 . 2008-02-18 14:23 60,416 --a------ C:\WINDOWS\system32\drivers\ux^clfhn.sys
2008-02-17 10:21 . 2008-02-17 10:21 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-17 07:21 . 2008-02-17 16:03 <DIR> d-------- C:\Program Files\Premium Booster
2008-02-16 07:57 . 2008-02-16 07:57 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-02-16 07:55 . 2008-02-16 07:58 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-02-16 07:55 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-02-08 17:43 . 2008-02-08 17:44 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-02-08 17:39 . 2008-02-08 17:39 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-02-08 17:39 . 2008-02-08 17:39 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-02-08 17:37 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-02-08 17:37 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-02-08 17:37 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-02-08 17:37 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-02-08 17:37 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-02-08 17:37 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-02-08 17:37 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-02-08 17:37 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-02-08 17:37 . 2007-03-05 12:42 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2008-02-07 16:05 . 2008-02-08 16:41 <DIR> d-------- C:\Need for Speed ProStreet
2008-02-06 19:38 . 2008-02-06 19:38 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-02-06 19:04 . 2008-02-06 19:04 2,368 --a------ C:\WINDOWS\system32\SVKP.sys
2008-02-06 18:37 . 2008-02-06 18:37 <DIR> d-------- C:\Program Files\JoWooD
2008-02-01 12:53 . 2004-12-02 18:20 1,843,200 --a------ C:\WINDOWS\system32\NCTAudioFile2.dll
2008-02-01 12:53 . 2004-05-20 13:07 335,872 --a------ C:\WINDOWS\system32\NCTAudioVisualization2.dll
2008-02-01 12:53 . 2004-08-25 13:53 311,296 --a------ C:\WINDOWS\system32\NCTAudioRecord2.dll
2008-01-31 17:00 . 2008-01-31 17:00 <DIR> d-------- C:\Program Files\Common Files\DVDVideoSoft
2008-01-31 16:55 . 2008-02-01 11:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-31 16:55 . 2008-01-31 16:56 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-30 06:10 . 2008-01-30 06:10 328,288 --a------ C:\WINDOWS\system32\pmkji.dll
2008-01-29 06:19 . 2008-01-29 15:11 354 --ahs---- C:\WINDOWS\system32\alftovji.ini
2008-01-28 06:36 . 2008-01-28 06:36 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-27 11:11 . 2008-01-27 11:18 <DIR> d-------- C:\Program Files\Bridge Construction Set Demo
2008-01-26 07:23 . 2008-01-26 07:23 <DIR> d-------- C:\Program Files\TGTSoft
2008-01-26 07:21 . 2008-01-26 07:21 <DIR> d-------- C:\Program Files\Free Desktop Clock
2008-01-24 19:39 . 2008-01-28 06:09 321 --ahs---- C:\WINDOWS\system32\pstwa.ini
2008-01-23 17:16 . 2008-01-23 17:16 <DIR> d-------- C:\Program Files\Blender Foundation
2008-01-18 18:04 . 2008-01-18 18:04 46 --a------ C:\WINDOWS\wininit.ini
2008-01-18 07:04 . 2008-01-18 07:04 328,288 --a------ C:\WINDOWS\system32\sstqr.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-16 06:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-08 17:39 --------- d-----w C:\Program Files\BitComet
2008-01-12 10:12 --------- d-----w C:\Program Files\18 Wheels of Steel Haulin
2007-12-30 08:02 --------- d-----w C:\Program Files\WM Converter
2007-12-30 08:01 --------- d-----w C:\Program Files\MegauploadToolbar
2007-12-30 08:01 --------- d-----w C:\Program Files\AoA Audio Extractor
2007-12-25 09:32 --------- d-----w C:\Program Files\CS Fire Monitor
2007-12-25 08:18 --------- d-----w C:\Program Files\TallStick
2007-12-25 08:18 --------- d-----w C:\Program Files\Free Screen Recorder
2007-12-25 08:17 --------- d-----w C:\Program Files\Mioplanet
2007-12-24 19:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-24 19:22 --------- d-----w C:\Program Files\NewSoft
2007-12-24 19:22 --------- d-----w C:\Program Files\Common Files\PDFView
2007-12-24 19:22 --------- d-----w C:\Program Files\Common Files\NewSoft
2007-12-24 19:19 --------- d-----w C:\Program Files\ScanSoft
2007-12-24 19:19 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2007-12-24 19:16 --------- d-----w C:\Program Files\ArcSoft
2007-12-24 19:15 --------- d-----w C:\Program Files\Common Files\CANON
2007-12-24 19:14 --------- d-----w C:\Program Files\Canon
2007-12-24 19:13 --------- d--h--w C:\Program Files\CanonBJ
2007-12-23 07:52 --------- d-----w C:\Program Files\Gigabyte
2007-12-23 07:51 --------- d-----w C:\Program Files\AmazingMIDI
2007-12-23 07:50 24,944 ----a-w C:\windows\system32\drivers\GVTDrv.sys
2007-12-22 11:50 163,644 ----a-w C:\windows\system32\drivers\secdrv.sys
2007-12-18 15:11 --------- d-----w C:\Program Files\Učitel
2007-12-02 10:41 209,645 ----a-w C:\windows\IPUI_DivXG400.exe
2006-04-12 14:54 130,560 -csha-w C:\Program Files\Thumbs.db
2005-01-09 18:43 15,386 -c--a-w C:\Documents and Settings\Administrator\BestTimes.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 06:14 1077277]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 23:29 165784]
"QIP2005"="C:\Program Files\QIP\qip.exe" [2007-11-16 14:17 3264512]
"SkinClock"="C:\Program Files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 16:50 334848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-27 23:03 75128]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-28 09:44 188416]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"SoundMan"="SOUNDMAN.EXE" [2002-09-11 03:57 46592 C:\WINDOWS\SOUNDMAN.EXE]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 12:20 227328]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 05:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 17:01 644696]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 12:02 79400]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-10-25 13:00 13312]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 14:58 1744896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e4f1d5da]
C:\windows\System32\vydbfvdg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

R2 SVKP;SVKP;C:\windows\System32\SVKP.sys [2008-02-06 19:04]
R2 UxTuneUp;TuneUp Theme Extension;C:\windows\System32\svchost.exe [2001-10-25 13:00]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\windows\System32\DRIVERS\AN983.sys [2001-08-17 21:11]
R3 PSched;Plánovač paketů technologie QoS;C:\windows\System32\DRIVERS\psched.sys [2001-10-25 13:00]
R3 smc2602w;SMC2602W 11Mbps Wireless 802.11 Adapter;C:\windows\System32\DRIVERS\SMC2602W.sys [2003-08-08 11:01]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\windows\System32\TuneUpDefragService.exe [2008-02-16 07:57]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2008-02-16 06:57:30 C:\windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 15:21:53
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\windows\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\windows\System32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\system32\Ati2evxx.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
**************************************************************************
.
Completion time: 2008-02-18 15:26:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-18 14:26:41



vypadá to, že jste mi to pomohli spravit! díky borci, jsem vám vděčný

[Baron Prášil]

fajn.ještě
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:

Kód: Vybrat vše

File::
C:\WINDOWS\system32\pmkji.dll
C:\WINDOWS\system32\alftovji.ini 
C:\WINDOWS\system32\pstwa.ini 
C:\WINDOWS\system32\sstqr.dll 

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e4f1d5da] 

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu+nový log z hijackthis už s nainstalovaným firewallem,pls

[kn0t3k]

ComboFix 08-02-18.1 - My 2008-02-19 15:56:16.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.0.1250.1.1029.18.1146 [GMT 1:00]
Running from: C:\Documents and Settings\My\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\My\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\system32\alftovji.ini
C:\WINDOWS\system32\pmkji.dll
C:\WINDOWS\system32\pstwa.ini
C:\WINDOWS\system32\sstqr.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\alftovji.ini
C:\windows\system32\geedc.dll
C:\WINDOWS\system32\pmkji.dll
C:\WINDOWS\system32\pstwa.ini
C:\WINDOWS\system32\sstqr.dll

.
((((((((((((((((((((((((( Files Created from 2008-01-19 to 2008-02-19 )))))))))))))))))))))))))))))))
.

2008-02-19 15:52 . 2008-02-19 15:52 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\Comodo
2008-02-19 15:52 . 2008-02-19 15:52 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Comodo
2008-02-19 15:48 . 2008-02-19 15:48 <DIR> d-------- C:\Program Files\Comodo
2008-02-18 14:23 . 2008-02-18 14:23 60,416 --a------ C:\WINDOWS\system32\drivers\ux^clfhn.sys
2008-02-17 10:21 . 2008-02-17 10:21 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-17 08:15 . 2008-02-17 08:15 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\Malwarebytes
2008-02-17 07:21 . 2008-02-17 16:03 <DIR> d-------- C:\Program Files\Premium Booster
2008-02-16 07:57 . 2008-02-16 07:57 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\TuneUp Software
2008-02-16 07:57 . 2008-02-16 07:57 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-02-16 07:55 . 2008-02-16 07:58 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-02-16 07:55 . 2008-02-16 07:55 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUp Software
2008-02-16 07:55 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-02-08 17:43 . 2008-02-08 17:44 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-02-08 17:39 . 2008-02-08 17:39 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-02-08 17:39 . 2008-02-08 17:39 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-02-08 17:37 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-02-08 17:37 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-02-08 17:37 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-02-08 17:37 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-02-08 17:37 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-02-08 17:37 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-02-08 17:37 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-02-08 17:37 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-02-08 17:37 . 2007-03-05 12:42 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2008-02-07 16:05 . 2008-02-08 16:41 <DIR> d-------- C:\Need for Speed ProStreet
2008-02-06 19:38 . 2008-02-06 19:38 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-02-06 19:04 . 2008-02-06 19:04 2,368 --a------ C:\WINDOWS\system32\SVKP.sys
2008-02-06 18:37 . 2008-02-06 18:37 <DIR> d-------- C:\Program Files\JoWooD
2008-02-01 12:53 . 2004-12-02 18:20 1,843,200 --a------ C:\WINDOWS\system32\NCTAudioFile2.dll
2008-02-01 12:53 . 2004-05-20 13:07 335,872 --a------ C:\WINDOWS\system32\NCTAudioVisualization2.dll
2008-02-01 12:53 . 2004-08-25 13:53 311,296 --a------ C:\WINDOWS\system32\NCTAudioRecord2.dll
2008-02-01 08:53 . 2008-02-01 08:53 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\3M
2008-01-31 17:00 . 2008-01-31 17:00 <DIR> d-------- C:\Program Files\Common Files\DVDVideoSoft
2008-01-31 16:55 . 2008-02-01 11:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-31 16:55 . 2008-01-31 16:56 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-28 06:36 . 2008-01-28 06:36 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-28 06:36 . 2008-01-28 06:45 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy
2008-01-27 11:11 . 2008-01-27 11:18 <DIR> d-------- C:\Program Files\Bridge Construction Set Demo
2008-01-26 07:23 . 2008-01-26 07:23 <DIR> d-------- C:\Program Files\TGTSoft
2008-01-26 07:21 . 2008-01-26 07:21 <DIR> d-------- C:\Program Files\Free Desktop Clock
2008-01-23 17:16 . 2008-01-23 17:16 <DIR> d-------- C:\Program Files\Blender Foundation
2008-01-19 10:23 . 2008-01-19 10:23 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Trymedia

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-16 06:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-08 17:39 --------- d-----w C:\Program Files\BitComet
2008-01-16 16:18 328,288 ----a-w C:\windows\system32\mljjh.dll
2008-01-16 05:10 328,288 ----a-w C:\windows\system32\jkhhg.dll
2008-01-15 05:07 328,288 ----a-w C:\windows\system32\geede.dll
2008-01-13 05:41 328,288 ----a-w C:\windows\system32\ssttr.dll
2008-01-12 10:22 328,288 ----a-w C:\windows\system32\geedd.dll
2008-01-12 10:12 --------- d-----w C:\Program Files\18 Wheels of Steel Haulin
2008-01-08 13:16 328,288 ----a-w C:\windows\system32\pmkhh.dll
2008-01-04 15:10 --------- d-----w C:\Documents and Settings\My\Data aplikací\ArcSoft
2008-01-02 14:34 328,288 ----a-w C:\windows\system32\awtqr.dll
2008-01-02 06:20 328,288 ----a-w C:\windows\system32\geebb.dll
2007-12-31 07:43 328,288 ----a-w C:\windows\system32\mljgg.dll
2007-12-30 08:02 --------- d-----w C:\Program Files\WM Converter
2007-12-30 08:01 --------- d-----w C:\Program Files\MegauploadToolbar
2007-12-30 08:01 --------- d-----w C:\Program Files\AoA Audio Extractor
2007-12-27 05:31 328,288 ----a-w C:\windows\system32\ssqpm.dll
2007-12-25 09:32 --------- d-----w C:\Program Files\CS Fire Monitor
2007-12-25 08:18 --------- d-----w C:\Program Files\TallStick
2007-12-25 08:18 --------- d-----w C:\Program Files\Free Screen Recorder
2007-12-25 08:17 --------- d-----w C:\Program Files\Mioplanet
2007-12-24 19:32 --------- d-----w C:\Documents and Settings\My\Data aplikací\Canon
2007-12-24 19:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-24 19:22 --------- d-----w C:\Program Files\NewSoft
2007-12-24 19:22 --------- d-----w C:\Program Files\Common Files\PDFView
2007-12-24 19:22 --------- d-----w C:\Program Files\Common Files\NewSoft
2007-12-24 19:20 --------- d-----w C:\Documents and Settings\My\Data aplikací\ScanSoft
2007-12-24 19:20 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ScanSoft
2007-12-24 19:19 --------- d-----w C:\Program Files\ScanSoft
2007-12-24 19:19 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2007-12-24 19:16 --------- d-----w C:\Program Files\ArcSoft
2007-12-24 19:15 --------- d-----w C:\Program Files\Common Files\CANON
2007-12-24 19:14 --------- d-----w C:\Program Files\Canon
2007-12-24 19:13 --------- d--h--w C:\Program Files\CanonBJ
2007-12-23 07:52 --------- d-----w C:\Program Files\Gigabyte
2007-12-23 07:51 --------- d-----w C:\Program Files\AmazingMIDI
2007-12-23 07:50 24,944 ----a-w C:\windows\system32\drivers\GVTDrv.sys
2007-12-22 16:28 328,288 ----a-w C:\windows\system32\ddcya.dll
2007-12-22 11:50 163,644 ----a-w C:\windows\system32\drivers\secdrv.sys
2007-12-06 15:21 328,288 ----a-w C:\windows\system32\pmkjj.dll
2007-12-02 10:41 209,645 ----a-w C:\windows\IPUI_DivXG400.exe
2007-11-30 16:52 418,823 ----a-w C:\windows\system32\mioengine.exe
2006-04-12 14:54 130,560 -csha-w C:\Program Files\Thumbs.db
2005-01-09 18:43 15,386 -c--a-w C:\Documents and Settings\Administrator\BestTimes.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 06:14 1077277]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 23:29 165784]
"QIP2005"="C:\Program Files\QIP\qip.exe" [2007-11-16 14:17 3264512]
"SkinClock"="C:\Program Files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 16:50 334848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-27 23:03 75128]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-28 09:44 188416]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"SoundMan"="SOUNDMAN.EXE" [2002-09-11 03:57 46592 C:\WINDOWS\SOUNDMAN.EXE]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 12:20 227328]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 05:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 17:01 644696]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 12:02 79400]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-02-19 15:48 1115728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-10-25 13:00 13312]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 14:58 1744896]

C:\Documents and Settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SMC2602W 11Mbps WLAN Monitor.lnk - C:\Program Files\SMC\SMC2602W 11Mbps Wirelss PCI Card\WLANUtility.exe [2003-09-05 12:22:02 167936]

C:\Documents and Settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:00 40048]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:00 734872]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

R2 SVKP;SVKP;C:\windows\System32\SVKP.sys [2008-02-06 19:04]
R2 UxTuneUp;TuneUp Theme Extension;C:\windows\System32\svchost.exe [2001-10-25 13:00]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\windows\System32\DRIVERS\AN983.sys [2001-08-17 21:11]
R3 PSched;Plánovač paketů technologie QoS;C:\windows\System32\DRIVERS\psched.sys [2001-10-25 13:00]
R3 smc2602w;SMC2602W 11Mbps Wireless 802.11 Adapter;C:\windows\System32\DRIVERS\SMC2602W.sys [2003-08-08 11:01]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\windows\System32\TuneUpDefragService.exe [2008-02-16 07:57]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - CMDAGENT
*Newly Created Service* - CMDMON
*Newly Created Service* - INSPECT
.
Contents of the 'Scheduled Tasks' folder
"2008-02-16 06:57:30 C:\windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 15:59:58
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-19 16:01:27
ComboFix-quarantined-files.txt 2008-02-19 15:01:24
ComboFix2.txt 2008-02-18 14:26:46


ComboFix 08-02-18.1 - My 2008-02-19 15:56:16.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.0.1250.1.1029.18.1146 [GMT 1:00]
Running from: C:\Documents and Settings\My\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\My\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\system32\alftovji.ini
C:\WINDOWS\system32\pmkji.dll
C:\WINDOWS\system32\pstwa.ini
C:\WINDOWS\system32\sstqr.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\alftovji.ini
C:\windows\system32\geedc.dll
C:\WINDOWS\system32\pmkji.dll
C:\WINDOWS\system32\pstwa.ini
C:\WINDOWS\system32\sstqr.dll

.
((((((((((((((((((((((((( Files Created from 2008-01-19 to 2008-02-19 )))))))))))))))))))))))))))))))
.

2008-02-19 15:52 . 2008-02-19 15:52 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\Comodo
2008-02-19 15:52 . 2008-02-19 15:52 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Comodo
2008-02-19 15:48 . 2008-02-19 15:48 <DIR> d-------- C:\Program Files\Comodo
2008-02-18 14:23 . 2008-02-18 14:23 60,416 --a------ C:\WINDOWS\system32\drivers\ux^clfhn.sys
2008-02-17 10:21 . 2008-02-17 10:21 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-17 08:15 . 2008-02-17 08:15 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\Malwarebytes
2008-02-17 07:21 . 2008-02-17 16:03 <DIR> d-------- C:\Program Files\Premium Booster
2008-02-16 07:57 . 2008-02-16 07:57 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\TuneUp Software
2008-02-16 07:57 . 2008-02-16 07:57 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-02-16 07:55 . 2008-02-16 07:58 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-02-16 07:55 . 2008-02-16 07:55 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUp Software
2008-02-16 07:55 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-02-08 17:43 . 2008-02-08 17:44 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-02-08 17:39 . 2008-02-08 17:39 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-02-08 17:39 . 2008-02-08 17:39 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-02-08 17:37 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-02-08 17:37 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-02-08 17:37 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-02-08 17:37 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-02-08 17:37 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-02-08 17:37 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-02-08 17:37 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-02-08 17:37 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-02-08 17:37 . 2007-03-05 12:42 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2008-02-07 16:05 . 2008-02-08 16:41 <DIR> d-------- C:\Need for Speed ProStreet
2008-02-06 19:38 . 2008-02-06 19:38 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-02-06 19:04 . 2008-02-06 19:04 2,368 --a------ C:\WINDOWS\system32\SVKP.sys
2008-02-06 18:37 . 2008-02-06 18:37 <DIR> d-------- C:\Program Files\JoWooD
2008-02-01 12:53 . 2004-12-02 18:20 1,843,200 --a------ C:\WINDOWS\system32\NCTAudioFile2.dll
2008-02-01 12:53 . 2004-05-20 13:07 335,872 --a------ C:\WINDOWS\system32\NCTAudioVisualization2.dll
2008-02-01 12:53 . 2004-08-25 13:53 311,296 --a------ C:\WINDOWS\system32\NCTAudioRecord2.dll
2008-02-01 08:53 . 2008-02-01 08:53 <DIR> d-------- C:\Documents and Settings\My\Data aplikací\3M
2008-01-31 17:00 . 2008-01-31 17:00 <DIR> d-------- C:\Program Files\Common Files\DVDVideoSoft
2008-01-31 16:55 . 2008-02-01 11:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-31 16:55 . 2008-01-31 16:56 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-28 06:36 . 2008-01-28 06:36 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-28 06:36 . 2008-01-28 06:45 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy
2008-01-27 11:11 . 2008-01-27 11:18 <DIR> d-------- C:\Program Files\Bridge Construction Set Demo
2008-01-26 07:23 . 2008-01-26 07:23 <DIR> d-------- C:\Program Files\TGTSoft
2008-01-26 07:21 . 2008-01-26 07:21 <DIR> d-------- C:\Program Files\Free Desktop Clock
2008-01-23 17:16 . 2008-01-23 17:16 <DIR> d-------- C:\Program Files\Blender Foundation
2008-01-19 10:23 . 2008-01-19 10:23 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Trymedia

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-16 06:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-08 17:39 --------- d-----w C:\Program Files\BitComet
2008-01-16 16:18 328,288 ----a-w C:\windows\system32\mljjh.dll
2008-01-16 05:10 328,288 ----a-w C:\windows\system32\jkhhg.dll
2008-01-15 05:07 328,288 ----a-w C:\windows\system32\geede.dll
2008-01-13 05:41 328,288 ----a-w C:\windows\system32\ssttr.dll
2008-01-12 10:22 328,288 ----a-w C:\windows\system32\geedd.dll
2008-01-12 10:12 --------- d-----w C:\Program Files\18 Wheels of Steel Haulin
2008-01-08 13:16 328,288 ----a-w C:\windows\system32\pmkhh.dll
2008-01-04 15:10 --------- d-----w C:\Documents and Settings\My\Data aplikací\ArcSoft
2008-01-02 14:34 328,288 ----a-w C:\windows\system32\awtqr.dll
2008-01-02 06:20 328,288 ----a-w C:\windows\system32\geebb.dll
2007-12-31 07:43 328,288 ----a-w C:\windows\system32\mljgg.dll
2007-12-30 08:02 --------- d-----w C:\Program Files\WM Converter
2007-12-30 08:01 --------- d-----w C:\Program Files\MegauploadToolbar
2007-12-30 08:01 --------- d-----w C:\Program Files\AoA Audio Extractor
2007-12-27 05:31 328,288 ----a-w C:\windows\system32\ssqpm.dll
2007-12-25 09:32 --------- d-----w C:\Program Files\CS Fire Monitor
2007-12-25 08:18 --------- d-----w C:\Program Files\TallStick
2007-12-25 08:18 --------- d-----w C:\Program Files\Free Screen Recorder
2007-12-25 08:17 --------- d-----w C:\Program Files\Mioplanet
2007-12-24 19:32 --------- d-----w C:\Documents and Settings\My\Data aplikací\Canon
2007-12-24 19:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-24 19:22 --------- d-----w C:\Program Files\NewSoft
2007-12-24 19:22 --------- d-----w C:\Program Files\Common Files\PDFView
2007-12-24 19:22 --------- d-----w C:\Program Files\Common Files\NewSoft
2007-12-24 19:20 --------- d-----w C:\Documents and Settings\My\Data aplikací\ScanSoft
2007-12-24 19:20 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ScanSoft
2007-12-24 19:19 --------- d-----w C:\Program Files\ScanSoft
2007-12-24 19:19 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2007-12-24 19:16 --------- d-----w C:\Program Files\ArcSoft
2007-12-24 19:15 --------- d-----w C:\Program Files\Common Files\CANON
2007-12-24 19:14 --------- d-----w C:\Program Files\Canon
2007-12-24 19:13 --------- d--h--w C:\Program Files\CanonBJ
2007-12-23 07:52 --------- d-----w C:\Program Files\Gigabyte
2007-12-23 07:51 --------- d-----w C:\Program Files\AmazingMIDI
2007-12-23 07:50 24,944 ----a-w C:\windows\system32\drivers\GVTDrv.sys
2007-12-22 16:28 328,288 ----a-w C:\windows\system32\ddcya.dll
2007-12-22 11:50 163,644 ----a-w C:\windows\system32\drivers\secdrv.sys
2007-12-06 15:21 328,288 ----a-w C:\windows\system32\pmkjj.dll
2007-12-02 10:41 209,645 ----a-w C:\windows\IPUI_DivXG400.exe
2007-11-30 16:52 418,823 ----a-w C:\windows\system32\mioengine.exe
2006-04-12 14:54 130,560 -csha-w C:\Program Files\Thumbs.db
2005-01-09 18:43 15,386 -c--a-w C:\Documents and Settings\Administrator\BestTimes.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 06:14 1077277]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 23:29 165784]
"QIP2005"="C:\Program Files\QIP\qip.exe" [2007-11-16 14:17 3264512]
"SkinClock"="C:\Program Files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 16:50 334848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-27 23:03 75128]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-28 09:44 188416]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"SoundMan"="SOUNDMAN.EXE" [2002-09-11 03:57 46592 C:\WINDOWS\SOUNDMAN.EXE]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 12:20 227328]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 05:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 17:01 644696]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 12:02 79400]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-02-19 15:48 1115728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-10-25 13:00 13312]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 14:58 1744896]

C:\Documents and Settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SMC2602W 11Mbps WLAN Monitor.lnk - C:\Program Files\SMC\SMC2602W 11Mbps Wirelss PCI Card\WLANUtility.exe [2003-09-05 12:22:02 167936]

C:\Documents and Settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:00 40048]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:00 734872]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

R2 SVKP;SVKP;C:\windows\System32\SVKP.sys [2008-02-06 19:04]
R2 UxTuneUp;TuneUp Theme Extension;C:\windows\System32\svchost.exe [2001-10-25 13:00]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\windows\System32\DRIVERS\AN983.sys [2001-08-17 21:11]
R3 PSched;Plánovač paketů technologie QoS;C:\windows\System32\DRIVERS\psched.sys [2001-10-25 13:00]
R3 smc2602w;SMC2602W 11Mbps Wireless 802.11 Adapter;C:\windows\System32\DRIVERS\SMC2602W.sys [2003-08-08 11:01]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\windows\System32\TuneUpDefragService.exe [2008-02-16 07:57]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - CMDAGENT
*Newly Created Service* - CMDMON
*Newly Created Service* - INSPECT
.
Contents of the 'Scheduled Tasks' folder
"2008-02-16 06:57:30 C:\windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 15:59:58
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-19 16:01:27
ComboFix-quarantined-files.txt 2008-02-19 15:01:24
ComboFix2.txt 2008-02-18 14:26:46

[Baron Prášil]

taky ten hijackthis,prosím+nějaké infíčko k problému

[kn0t3k]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:09:13, on 20.2.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\System32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\windows\System32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\windows\SOUNDMAN.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
C:\Program Files\SMC\SMC2602W 11Mbps Wirelss PCI Card\WLANUtility.exe
\Sblan2\pc\MARTIN\FirefoxPortable\App\firefox\firefox.exe
C:\windows\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: NOTFOUND.lnk = ?
O4 - Startup: SMC2602W 11Mbps WLAN Monitor.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C6A3C70-0909-4DF0-A7B3-F1F89F275E6C}: NameServer = 217.112.160.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 6203 bytes

změnil jsem firewall, protže přes comodo jsem se nemohl dostat na externí disk

[Baron Prášil]

hm,to je teda infíčko-to vidím,že máš jinej firewall
mě zajímá jak se chová komputer!

[kn0t3k]

no vcelku normálně, sice pořád stejně dlouho najíždí, ale jinak je to skvělé, neodpojuje se mě net, neseká se, neháže errory atd

[Baron Prášil]

pofackuj co je po spuštění zbytný
http://www.extra-pc.cz/otravne_programy ... ra_pc_1207
můžeš kouknout i na služby,ale vofafrně
http://madla.webpark.cz/

proč vlastně nemáš sp2?

[kn0t3k]

jednoduše: instaloval sem ho, ale při spouštění jak tam běhá modrý proužek s logem windows tak to se jakoby seklo a ani po hodině načítání se nic nestalo, ta pro to

[Baron Prášil]

tak to řeš-je to díra do systému

[kn0t3k]

nj, ale jak?

[Baron Prášil]

nevím jsou tu i jiné a vpravdě vhodnější sekce kde si tě přečte i někdo kdo o tom něco ví