prosim o kontrolu logu

nejde mi urobit defragmentciu prebehne ale disk je stale fragmentovany tak isto plus sem tam mrzne a stale svapuje je to win xp dakujem

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:26:44, on 4.8.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\Integrator.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\WorldCommunityGrid\UD.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\WorldCommunityGrid\ud_19859909.exe
C:\Program Files\WorldCommunityGrid\ud_19859909_0.dir\wcgrid_ud_migration_msg.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\Program Files\Cashfiesta\FiestaBar\Cashfiesta.exe
C:\Program Files\QIP Infium\infium.exe
F:\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe r
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O4 - Startup: Cashfiesta.lnk = C:\Program Files\Cashfiesta\FiestaBar\Cashfiesta.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: World Community Grid Agent.lnk = C:\Program Files\WorldCommunityGrid\UD.EXE
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Otvorit tento odkaz vo Firefoxe - file://C:\Documents and Settings\miki\Data aplikací\Mozilla\Firefox\Profiles\lsylkhue.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Zobrazit túto stránku vo Firefoxe - file://C:\Documents and Settings\miki\Data aplikací\Mozilla\Firefox\Profiles\lsylkhue.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7684416234
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs:
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 12918 bytes

ComboFix 08-08-03.05 - miki 2008-08-04 14:29:47.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1487 [GMT 2:00]
Running from: C:\Documents and Settings\miki\Plocha\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-07-04 to 2008-08-04 )))))))))))))))))))))))))))))))
.

2008-08-04 14:59 . 2003-07-29 03:18 3,839 --a------ C:\WINDOWS\system32\drivers\GETPADD.sys
2008-08-04 14:18 . 2008-08-04 14:18 25,984 --a------ C:\FRAGLIST.LUAR
2008-08-04 13:26 . 2008-08-04 13:17 401,720 --a------ C:\HiJackThis.exe
2008-08-04 12:55 . 2008-08-04 14:19 <DIR> d-------- C:\WINDOWS\UltraDefrag
2008-08-04 12:50 . 2008-08-04 12:50 <DIR> d-------- C:\Program Files\DiskTrix
2008-08-04 10:20 . 2008-08-04 10:49 <DIR> d-------- C:\Program Files\QIP Infium
2008-08-02 19:47 . 2008-08-02 19:47 <DIR> d-------- C:\Program Files\WorldResEdit
2008-08-02 19:47 . 2005-03-04 21:39 565,248 --a------ C:\WINDOWS\system32\SftTree_IX86_U_45.ocx
2008-08-02 19:47 . 2006-02-02 23:20 237,568 --a------ C:\WINDOWS\system32\MLResUtil.dll
2008-08-02 19:47 . 2003-03-06 22:35 143,360 --a------ C:\WINDOWS\system32\MLSupport.dll
2008-08-02 19:47 . 2001-06-26 15:57 139,264 --a------ C:\WINDOWS\system32\linkui.ocx
2008-08-02 19:47 . 2000-04-28 10:56 102,400 --a------ C:\WINDOWS\system32\ccrpprg6.ocx
2008-08-02 19:47 . 2004-05-06 00:03 69,632 --a------ C:\WINDOWS\system32\MLRuntime.dll
2008-08-02 19:47 . 1997-06-21 02:24 40,448 --a------ C:\WINDOWS\system32\regobj.dll
2008-07-29 19:46 . 2008-07-29 19:47 <DIR> d-------- C:\Program Files\OpenOffice.org 2.3
2008-07-29 19:13 . 2008-07-29 19:16 <DIR> d-------- C:\Program Files\The KMPlayer
2008-07-22 12:08 . 2008-07-22 12:11 <DIR> d-------- C:\Documents and Settings\miki\.VirtualBox
2008-07-22 12:07 . 2008-07-22 12:07 <DIR> d-------- C:\Program Files\innotek VirtualBox
2008-07-22 12:07 . 2008-02-20 20:17 40,928 --a------ C:\WINDOWS\system32\drivers\VBoxDrv.sys
2008-07-22 12:07 . 2008-02-20 20:17 27,776 --a------ C:\WINDOWS\system32\drivers\VBoxUSBMon.sys
2008-07-21 15:06 . 2008-07-21 15:06 <DIR> d-------- C:\Program Files\Cashfiesta
2008-07-15 18:30 . 2008-07-19 10:37 <DIR> d-------- C:\Program Files\Crawler
2008-07-15 14:09 . 2008-07-15 14:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-15 14:09 . 2008-07-15 14:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-15 12:54 . 2008-07-15 12:54 21,419 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2008-07-15 12:52 . 2006-07-28 02:46 2,732,032 --a------ C:\WINDOWS\system32\NETw3r32.dll
2008-07-15 12:52 . 2006-09-27 02:36 1,709,696 --a------ C:\WINDOWS\system32\drivers\NETw3x32.sys
2008-07-15 12:52 . 2006-07-28 02:45 561,152 --a------ C:\WINDOWS\system32\NETw3c32.dll
2008-07-07 18:28 . 2008-07-07 18:28 <DIR> d-------- C:\Program Files\Common Files\DirectX
2008-07-07 15:53 . 2008-07-07 17:13 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-07-07 15:53 . 2008-07-07 17:14 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-07-07 15:53 . 2008-07-07 17:14 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-07-07 15:48 . 2008-07-07 15:48 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-07-06 14:46 . 2008-07-06 14:46 <DIR> d-------- C:\Program Files\IObit
2008-07-06 10:50 . 2008-07-06 10:50 <DIR> d-------- C:\Program Files\YourWare Solutions
2008-07-05 17:31 . 2008-07-06 18:34 <DIR> d-------- C:\WINDOWS\system32\oodag
2008-07-05 17:23 . 2008-07-05 17:23 0 --a------ C:\WINDOWS\oodcnt.INI
2008-07-05 17:16 . 2008-07-05 17:16 <DIR> d-------- C:\Program Files\OO Software
2008-07-04 18:07 . 2008-07-04 18:07 <DIR> d-------- C:\Program Files\Electronic Arts
2008-07-04 18:06 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-07-04 17:30 . 2008-07-04 17:30 <DIR> d-------- C:\Program Files\Alcohol Soft
2008-07-04 17:30 . 2004-04-30 09:37 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2008-07-04 17:30 . 2004-04-30 09:33 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2008-07-04 08:27 . 2008-07-04 08:27 <DIR> d-------- C:\Documents and Settings\LocalService\Nabˇdka Start

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-04 12:57 --------- d-----w C:\Program Files\WorldCommunityGrid
2008-08-04 12:11 --------- d-----w C:\Program Files\CobraShare_DUploader
2008-08-04 12:10 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 5
2008-08-03 23:31 --------- d-----w C:\Program Files\Zoom Player
2008-07-31 13:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-26 09:00 --------- d-----w C:\Program Files\Spyware Terminator
2008-07-24 22:30 --------- d-----w C:\Program Files\Java
2008-07-19 18:02 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-07-19 16:20 --------- d-----w C:\Program Files\Yahoo!
2008-07-15 16:29 141,312 ----a-w C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-07-03 16:27 --------- d-----w C:\Program Files\Scorpions WinCheater
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-16 17:10 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-06-16 17:10 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-06-16 17:03 --------- d-----w C:\Program Files\MSXML 6.0
2008-06-14 18:00 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-14 17:19 69,632 ----a-w C:\WINDOWS\UD.SCR
.

------- Sigcheck -------

2007-06-13 15:23 975872 70192aa0fb59996148038b671eb5ade1 C:\WINDOWS\explorer.exe
2007-06-13 15:23 975872 70192aa0fb59996148038b671eb5ade1 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 13:00 15360]
"OEXPRESS"="C:\WINDOWS\OETRN.EXE" [2008-04-23 16:09 26624]
"FreeRAM XP"="C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-23 00:13 1591808]
"Infium"="C:\Program Files\QIP Infium\infium.exe" [2008-07-31 17:53 4207616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-21 08:51 7335936]
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2005-10-05 17:50 86016]
"Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 17:09 987136]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-20 23:26 761945]
"ABLKSR"="C:\WINDOWS\ABLKSR\ABLKSR.exe" [2006-01-02 19:14 61440]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-07-15 18:29 1817600]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-15 00:22 35328]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-07-28 22:04 110592]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-23 16:05 2615624]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-23 17:58 906648]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-23 16:10 140568]
"OSSelectorReinstall"="C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2007-03-15 10:06 2225208]
"Name of App"="C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe" [2008-07-07 13:12 675935]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-03-01 07:10 15872]
"ThreatFire"="C:\Program Files\ThreatFire\TFTray.exe" [2008-03-18 20:35 1152320]
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" [2008-03-28 14:37 2598808]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 00:38 802816]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 00:32 696320]
"nwiz"="nwiz.exe" [2005-11-21 08:51 1519616 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-06 20:39 14850560 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-18 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartDefrag]
--a------ 2008-04-17 14:51 1870592 C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"SMSERIAL"=sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2008-04-12 14:04]
R0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys [2008-02-15 10:20]
R0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys [2008-02-15 10:21]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-03-12 09:30]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2008-02-21 08:56]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2008-02-21 08:56]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-07-15 18:29]
R1 VBoxDrv;VirtualBox Service;C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-02-20 20:17]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-02-20 20:17]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
R2 TryAndDecideService;Acronis Try And Decide Service;C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 19:41]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-18 13:00]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-18 13:00]
R3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys [2008-02-15 10:21]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2333dd36-49e1-11dd-8ade-00130225f0dc}]
\Shell\AutoRun\command - G:\RunGame.exe
.
Contents of the 'Scheduled Tasks' folder

2008-08-01 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-12-30 15:13]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\miki\Data aplikací\Mozilla\Firefox\Profiles\lsylkhue.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-04 14:59:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\WINDOWS\system32\drivers\GETPADD.sys 3839 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Unlocker\UnlockerHook.dll
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
-> C:\WINDOWS\TrnOEH.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\WorldCommunityGrid\UD.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Integrator.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
C:\Program Files\WorldCommunityGrid\ud_19859909.exe
C:\Program Files\WorldCommunityGrid\ud_19859909_0.dir\wcgrid_ud_migration_msg.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
.
**************************************************************************
.
Completion time: 2008-08-04 15:08:13 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-04 13:08:01

Pre-Run: 878,407,168
Post-Run: 826,295,808

215 --- E O F --- 2008-08-04 01:02:45

presunute