problem pri starte OS

Logfile of HijackThis v1.99.1
Scan saved at 10:04:22, on 27.7.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Tray Tools\atitray.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Rainlendar 2\Rainlendar2.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\RBTray\RBTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe" "Microcom\ADSL DeskPorte USB"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar 2\Rainlendar2.exe
O4 - HKCU\..\Run: [HydraDM] "C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Startup: RBTray.lnk = C:\Program Files\RBTray\RBTray.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{774E7245-2C82-45AE-BEA3-8459F588A557}: NameServer = 195.146.132.58 195.146.128.60
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WBSrv - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

ComboFix 08-07-31.06 - CommanderBomber 2008-08-02 10:26:41.1 - NTFSx86
Systém Microsoft Windows XP Professional  5.1.2600.2.1250.1.1033.18.1551 [GMT 2:00]
Running from: D:\Download\ComboFix.exe
 * Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\CommanderBomber\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

.
(((((((((((((((((((((((((   Files Created from 2008-07-02 to 2008-08-02  )))))))))))))))))))))))))))))))
.

2008-08-01 15:46 . 2008-08-01 15:46   <DIR>   d--------   C:\Program Files\Banner Maker Pro 6
2008-08-01 15:46 . 2008-08-01 15:46   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-01 12:20 . 2008-08-01 12:20   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\ATI
2008-08-01 12:16 . 2008-08-01 12:16   <DIR>   d--------   C:\Program Files\ATI
2008-08-01 12:12 . 2008-08-01 12:16   <DIR>   d--------   C:\Program Files\Common Files\ATI Technologies
2008-08-01 12:11 . 2008-05-14 21:05   593,920   ---------   C:\WINDOWS\system32\ati2sgag.exe
2008-08-01 12:10 . 2008-08-01 12:16   <DIR>   d--------   C:\Program Files\ATI Technologies
2008-08-01 12:10 . 2008-05-15 03:37   3,107,788   -ra------   C:\WINDOWS\system32\ativvaxx.dat
2008-08-01 12:10 . 2008-05-15 03:37   3,107,788   -ra------   C:\WINDOWS\system32\ativva5x.dat
2008-08-01 12:10 . 2008-05-15 03:37   887,724   -ra------   C:\WINDOWS\system32\ativva6x.dat
2008-08-01 12:10 . 2008-05-15 04:12   413,696   -ra------   C:\WINDOWS\system32\ATIDEMGX.dll
2008-08-01 12:10 . 2008-05-15 03:57   307,200   -ra------   C:\WINDOWS\system32\atiiiexx.dll
2008-08-01 12:10 . 2008-04-28 23:09   172,033   -ra------   C:\WINDOWS\system32\atiicdxx.dat
2008-08-01 12:10 . 2008-05-06 19:41   12,787   -ra------   C:\WINDOWS\atiogl.xml
2008-08-01 12:10 . 2007-08-31 15:20   7,167   -ra------   C:\WINDOWS\system32\atifglpf.xml
2008-08-01 11:56 . 2008-08-01 11:56   <DIR>   d--------   C:\ATI
2008-08-01 09:59 . 2008-08-01 09:59   0   --a------   C:\WINDOWS\WB.ini
2008-08-01 09:06 . 2006-10-30 12:27   2,180,224   -----c---   C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-08-01 09:06 . 2006-10-30 12:25   2,136,064   -----c---   C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-08-01 09:06 . 2006-10-30 11:50   2,057,600   -----c---   C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-08-01 09:06 . 2006-10-30 11:50   2,015,744   -----c---   C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-07-31 15:18 . 2008-07-31 15:18   <DIR>   d--------   C:\Documents and Settings\Administrator
2008-07-30 19:31 . 2008-07-30 19:31   <DIR>   d--------   C:\Program Files\OpenAL
2008-07-30 19:31 . 2008-07-30 19:31   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Codemasters
2008-07-30 19:22 . 2008-07-30 19:22   <DIR>   d--------   C:\Program Files\Pictomio
2008-07-30 19:22 . 2008-07-30 19:22   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Pictomio
2008-07-30 19:19 . 2008-07-30 19:21   <DIR>   d--------   C:\Program Files\CachemanXP
2008-07-30 17:12 . 2004-08-04 00:56   159,232   --a------   C:\WINDOWS\system32\ptpusd.dll
2008-07-30 17:12 . 2004-08-03 22:58   15,104   --a------   C:\WINDOWS\system32\drivers\usbscan.sys
2008-07-30 17:12 . 2004-08-03 22:58   15,104   --a--c---   C:\WINDOWS\system32\dllcache\usbscan.sys
2008-07-30 17:12 . 2001-08-17 22:36   5,632   --a------   C:\WINDOWS\system32\ptpusb.dll
2008-07-30 16:51 . 2008-07-30 16:51   <DIR>   d--------   C:\Program Files\LimeWire
2008-07-29 14:37 . 2008-07-29 14:37   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\.thumbnails
2008-07-27 16:55 . 2008-07-27 16:56   <DIR>   d--------   C:\Program Files\PC Translator
2008-07-27 16:51 . 2008-07-30 21:30   3,735   --a------   C:\WINDOWS\wtran32.INI
2008-07-27 16:47 . 2008-07-27 16:47   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Application Data\LangSoft
2008-07-27 16:47 . 2008-07-27 16:47   0   --a------   C:\WINDOWS\XXLGSC
2008-07-27 11:13 . 2008-07-27 11:13   <DIR>   d--------   C:\Program Files\Common Files\Blizzard Entertainment
2008-07-26 17:53 . 2008-07-26 17:57   <DIR>   d--------   C:\Program Files\BitLord
2008-07-26 16:47 . 2008-05-15 03:49   3,500,352   --a--c---   C:\WINDOWS\system32\dllcache\ati3duag.dll
2008-07-26 16:47 . 2008-05-15 03:49   3,500,352   --a------   C:\WINDOWS\system32\ati3duag.dll
2008-07-26 16:47 . 2008-05-15 04:48   3,098,112   --a------   C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-07-26 16:47 . 2008-05-15 04:48   3,098,112   --a--c---   C:\WINDOWS\system32\dllcache\ati2mtag.sys
2008-07-26 16:47 . 2008-05-15 03:38   2,102,528   --a--c---   C:\WINDOWS\system32\dllcache\ativvaxx.dll
2008-07-26 16:47 . 2008-05-15 03:38   2,102,528   --a------   C:\WINDOWS\system32\ativvaxx.dll
2008-07-26 16:47 . 2008-05-15 03:12   557,056   --a--c---   C:\WINDOWS\system32\dllcache\ati2cqag.dll
2008-07-26 16:47 . 2008-05-15 03:12   557,056   --a------   C:\WINDOWS\system32\ati2cqag.dll
2008-07-26 16:47 . 2008-05-15 04:11   306,176   --a--c---   C:\WINDOWS\system32\dllcache\ati2dvag.dll
2008-07-26 16:47 . 2008-05-15 04:11   306,176   --a------   C:\WINDOWS\system32\ati2dvag.dll
2008-07-26 10:41 . 2008-07-29 09:02   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Application Data\uTorrent
2008-07-25 21:17 . 2008-07-25 21:17   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Application Data\AdobeUM
2008-07-23 10:17 . 2004-08-04 14:00   1,392,671   --a------   C:\WINDOWS\system32\MSVBVM60.DLL
2008-07-23 10:17 . 2004-08-04 14:00   553,472   --a------   C:\WINDOWS\system32\OLEAUT32.DLL
2008-07-23 10:17 . 2004-08-04 14:00   83,456   --a------   C:\WINDOWS\system32\OLEPRO32.DLL
2008-07-23 10:17 . 2004-08-04 14:00   65,024   --a------   C:\WINDOWS\system32\ASYCFILT.DLL
2008-07-23 10:17 . 2004-08-04 14:00   17,920   --a------   C:\WINDOWS\system32\STDOLE2.TLB
2008-07-23 10:17 . 2004-08-04 14:00   3,584   --a------   C:\WINDOWS\system32\COMCAT.DLL
2008-07-22 20:55 . 2008-07-22 20:55   <DIR>   d--------   C:\Program Files\Common Files\Adobe
2008-07-22 13:43 . 2008-07-29 09:04   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Sibelius Software
2008-07-22 13:43 . 2008-07-22 13:43   604   --ah-----   C:\WINDOWS\T4
2008-07-22 13:43 . 2008-07-22 13:43   604   --ah-----   C:\WINDOWS\system32\T3
2008-07-22 13:41 . 2004-02-25 18:19   69,632   --a------   C:\WINDOWS\system32\NI_DFD_1_2_9.dll
2008-07-22 13:30 . 2008-07-29 09:04   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Application Data\Sibelius Software
2008-07-22 13:22 . 2008-07-22 13:44   <DIR>   d--------   C:\Program Files\Native Instruments
2008-07-22 13:22 . 2006-10-26 15:29   393,216   --a------   C:\WINDOWS\system32\NI_IRC_1_2.dll
2008-07-22 13:22 . 2006-10-26 15:29   61,440   --a------   C:\WINDOWS\system32\NI_DFD_1_5.dll
2008-07-22 13:21 . 2008-07-22 13:37   <DIR>   d--------   C:\Program Files\Sibelius Software
2008-07-21 14:26 . 2008-07-21 14:26   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Trymedia
2008-07-21 12:31 . 2008-07-21 12:32   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Phone Browser
2008-07-21 12:31 . 2008-07-26 12:39   1,374   --a------   C:\WINDOWS\imsins.BAK
2008-07-21 12:30 . 2008-07-21 12:30   <DIR>   d--------   C:\Program Files\PC Connectivity Solution
2008-07-21 12:30 . 2008-07-21 12:30   <DIR>   d--------   C:\Program Files\DIFX
2008-07-21 12:30 . 2008-07-21 12:30   <DIR>   d--------   C:\Program Files\Common Files\PCSuite
2008-07-21 12:30 . 2008-07-21 12:30   <DIR>   d--------   C:\Program Files\Common Files\Nokia
2008-07-21 12:30 . 2008-07-21 12:30   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Application Data\PC Suite
2008-07-21 12:30 . 2008-07-21 12:31   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Application Data\Nokia
2008-07-21 12:30 . 2008-07-21 12:31   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-21 12:29 . 2008-07-21 12:30   <DIR>   d--------   C:\Program Files\Nokia PC Suite
2008-07-21 12:29 . 2007-02-22 10:15   137,216   --a------   C:\WINDOWS\system32\drivers\nmwcd.sys
2008-07-21 12:29 . 2007-02-22 10:15   90,624   --a------   C:\WINDOWS\system32\nmwcdcls.dll
2008-07-21 12:29 . 2007-02-22 10:15   65,536   --a------   C:\WINDOWS\system32\nmwcdcocls.dll
2008-07-21 12:29 . 2007-02-22 10:15   12,288   --a------   C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-07-21 12:29 . 2007-02-22 10:15   12,288   --a------   C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-07-21 12:29 . 2007-02-22 10:15   8,320   --a------   C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-07-21 12:28 . 2008-07-21 12:28   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Installations
2008-07-21 11:55 . 2008-07-22 15:48   102,400   --a------   C:\WINDOWS\DUMP5d52.tmp
2008-07-21 11:55 . 2008-07-25 18:30   102,400   --a------   C:\WINDOWS\DUMP5b4f.tmp
2008-07-21 11:55 . 2008-07-25 18:31   102,400   --a------   C:\WINDOWS\DUMP57b5.tmp
2008-07-21 11:55 . 2008-07-25 18:35   102,400   --a------   C:\WINDOWS\DUMP5738.tmp
2008-07-21 11:55 . 2008-07-29 18:26   102,400   --a------   C:\WINDOWS\DUMP4fc5.tmp
2008-07-21 11:55 . 2008-07-26 18:06   102,400   --a------   C:\WINDOWS\DUMP474a.tmp
2008-07-21 11:55 . 2008-07-26 18:23   102,400   --a------   C:\WINDOWS\DUMP4390.tmp
2008-07-21 11:55 . 2008-07-31 15:10   102,400   --a------   C:\WINDOWS\DUMP3d95.tmp
2008-07-21 11:55 . 2008-07-30 10:17   102,400   --a------   C:\WINDOWS\DUMP349c.tmp
2008-07-21 11:15 . 2004-08-04 14:00   25,088   --a------   C:\WINDOWS\system32\shfolder.dll
2008-07-21 09:12 . 2008-08-01 12:04   10   --a------   C:\WINDOWS\WININIT.INI
2008-07-20 22:42 . 2008-08-01 12:00   <DIR>   d--------   C:\WINDOWS\LastGood
2008-07-20 22:42 . 2008-07-21 09:14   <DIR>   d--------   C:\Program Files\ATI Demos
2008-07-20 20:18 . 2008-07-20 20:19   <DIR>   d--------   C:\Program Files\EVEREST Ultimate Edition
2008-07-20 19:17 . 2008-07-20 19:17   360,320   --a------   C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2008-07-20 16:22 . 2003-06-19 00:31   17,920   --a------   C:\WINDOWS\system32\mdimon.dll
2008-07-20 16:22 . 2008-07-20 16:22   376   --a------   C:\WINDOWS\ODBC.INI
2008-07-20 16:21 . 2008-07-20 16:22   <DIR>   d--------   C:\WINDOWS\SHELLNEW
2008-07-20 16:21 . 2008-07-20 16:21   <DIR>   d--------   C:\Program Files\Microsoft.NET
2008-07-20 11:38 . 2008-07-20 11:38   <DIR>   d--h-----   C:\WINDOWS\system32\GroupPolicy
2008-07-20 11:38 . 2008-06-20 12:45   360,320   --a------   C:\WINDOWS\system32\drivers\tcpip.sys.old
2008-07-20 11:23 . 2008-07-20 11:23   <DIR>   d--------   C:\WINDOWS\LastGood.Tmp
2008-07-20 11:23 . 2004-06-16 13:57   1,671,168   --a------   C:\WINDOWS\system32\cnxci.dll
2008-07-20 11:23 . 2004-06-16 13:51   60,416   --a------   C:\WINDOWS\system32\drivers\CnxTgNP.sys
2008-07-20 11:03 . 2008-07-20 11:03   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-20 10:23 . 2008-07-31 12:43   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\Application Data\gtk-2.0
2008-07-20 09:19 . 2008-07-20 09:19   <DIR>   d--------   C:\Program Files\WinXP Manager
2008-07-20 09:19 . 2008-07-26 14:30   <DIR>   d--------   C:\Program Files\FlashGet
2008-07-20 09:18 . 2008-07-20 09:18   <DIR>   d--------   C:\Program Files\FolderSize
2008-07-20 08:29 . 2008-04-23 06:16   6,066,176   -----c---   C:\WINDOWS\system32\dllcache\ieframe.dll
2008-07-20 08:29 . 2007-04-17 11:32   2,455,488   -----c---   C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-07-20 08:29 . 2007-03-08 07:10   991,232   -----c---   C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-07-20 08:29 . 2008-04-23 06:16   459,264   -----c---   C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-07-20 08:29 . 2008-04-23 06:16   383,488   -----c---   C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-07-20 08:29 . 2008-04-23 06:16   267,776   -----c---   C:\WINDOWS\system32\dllcache\iertutil.dll
2008-07-20 08:29 . 2008-04-23 06:16   63,488   -----c---   C:\WINDOWS\system32\dllcache\icardie.dll
2008-07-20 08:29 . 2008-04-23 06:16   52,224   -----c---   C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-07-20 08:29 . 2008-04-22 09:39   13,824   -----c---   C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-07-20 08:28 . 2008-07-31 15:21   69   --a------   C:\WINDOWS\NeroDigital.ini
2008-07-19 18:05 . 2008-08-01 14:46   <DIR>   d--------   C:\Documents and Settings\CommanderBomber\.gimp-2.4

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-02 08:12   16,608   ----a-w   C:\WINDOWS\gdrv.sys
2008-08-01 10:11   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2008-08-01 08:50   13,312   ----a-w   C:\WINDOWS\Internet Logs\xDBD.tmp
2008-08-01 08:50   1,162,752   ----a-w   C:\WINDOWS\Internet Logs\xDBE.tmp
2008-08-01 08:49   19,456   ----a-w   C:\WINDOWS\Internet Logs\xDBC.tmp
2008-08-01 08:12   36,864   ----a-w   C:\WINDOWS\Internet Logs\xDBB.tmp
2008-07-31 13:11   110,592   ----a-w   C:\WINDOWS\Internet Logs\xDBA.tmp
2008-07-31 13:06   1,160,704   ----a-w   C:\WINDOWS\Internet Logs\xDB9.tmp
2008-07-30 17:31   444,952   ----a-w   C:\WINDOWS\system32\wrap_oal.dll
2008-07-30 17:31   109,080   ----a-w   C:\WINDOWS\system32\OpenAL32.dll
2008-07-30 17:31   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
2008-07-28 11:22   3,087,872   ----a-w   C:\WINDOWS\Internet Logs\xDB7.tmp
2008-07-28 11:22   1,148,928   ----a-w   C:\WINDOWS\Internet Logs\xDB8.tmp
2008-07-25 18:59   25,600   ----a-w   C:\WINDOWS\Internet Logs\xDB3.tmp
2008-07-25 18:59   1,131,008   ----a-w   C:\WINDOWS\Internet Logs\xDB4.tmp
2008-07-22 11:43   604   ---ha-w   C:\Program Files\STLL Notifier
2008-07-21 10:55   2,920,448   ----a-w   C:\WINDOWS\Internet Logs\xDB2.tmp
2008-07-21 08:07   12,528   ----a-w   C:\WINDOWS\system32\drivers\secdrv.sys
2008-07-21 07:07   110,592   ----a-w   C:\WINDOWS\DUMP3ebe.tmp
2008-07-20 17:17   360,320   ----a-w   C:\WINDOWS\system32\drivers\TCPIP.SYS
2008-07-19 09:00   14,336   ----a-w   C:\WINDOWS\Internet Logs\xDB1.tmp
2008-07-19 08:53   38,912   ----a-w   C:\WINDOWS\Internet Logs\xDB5.tmp
2008-07-19 08:53   1,084,416   ----a-w   C:\WINDOWS\Internet Logs\xDB6.tmp
2008-07-18 21:00   ---------   d-----w   C:\Program Files\GIGABYTE
2008-07-18 21:00   ---------   d-----w   C:\Program Files\Common Files\InstallShield
2008-07-18 20:58   ---------   d-----w   C:\Program Files\Realtek
2008-07-18 20:58   ---------   d-----w   C:\Documents and Settings\CommanderBomber\Application Data\InstallShield
2008-07-18 20:56   315,392   ----a-w   C:\WINDOWS\HideWin.exe
2008-07-18 20:55   ---------   d-----w   C:\Documents and Settings\CommanderBomber\Application Data\ATI
2008-07-18 20:53   ---------   d-----w   C:\Program Files\Intel
2008-07-18 20:31   ---------   d-----w   C:\Program Files\microsoft frontpage
2008-06-20 17:41   245,248   ----a-w   C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:44   138,368   ----a-w   C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52   225,920   ----a-w   C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-04 12:55   53,248   ----a-w   C:\WINDOWS\system32\CSVer.dll
2008-05-15 02:02   180,224   ----a-w   C:\WINDOWS\system32\atipdlxx.dll
2008-05-15 02:02   139,264   ----a-w   C:\WINDOWS\system32\Oemdspif.dll
2008-05-15 02:01   43,520   ----a-w   C:\WINDOWS\system32\ati2edxx.dll
2008-05-15 02:01   26,112   ----a-w   C:\WINDOWS\system32\Ati2mdxx.exe
2008-05-15 02:01   139,264   ----a-w   C:\WINDOWS\system32\ati2evxx.dll
2008-05-15 02:00   544,768   ----a-w   C:\WINDOWS\system32\ati2evxx.exe
2008-05-15 01:58   53,248   ----a-w   C:\WINDOWS\system32\ATIDDC.DLL
2008-05-15 01:57   10,276,864   ----a-w   C:\WINDOWS\system32\atioglx2.dll
2008-05-15 01:24   48,128   ----a-w   C:\WINDOWS\system32\amdpcom32.dll
2008-05-15 01:20   348,160   ----a-w   C:\WINDOWS\system32\atikvmag.dll
2008-05-15 01:19   23,040   ----a-w   C:\WINDOWS\system32\atiadlxx.dll
2008-05-15 01:18   17,408   ----a-w   C:\WINDOWS\system32\atitvo32.dll
2008-05-15 01:16   245,760   ----a-w   C:\WINDOWS\system32\atiok3x2.dll
2008-05-07 07:39   16,862,208   ------r   C:\WINDOWS\RTHDCPL.exe
2008-05-07 05:18   1,287,680   ----a-w   C:\WINDOWS\system32\quartz.dll
2007-06-13 13:07   6,276,080   ----a-w   C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2006-05-03 09:06   163,328   --sh--r   C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47   31,232   --sh--r   C:\WINDOWS\system32\msfDX.dll
2008-03-16 12:30   216,064   --sh--r   C:\WINDOWS\system32\nbDX.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraDM"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [2003-09-15 21:00 270336]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"CursorFX"="C:\Program Files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 17:46 416768]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 12:49 451872]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-07-04 14:01 148776]
"Rainlendar2"="C:\Program Files\Rainlendar 2\Rainlendar2.exe" [2007-12-30 12:23 1365504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-07-04 14:20 161064]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"ClocX"="C:\Program Files\ClocX\ClocX.exe" [2007-07-26 17:43 270336]
"EasyTuneVI"="C:\Program Files\GIGABYTE\ET6\ETcall.exe" [2007-07-26 15:05 20480]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 16:40 213936]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 16:40 86960]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-03-20 16:40 213936]
"CnxDslTaskBar"="C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe" [2004-06-16 13:55 233472]
"LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 18:38 987187]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 06:15 15872]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-03-16 11:34 755480]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"ATICustomerCare"="C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 18:38 307200]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 09:39 16862208 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

C:\Documents and Settings\CommanderBomber\Start Menu\Programs\Startup\
RBTray.lnk - C:\Program Files\RBTray\RBTray.exe [2007-04-18 14:41:52 57344]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-07-19 10:48 210168 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Hry\\The Settlers - Rise of an Empire\\base\\bin\\Settlers6.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Hry\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"D:\\Hry\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=
"D:\\Hry\\Race Driver GRID\\GRID.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler;C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-03-07 12:00]
R2 GEST Service;GEST Service for program management.;C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-05-13 18:07]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 01:53]
R3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-06-16 13:51]
R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-06-16 13:51]
R3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys [2004-06-16 13:51]
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-04 14:00]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2008-07-19 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 18:35]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\CommanderBomber\Application Data\Mozilla\Firefox\Profiles\60pl55s0.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.sk
FF -: plugin - C:\Program Files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 10:27:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-02 10:28:12
ComboFix-quarantined-files.txt  2008-08-02 08:28:11

Pre-Run: 43,832,115,200 bytes free
Post-Run: 8 adresárov, 45,508,665,344 voľných bajtov

294   --- E O F ---   2008-07-21 08:00:06