Becsuktam MINDENT!
Íme:
ComboFix 08-01-09.2 - Kátai 2008-01-19 19:20:39.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1038.18.98 [GMT 1:00]
Running from: C:\Documents and Settings\Kátai\Asztal\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-12-19 to 2008-01-19 )))))))))))))))))))))))))))))))
.
2008-01-19 19:18 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-19 12:31 . 2008-01-19 12:31 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\Comodo
2008-01-19 12:31 . 2008-01-19 12:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2008-01-19 12:28 . 2007-12-05 17:30 220 --a------ C:\boot.ini.comodofirewall
2008-01-19 12:26 . 2008-01-19 12:26 <DIR> d-------- C:\Program Files\Comodo
2008-01-19 12:14 . 2008-01-19 12:14 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\HP
2008-01-19 11:53 . 2008-01-19 11:53 <DIR> d-------- C:\Program Files\CCleaner
2008-01-19 07:46 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-19 07:46 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-01-19 07:46 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-18 21:15 . 2008-01-18 21:30 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-18 21:13 . 2008-01-18 21:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-17 18:57 . 2008-01-17 19:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Alternate
2008-01-17 14:49 . 2008-01-17 14:49 <DIR> d-------- C:\Program Files\Webroot
2008-01-17 14:49 . 2008-01-17 14:49 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\Webroot
2008-01-17 14:49 . 2008-01-17 14:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-01-17 14:49 . 2007-06-15 13:38 1,521,216 --a------ C:\WINDOWS\WRSetup.dll
2008-01-17 14:49 . 2007-06-15 13:22 160,320 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2008-01-17 14:49 . 2007-06-15 13:22 24,128 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-01-17 14:49 . 2007-06-15 13:21 22,080 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2008-01-17 14:49 . 2007-06-15 13:21 20,544 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
2008-01-17 14:09 . 2008-01-17 14:09 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-01-16 18:28 . 2008-01-17 13:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-16 15:25 . 2008-01-16 15:25 <DIR> d-------- C:\Program Files\FDF
2008-01-16 15:15 . 2008-01-16 15:19 <DIR> d-------- C:\Program Files\Shutdown Monster
2008-01-15 12:38 . 2008-01-19 13:20 19,148 --a------ C:\WINDOWS\system32\oodbs.lor
2008-01-15 11:51 . 2008-01-15 11:51 <DIR> d-------- C:\Program Files\OO Software
2008-01-15 11:37 . 2008-01-15 11:37 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\Artweaver
2008-01-15 11:19 . 2008-01-15 11:19 <DIR> d--h----- C:\WINDOWS\Icons
2008-01-14 17:21 . 2008-01-14 17:27 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\DMCache
2008-01-02 09:56 . 2008-01-17 18:54 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\Ashampoo Photo Commander 5
2008-01-02 09:52 . 2008-01-12 12:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
2008-01-02 08:55 . 2008-01-02 08:55 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\Smart PC Solutions
2007-12-29 12:14 . 2007-12-29 12:14 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\Pogo Games
2007-12-28 18:59 . 2007-12-28 18:59 <DIR> d-------- C:\Program Files\ReflexiveArcade
2007-12-27 18:57 . 2007-12-27 18:59 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\7Wonders
2007-12-27 18:31 . 2007-12-27 18:31 <DIR> d-------- C:\Program Files\GameHouse
2007-12-26 17:27 . 2007-12-27 13:53 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2007-12-26 09:17 . 2007-12-26 09:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2007-12-26 09:09 . 2007-12-26 09:09 <DIR> d-------- C:\WINDOWS\luxor 3
2007-12-25 15:16 . 2007-12-25 15:16 1,411 --a------ C:\WINDOWS\ss_ts.haw
2007-12-25 15:15 . 2007-12-25 15:16 27 --a------ C:\WINDOWS\swirl.haw
2007-12-25 15:15 . 2007-12-25 15:15 3 --a------ C:\WINDOWS\sw_ver.dat
2007-12-25 15:15 . 2007-12-25 15:15 3 --a------ C:\WINDOWS\sw_app.sys
2007-12-25 15:15 . 2007-12-25 15:15 3 --a------ C:\WINDOWS\approval.dat
2007-12-25 15:08 . 2007-12-25 15:11 116 --a------ C:\WINDOWS\memorix.cfg
2007-12-23 14:27 . 2007-12-23 14:27 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\URSE Games
2007-12-21 13:41 . 2007-12-21 13:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-12-21 13:41 . 2008-01-19 08:00 <DIR> d-------- C:\Documents and Settings\Kátai\Application Data\AVG7
2007-12-21 13:40 . 2007-12-21 14:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-21 13:40 . 2007-12-21 13:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-12-20 13:10 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-12-20 13:10 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-20 10:05 . 2007-10-11 00:53 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-20 10:05 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-12-20 10:05 . 2007-07-01 04:36 1,028,096 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-12-20 10:05 . 2007-10-11 00:53 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-20 10:05 . 2007-10-11 00:53 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-20 10:05 . 2007-10-11 00:53 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-20 10:05 . 2007-10-11 00:53 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-20 10:05 . 2007-10-11 00:53 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-20 10:05 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-20 10:04 . 2007-12-20 10:07 <DIR> d-------- C:\WINDOWS\system32\hu-hu
2007-12-19 19:37 . 2007-12-19 19:37 37 --a------ C:\WINDOWS\r007
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-19 18:15 --------- d-----w C:\Documents and Settings\Kátai\Application Data\uTorrent
2008-01-07 13:04 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2008-01-02 17:35 --------- d-----w C:\Program Files\HP
2007-12-22 16:53 --------- d-----w C:\Program Files\MSN Messenger
2007-12-20 11:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-20 11:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-19 19:05 --------- d-----w C:\Program Files\TClockEx
2007-12-19 15:19 --------- d-----w C:\Program Files\Winamp
2007-12-17 15:32 --------- d-----w C:\Program Files\DAEMON Tools Pro
2007-12-15 15:41 --------- d-----w C:\Documents and Settings\Kátai\Application Data\dvdcss
2007-12-15 13:32 --------- d-----w C:\Program Files\Ahead
2007-12-14 15:35 --------- d-----w C:\Documents and Settings\Kátai\Application Data\DeepBurner
2007-12-14 14:54 --------- d-----w C:\Documents and Settings\Kátai\Application Data\vlc
2007-12-14 14:27 --------- d-----w C:\Program Files\VideoLAN
2007-12-14 14:16 --------- d-----w C:\Program Files\Common Files\AVSMedia
2007-12-14 14:09 33,824 ----a-w C:\WINDOWS\system32\drivers\oreans32.sys
2007-12-12 17:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2007-12-10 14:53 --------- d-----w C:\Program Files\clock-desktop
2007-12-10 13:50 --------- d-----w C:\Program Files\7-Zip
2007-12-10 08:58 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2007-12-10 08:58 286,720 ------w C:\WINDOWS\Setup1.exe
2007-12-09 19:43 --------- d-----w C:\Documents and Settings\Kátai\Application Data\Media Player Classic
2007-12-08 16:54 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2007-12-08 14:38 --------- d-----w C:\Program Files\Trust
2007-12-08 08:54 --------- d-----w C:\Program Files\Ericsson
2007-12-07 19:55 --------- d-----w C:\Documents and Settings\Kátai\Application Data\Teleca
2007-12-07 11:10 --------- d-----w C:\Documents and Settings\Kátai\Application Data\TuneUp Software
2007-12-07 09:39 --------- d-----w C:\Documents and Settings\Kátai\Application Data\DAEMON Tools Pro
2007-12-07 09:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-12-07 09:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2007-12-07 08:59 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-12-06 18:38 --------- d-----w C:\Program Files\uTorrent
2007-12-06 18:34 --------- d-----w C:\Documents and Settings\Kátai\Application Data\Talkback
2007-12-06 17:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2007-12-06 16:44 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-06 16:31 --------- d-----w C:\Program Files\Angol-magyar szótár
2007-12-06 14:59 --------- d-----w C:\Program Files\Common Files\HP
2007-12-06 14:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
2007-12-06 14:22 --------- d-----w C:\Program Files\ArcSoft
2007-12-06 14:21 --------- d-----w C:\Program Files\VGA USB Camera
2007-12-06 14:21 --------- d-----w C:\Program Files\directx
2007-12-06 12:11 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-06 12:06 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-06 12:03 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-12-05 16:43 --------- d-----w C:\Program Files\microsoft frontpage
2007-11-07 09:29 725,504 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:44 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-02-04 20:52 72,704 ----a-w C:\Program Files\Keygen.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TClockEx"="C:\Program Files\TClockEx\TCLOCKEX.EXE" [2000-03-09 01:15 89088]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:47 15360]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2007-12-06 19:38 219952]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OFFICEKB"="C:\Program Files\Trust\3010A WIRELESS DESKSET\Keyboard\kbdap32a.EXE" [2007-12-08 15:38 396288]
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\3010A WIRELESS DESKSET\Mouse\mouse32a.exe" [2007-12-08 15:38 370176]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-22 09:40 579072]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-01-19 13:13 1115728]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-06-15 13:38 5356096]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:47 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-22 09:41 219136]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe
R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS [2007-06-15 13:21]
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-12-14 15:09]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-17 15:48]
R3 trid3d;trid3d;C:\WINDOWS\system32\DRIVERS\trid3dm.sys [2001-08-17 21:51]
S3 188IR;WORLD ADS-188IR IrDA Adapter;C:\WINDOWS\system32\DRIVERS\188IR.sys [2003-08-21 11:16]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 15:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 15:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 15:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 15:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 15:50]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
*Newly Created Service* - USNJSVC
.
Contents of the 'Scheduled Tasks' folder
"2008-01-19 11:26:16 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-01-19 19:25:12
Windows 5.1.2600 Szervizcsomag 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-19 19:27:14
.
2008-01-09 12:09:15 --- E O F ---
Amúgy ez mit csinált? Hibás fájt?
Ebből kiindulva érthető, hogy ezt ajánlottad. Azt hidtem, hogy te is ezt használod.
Vistán változatlan nem jó együtt a legújabb NOD32 3.0 és az Outpost 6.0. 
. Így hát ezt is leszedtem.
Igen. Ez az, amikor csak az oldal tetejét olvassa el az ember.