ComboFix 09-08-10.06 - PC 18.08.2009 0:30:06.11.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1404 [GMT 2:00]
Running from: C:\Documents and Settings\PC\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\PC\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
"c:\windows\d3dx.dat"
"c:\windows\nsreg.dat"
"c:\windows\system32\A97C149DEC.sys"
"c:\windows\system32\KGyGaAvL.sys"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\d3dx.dat
c:\windows\nsreg.dat
c:\windows\system32\A97C149DEC.sys
c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((( Files Created from 2009-07-17 to 2009-08-17 )))))))))))))))))))))))))))))))
.
2009-08-14 21:24:58 . 2009-08-14 21:24:58 0 d-----w- C:\Documents and Settings\PC\Local Settings\Application Data\Help
2009-08-14 12:19:16 . 2008-01-09 09:28:34 27632 ----a-w- C:\WINDOWS\system32\drivers\seehcri.sys
2009-08-14 12:18:41 . 2009-08-14 12:18:41 148736 ----a-w- C:\Documents and Settings\All Users\Application Data\hpe1F93.dll
2009-08-13 08:04:03 . 2009-08-13 08:07:18 0 d-----w- C:\Program Files\Wise Disk Cleaner
2009-08-13 08:02:46 . 2009-08-13 08:06:42 0 d-----w- C:\Program Files\Wise Registry Cleaner
2009-08-13 08:00:59 . 2009-08-12 10:50:26 21192 ----a-w- C:\WINDOWS\system32\dopdfmn6.dll
2009-08-13 08:00:59 . 2009-08-12 10:50:24 18632 ----a-w- C:\WINDOWS\system32\dopdfmi6.dll
2009-08-13 08:00:57 . 2009-08-13 08:00:57 0 d-----w- C:\Program Files\Softland
2009-08-11 18:40:32 . 2009-08-11 18:40:32 0 d-----w- C:\WINDOWS\system32\Adobe
2009-08-11 17:47:01 . 2009-08-11 17:47:02 152576 ----a-w- C:\Documents and Settings\PC\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-08-11 15:38:03 . 2009-08-11 15:38:03 0 d-----w- C:\Program Files\Secunia
2009-08-11 13:37:17 . 2009-08-11 13:37:22 0 d-----w- C:\Program Files\DivX
2009-08-11 13:37:17 . 2009-08-11 13:37:17 0 d-----w- C:\Program Files\Common Files\DivX Shared
2009-08-10 11:42:48 . 2009-08-17 15:28:03 0 d-----w- C:\Program Files\Opera 10 Beta
2009-08-08 09:45:58 . 2009-08-03 11:36:28 38160 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-08-08 09:45:57 . 2009-08-08 09:46:02 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-08 09:45:57 . 2009-08-03 11:36:06 19096 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2009-08-07 17:27:02 . 2008-09-16 19:23:26 168448 ----a-w- C:\WINDOWS\system32\unrar.dll
2009-08-07 17:26:56 . 2009-05-29 21:37:40 205824 ----a-w- C:\WINDOWS\system32\xvidvfw.dll
2009-08-07 17:26:56 . 2009-05-29 21:31:52 881664 ----a-w- C:\WINDOWS\system32\xvidcore.dll
2009-08-07 17:26:56 . 2009-05-01 21:02:28 90112 ----a-w- C:\WINDOWS\system32\dpl100.dll
2009-08-07 17:26:56 . 2008-11-06 16:37:32 3596288 ----a-w- C:\WINDOWS\system32\qt-dx331.dll
2009-08-07 17:26:56 . 2004-01-25 16:18:44 217088 ----a-w- C:\WINDOWS\system32\yv12vfw.dll
2009-08-07 17:26:50 . 2009-06-02 16:11:16 85504 ----a-w- C:\WINDOWS\system32\ff_vfw.dll
2009-08-07 17:26:50 . 2009-05-01 21:02:26 685056 ----a-w- C:\WINDOWS\system32\divx.dll
2009-08-07 17:26:50 . 2009-01-07 18:14:10 60273 ----a-w- C:\WINDOWS\system32\pthreadGC2.dll
2009-08-07 17:26:48 . 2009-08-07 20:57:38 0 d-----w- C:\Program Files\K-Lite Codec Pack
2009-08-06 18:08:21 . 2009-08-12 14:42:44 0 d-----w- C:\WINDOWS\Lhsp
2009-08-06 10:52:08 . 2009-08-07 17:12:04 0 d-----w- C:\WINDOWS\speech
2009-08-06 10:20:21 . 2009-08-07 17:12:07 0 d-----w- C:\Program Files\Keepinhead
2009-08-05 09:10:16 . 2009-08-05 09:10:16 0 d-----w- C:\Program Files\FileHippo.com
2009-08-05 08:44:09 . 2009-08-05 08:44:09 152576 ----a-w- C:\Documents and Settings\PC\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-04 15:15:49 . 2009-08-04 15:15:49 0 d-----w- C:\Documents and Settings\All Users\Application Data\FTWeak
2009-08-04 15:15:48 . 2009-08-05 09:21:45 0 d-----w- C:\Program Files\FCleaner
2009-08-04 15:13:59 . 2009-08-04 15:14:24 0 d-----w- C:\Program Files\SpeedBit Video Accelerator
2009-08-01 04:49:56 . 2009-08-01 04:49:56 125 ----a-w- C:\Documents and Settings\PC\Local Settings\Application Data\fusioncache.dat
2009-08-01 04:49:55 . 2009-08-01 04:50:17 0 d-----w- C:\Documents and Settings\PC\Local Settings\Application Data\ApplicationHistory
2009-07-31 15:11:40 . 2009-07-31 15:11:40 0 d-----w- C:\WINDOWS\system32\URTTEMP
2009-07-29 13:35:47 . 2009-07-29 13:35:48 0 d-----w- C:\Program Files\CCleaner
2009-07-28 20:05:29 . 2009-07-28 20:06:12 0 dc-h--w- C:\WINDOWS\ie8
2009-07-28 20:04:24 . 2009-07-03 17:09:25 594432 -c----w- C:\WINDOWS\system32\dllcache\msfeeds.dll
2009-07-28 20:04:24 . 2009-07-03 17:09:25 55296 -c----w- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2009-07-28 20:02:25 . 2009-01-07 16:20:54 134144 -c----w- C:\WINDOWS\system32\dllcache\sqmapi.dll
2009-07-28 12:22:08 . 2009-07-28 12:22:10 0 d-----w- C:\Program Files\BurnAware Free
2009-07-28 12:00:11 . 2009-08-01 21:05:54 0 d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-07-24 10:30:36 . 2009-07-24 10:30:37 0 d-----w- C:\Program Files\Defraggler
2009-07-24 10:28:29 . 2009-07-24 10:28:29 0 d-----w- C:\Documents and Settings\PC\Local Settings\Application Data\Lingoes
2009-07-24 10:28:29 . 2009-07-24 10:28:29 0 d-----w- C:\Documents and Settings\PC\Application Data\Lingoes
2009-07-24 10:28:29 . 2009-07-24 10:28:29 0 d-----w- C:\Documents and Settings\All Users\Application Data\Lingoes
2009-07-24 07:11:18 . 2009-07-24 07:11:51 0 d-----w- C:\Documents and Settings\PC\Application Data\Docx2Rtf
2009-07-22 17:06:04 . 2009-07-24 05:24:55 0 d-----w- C:\Documents and Settings\PC\Application Data\Skype
2009-07-22 17:05:57 . 2009-07-22 17:06:00 0 d-----r- C:\Program Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-17 22:32:18 . 2009-04-30 11:58:52 0 d-----w- C:\Program Files\PeerGuardian2
2009-08-17 18:55:58 . 2009-03-13 10:36:26 0 d-----w- C:\Documents and Settings\PC\Application Data\AIMP
2009-08-17 15:30:30 . 2009-03-07 17:07:27 0 d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-17 12:41:13 . 2008-11-01 14:44:50 196608 ----a-w- C:\WINDOWS\system32\drivers\nStandard.bin
2009-08-14 19:44:48 . 2009-08-14 19:44:48 0 d-----w- C:\Program Files\Softinterface, Inc
2009-08-14 19:28:21 . 2009-03-17 16:26:52 0 d-----w- C:\Program Files\INŠTALÁCIE
2009-08-14 16:28:29 . 2008-11-01 15:31:30 1 ----a-w- C:\Documents and Settings\PC\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-08-14 12:18:26 . 2008-11-04 06:53:48 0 d-----w- C:\Program Files\Sony Ericsson
2009-08-14 12:18:26 . 2008-11-01 20:36:28 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-08-14 08:23:47 . 2008-12-23 19:56:32 0 d-----w- C:\Program Files\Google
2009-08-13 21:17:12 . 2008-12-05 16:38:16 0 d-----w- C:\Program Files\Java
2009-08-13 10:57:07 . 2009-02-13 11:14:02 0 d-----w- C:\Documents and Settings\PC\Application Data\tor
2009-08-11 15:49:35 . 2009-04-22 15:48:51 0 d-----w- C:\Documents and Settings\PC\Application Data\cspa
2009-08-10 06:20:17 . 2009-07-04 19:43:31 0 d-----w- C:\Program Files\IObit
2009-08-08 09:42:18 . 2009-06-15 18:56:47 0 d-----w- C:\Program Files\Trend Micro
2009-08-07 20:57:38 . 2009-05-07 22:41:59 0 d-----w- C:\Program Files\QuickMediaConverter
2009-08-06 19:44:25 . 2008-11-03 15:33:45 17480 ----a-w- C:\Documents and Settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-05 10:19:55 . 2009-02-04 14:44:15 0 d-----w- C:\Documents and Settings\PC\Application Data\Desktopicon
2009-08-05 09:01:48 . 2008-02-12 13:59:02 204800 ----a-w- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 15:16:02 . 2009-06-02 21:05:29 0 d-----w- C:\Documents and Settings\PC\Application Data\FTWeak
2009-08-04 15:14:05 . 2009-02-12 19:40:24 0 d-----w- C:\Documents and Settings\All Users\Application Data\SpeedBit
2009-08-03 21:16:38 . 2009-06-19 06:19:10 0 d-----w- C:\Documents and Settings\PC\Application Data\vlc
2009-07-31 13:23:10 . 2008-12-05 16:38:26 411368 ----a-w- C:\WINDOWS\system32\deploytk.dll
2009-07-30 14:55:03 . 2009-05-22 10:29:29 0 d-----w- C:\Program Files\Spybot - Search & Destroy
2009-07-29 13:33:48 . 2009-04-25 12:13:40 0 d-----w- C:\Program Files\VideoLAN
2009-07-22 17:05:57 . 2008-11-22 12:51:36 0 d-----w- C:\Documents and Settings\All Users\Application Data\Skype
2009-07-17 19:01:06 . 2008-02-12 13:58:46 58880 ----a-w- C:\WINDOWS\system32\atl.dll
2009-07-16 21:35:30 . 2009-03-13 10:36:08 0 d-----w- C:\Program Files\AIMP2
2009-07-16 15:14:28 . 2009-08-14 19:44:51 1720320 ----a-w- C:\WINDOWS\system32\beconvlib.dll
2009-07-16 08:50:48 . 2008-12-13 19:31:57 0 d-----w- C:\Program Files\iTunes
2009-07-16 08:50:30 . 2009-07-16 08:50:30 0 d-----w- C:\Program Files\iPod
2009-07-16 08:50:30 . 2008-11-03 18:05:30 0 d-----w- C:\Program Files\Common Files\Apple
2009-07-16 08:44:32 . 2009-07-16 08:44:32 75040 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-13 21:43:24 . 2008-02-12 13:59:22 286208 ----a-w- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 12:37:28 . 2009-07-13 12:37:28 0 d-----w- C:\Program Files\CPUID
2009-07-13 12:30:16 . 2009-02-12 18:39:57 0 d-----w- C:\Program Files\data
2009-07-13 12:30:13 . 2009-07-04 19:43:33 0 d-----w- C:\Documents and Settings\PC\Application Data\IObit
2009-07-13 10:22:44 . 2008-11-03 18:06:14 0 d-----w- C:\Documents and Settings\PC\Application Data\Apple Computer
2009-07-11 23:22:10 . 2009-07-11 23:22:10 0 d-----w- C:\Documents and Settings\All Users\Application Data\IObit
2009-07-11 23:18:21 . 2009-07-11 23:18:10 0 d-----w- C:\Program Files\VDOWNLOADER
2009-07-11 13:26:09 . 2009-05-04 15:42:10 0 d-----w- C:\Documents and Settings\PC\Application Data\Smart PC Solutions
2009-07-11 09:19:21 . 2009-07-11 09:19:21 0 d-----w- C:\Documents and Settings\PC\Application Data\Red Kawa
2009-07-10 19:38:42 . 2009-07-10 19:38:41 0 d-----w- C:\Program Files\AviSynth 2.5
2009-07-10 19:38:34 . 2009-07-10 19:38:34 0 d-----w- C:\Program Files\Red Kawa
2009-07-10 14:06:29 . 2009-07-10 13:53:49 0 d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP
2009-07-09 07:59:23 . 2009-06-20 09:30:56 0 d-----w- C:\Documents and Settings\PC\Application Data\translateclient
2009-07-09 07:58:57 . 2009-06-20 09:30:52 0 d-----w- C:\Program Files\Translate Client
2009-07-07 18:19:16 . 2009-06-30 12:34:13 0 d-----w- C:\Documents and Settings\PC\Application Data\UpdateStar
2009-07-05 08:59:17 . 2009-05-18 20:37:38 0 d-----w- C:\Program Files\Wisdom-soft ScreenHunter 5 Free
2009-07-03 17:09:28 . 2008-02-12 13:59:22 915456 ----a-w- C:\WINDOWS\system32\wininet.dll
2009-07-01 18:48:54 . 2008-11-01 20:35:32 0 d-----w- C:\Program Files\VIA
2009-07-01 18:06:04 . 2009-07-01 18:06:04 0 d-----w- C:\Program Files\Common Files\Skype
2009-06-30 13:01:00 . 2009-08-14 19:44:50 811008 ----a-w- C:\WINDOWS\system32\tx15.dll
2009-06-30 03:30:00 . 2009-08-14 19:44:50 577536 ----a-w- C:\WINDOWS\system32\tx15_rtf.dll
2009-06-30 01:00:00 . 2009-08-14 19:44:50 638976 ----a-w- C:\WINDOWS\system32\tx15_htm.dll
2009-06-29 17:59:14 . 2009-06-29 17:59:14 0 d-----w- C:\Program Files\Belarc
2009-06-25 08:25:26 . 2008-02-12 13:59:22 54272 ----a-w- C:\WINDOWS\system32\wdigest.dll
2009-06-25 08:25:26 . 2008-02-12 13:59:10 56832 ----a-w- C:\WINDOWS\system32\secur32.dll
2009-06-25 08:25:26 . 2008-02-12 13:59:10 147456 ----a-w- C:\WINDOWS\system32\schannel.dll
2009-06-25 08:25:26 . 2008-02-12 13:59:02 136192 ----a-w- C:\WINDOWS\system32\msv1_0.dll
2009-06-25 08:25:26 . 2008-02-12 13:58:56 730112 ----a-w- C:\WINDOWS\system32\lsasrv.dll
2009-06-25 08:25:26 . 2008-02-12 13:58:54 301568 ----a-w- C:\WINDOWS\system32\kerberos.dll
2009-06-24 11:18:41 . 2008-02-12 02:06:38 92928 ----a-w- C:\WINDOWS\system32\drivers\ksecdd.sys
2009-06-23 00:06:00 . 2009-08-14 19:44:50 360448 ----a-w- C:\WINDOWS\system32\tx15_css.dll
2009-06-20 07:09:19 . 2009-06-20 07:09:19 0 d-----w- C:\Documents and Settings\PC\Application Data\MySpace
2009-06-20 07:09:18 . 2009-06-20 07:09:18 0 d-----w- C:\Program Files\MySpace
2009-06-16 14:36:30 . 2008-02-12 13:59:18 119808 ----a-w- C:\WINDOWS\system32\t2embed.dll
2009-06-16 14:36:30 . 2008-02-12 13:58:50 81920 ----a-w- C:\WINDOWS\system32\fontsub.dll
2009-06-12 12:31:40 . 2008-02-12 13:59:58 80896 ----a-w- C:\WINDOWS\system32\tlntsess.exe
2009-06-12 12:31:39 . 2008-02-12 13:59:58 76288 ----a-w- C:\WINDOWS\system32\telnet.exe
2009-06-10 14:13:29 . 2008-02-12 13:58:46 84992 ----a-w- C:\WINDOWS\system32\avifil32.dll
2009-06-10 07:19:38 . 2008-11-01 20:18:15 2066432 ----a-w- C:\WINDOWS\system32\mstscax.dll
2009-06-10 06:14:49 . 2008-02-12 13:59:22 132096 ----a-w- C:\WINDOWS\system32\wkssvc.dll
2009-06-08 13:18:07 . 2009-06-08 13:18:06 603904 ----a-w- C:\WINDOWS\system32\TUProgSt.exe
2009-06-08 13:18:02 . 2009-06-08 13:18:02 360192 ----a-w- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-06-05 03:20:00 . 2009-08-14 19:44:50 757760 ----a-w- C:\WINDOWS\system32\tx15_doc.dll
2009-06-04 23:30:00 . 2009-08-14 19:44:50 655360 ----a-w- C:\WINDOWS\system32\tx15_pdf.dll
2009-06-04 23:10:00 . 2009-08-14 19:44:50 1064960 ----a-w- C:\WINDOWS\system32\tx15_dox.dll
2009-06-03 19:09:37 . 2008-02-12 13:59:08 1291264 ----a-w- C:\WINDOWS\system32\quartz.dll
2009-05-29 11:36:16 . 2009-03-12 22:33:46 2060288 ----a-w- C:\WINDOWS\system32\usbaaplrc.dll
2009-05-29 11:36:16 . 2008-11-03 18:05:36 39424 ----a-w- C:\WINDOWS\system32\drivers\usbaapl.sys
2009-04-11 08:24:24 . 2009-02-06 10:17:30 181 ----a-w- C:\Program Files\TRANSLAT.INI
2009-04-11 08:24:23 . 2009-02-06 10:17:44 360448 ----a-w- C:\Program Files\tx4ole14.ocx
2009-04-11 08:24:20 . 2009-02-06 10:17:44 132690 ----a-w- C:\Program Files\WEBTB.XPI
2009-04-11 08:24:20 . 2009-02-06 10:17:42 146598 ----a-w- C:\Program Files\WEBFF.XPI
2009-04-04 13:00:32 . 2009-03-22 09:07:19 93 ----a-w- C:\Program Files\CZCS.INI
2009-04-04 13:00:32 . 2009-03-22 09:07:19 93 ----a-w- C:\Program Files\ANCS.INI
2009-03-30 18:48:39 . 2009-02-06 10:14:16 45346888 ----a-w- C:\Program Files\ANCS.DBF
2009-03-30 18:47:59 . 2009-03-22 09:07:40 93 ----a-w- C:\Program Files\GRCS.INI
2009-03-07 17:03:48 . 2009-03-07 17:01:16 16409960 ----a-w- C:\Program Files\spybotsd162.exe
2009-02-12 18:41:16 . 2009-02-12 18:41:16 630 ----a-w- C:\Program Files\news.txt
2009-02-06 22:21:21 . 2009-02-06 22:21:21 14261 ----a-w- C:\Program Files\esi-eula.txt
2009-02-06 10:16:59 . 2009-02-06 10:16:58 2211840 ----a-w- C:\Program Files\TRNCOM.DL_
2009-02-06 10:15:49 . 2009-02-06 10:15:49 495104 ----a-w- C:\Program Files\READERN.CDX
2009-02-06 10:14:54 . 2009-02-06 10:14:44 17179235 ----a-w- C:\Program Files\A0.CMP
2008-12-24 10:10:18 . 2009-02-07 14:35:35 422170 ----a-w- C:\Program Files\TU2009v8_0_2000_35CZ.exe
2007-04-22 07:01:06 . 2009-03-17 15:54:58 1174 ----a-w- C:\Program Files\Release.txt
2007-04-20 15:44:02 . 2009-02-07 14:35:35 4088 ----a-w- C:\Program Files\README.TXT
2009-03-28 19:37:58 . 2009-03-28 17:11:56 122880 ----a-w- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 14:07:20 2260480]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2007-01-29 22:39:34 1432064]
"Advanced SystemCare 3"="C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" [2009-06-30 07:55:40 2329224]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-28 12:00:12 39408]
"SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2009-08-04 15:14:00 1443432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-03-27 22:03:00 13684736]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2009-05-14 13:47:08 2029640]
"HDAudDeck"="C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-04-10 03:36:58 29757440]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 21:22:02 3739648]
"IObit Security 360"="C:\Program Files\IObit\IObit Security 360\IS360tray.exe" [2009-08-09 20:11:32 952080]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-07-31 13:23:21 149280]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-08-14 08:23:48 30192]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-02-12 13:59:30 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\WINDOWS\system32\logonui.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OEXPRESS"=C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe
"ICQ"="C:\Program Files\ICQ6.5\ICQ.exe" silent
"HDeck MFC Application"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
"FileHippo.com"="C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
"FTweakFCleaner"=C:\Program Files\FCleaner\FCleaner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
"Google Quick Search Box"="C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"C:\\Program Files\\Laplink Everywhere\\LLServerMain2.exe"=
"C:\\Program Files\\Laplink Everywhere\\WSC.EXE"=
"C:\\Program Files\\ICQ6.5\\ICQ.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Opera 10 Beta\\opera.exe"=
R0 hotcore3;hotcore3;C:\WINDOWS\system32\drivers\hotcore3.sys [29.4.2009 16:02:04 40368]
R1 ehdrv;ehdrv;C:\WINDOWS\system32\drivers\ehdrv.sys [14.5.2009 15:47:14 107256]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 15:47:54 731840]
R2 IS360service;IS360service;C:\Program Files\IObit\IObit Security 360\is360srv.exe [10.8.2009 8:20:20 307472]
R2 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [14.8.2009 14:18:31 90112]
R2 ServerProxyService;ServerProxyService;C:\Program Files\Laplink Everywhere\ServerProxyService.exe [26.8.2005 10:14:06 131072]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;C:\WINDOWS\system32\TUProgSt.exe [8.6.2009 15:18:06 603904]
R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?]
R2 winShadow;winShadow;C:\Program Files\Laplink\winShadow\shwSrvc.exe [26.8.2005 11:12:28 274432]
R3 seehcri;Sony Ericsson seehcri Device Driver;C:\WINDOWS\system32\drivers\seehcri.sys [14.8.2009 14:19:16 27632]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\WINDOWS\system32\drivers\viahduaa.sys [1.7.2009 20:48:49 222976]
S2 gupdate1c9b074adf011ba;Google Update Service (gupdate1c9b074adf011ba);C:\Program Files\Google\Update\GoogleUpdate.exe [29.3.2009 15:45:53 133104]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\drivers\ggflt.sys [18.3.2009 14:44:13 13224]
S3 GoogleDesktopManager-060409-093314;Google Desktop Manager 5.9.906.4286;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [14.8.2009 10:23:47 30192]
S3 tap0801;TAP-Win32 Adapter V8;C:\WINDOWS\system32\drivers\tap0801.sys [15.2.2007 19:48:14 26624]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-08-17 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36:18 . 2008-12-11 19:36:18]
2009-08-13 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12]
2009-08-17 C:\WINDOWS\Tasks\Google Software Updater.job
- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-28 12:00:09 . 2009-07-28 12:00:09]
2009-06-16 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [2009-05-22 10:29:31 . 2009-01-26 13:31:12]
2009-08-17 C:\WINDOWS\Tasks\Úklid 1 kliknutím.job
- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36:18 . 2008-12-11 19:36:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://zoznam.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
LSP: C:\PROGRA~1\SPEEDB~1\sblsp.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.
ASC - odstranení spyware sa zasekne. Vyřešeno
Re: ASC - odstranení spyware sa zasekne.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:37:44, on 18.8.2009
Platform: Windows XP SP3, v.5755 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\BurnAware Free\nmsaccessu.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Laplink Everywhere\ServerProxyService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\Laplink\winShadow\shwSrvc.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.45.0\MySpaceToolbar.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.45.0\MySpaceToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7316118328
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Desktop Manager 5.9.906.4286 (GoogleDesktopManager-060409-093314) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9b074adf011ba) (gupdate1c9b074adf011ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\BurnAware Free\nmsaccessu.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServerProxyService - Unknown owner - C:\Program Files\Laplink Everywhere\ServerProxyService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: winShadow - OmniCom Technologies - C:\Program Files\Laplink\winShadow\shwSrvc.exe
--
End of file - 11954 bytes
ASC sa chová dobre, opakovane som skúšal a už sa nezasekáva. HjT a MbAm si nechávam, takže asi už len odinštalovať Combo a dočistiť.
Scan saved at 0:37:44, on 18.8.2009
Platform: Windows XP SP3, v.5755 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\BurnAware Free\nmsaccessu.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Laplink Everywhere\ServerProxyService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\Laplink\winShadow\shwSrvc.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.45.0\MySpaceToolbar.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.45.0\MySpaceToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7316118328
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Desktop Manager 5.9.906.4286 (GoogleDesktopManager-060409-093314) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9b074adf011ba) (gupdate1c9b074adf011ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\BurnAware Free\nmsaccessu.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServerProxyService - Unknown owner - C:\Program Files\Laplink Everywhere\ServerProxyService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: winShadow - OmniCom Technologies - C:\Program Files\Laplink\winShadow\shwSrvc.exe
--
End of file - 11954 bytes
ASC sa chová dobre, opakovane som skúšal a už sa nezasekáva. HjT a MbAm si nechávam, takže asi už len odinštalovať Combo a dočistiť.
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: ASC - odstranení spyware sa zasekne.
Mbam si nech, popřípadě jednou za čas aktualizuj a proveď kontrolu. Platí to samé co u Antiviru, Atispyware může běhat vždy jen jeden rezidentně.
Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
*****************************************************************************************************************************************
Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u
takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš
(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG (i rezidenta, Aviru), následně T-Cleaner smaž a zapni si AVG (Aviru).)
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.
Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
*****************************************************************************************************************************************
Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u
takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš
(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG (i rezidenta, Aviru), následně T-Cleaner smaž a zapni si AVG (Aviru).)
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.
Naposledy upravil(a) Damned dne 18 srp 2009 01:00, celkem upraveno 1 x.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: ASC - odstranení spyware sa zasekne.
Ďakujem veľmi pekne za tvoj čas a vedomosti a prajem dobrú noc.
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: ASC - odstranení spyware sa zasekne.
Není zač.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 4 hosti