PC-HELP.CZ

Čawte ludia, potrebujem pomoc... mal som vírus (XP security 2012) a po jeho odstránení sa mi stala takáto vec :
Automatické Updatovanie asi nebeží.... vždy pri zapnutí PC mi dole vyskočí bublina (Windows Security Alerts) v ktorej mi píše že Updates sú vypnuté.... Kliknem teda na bublinu a dám Turn ON Automatic Updates a napíše mi toto :

We´re sorry.The Security Center could not change your Automatic Updates settings. To try changing these settings yourself, go to System in Control Panel. On automatic Updates tab, select Automatic (recommended), and then click ok ....

Tak teda idem do control panel najdem si to tam a tam zasa píše že sú Updates pustené...
Teraz som z toho domýlený a neviem čo mám robiť... Vedeli by ste mi s tým nejako pomôcť ??

Vopred Ďakujem :) ....

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

a čo ak používam Google Chrome ? Používal som mozzilu no tam som mal problémi s tým že napr. na facebooku keď je vela commentov kliknem na zobrazit viac komentov a proste to nejde...

a Malwarebytes mám nainštalované.. mám ho preinštalovať ?

Jestli máš Chrome, tak vyčisti jen Tempy a další složky a to s prohlížečem nedělej. Pokud máš Mbam, tak pouze aktualizuj databází a proveď rychlý sken a dej sem log

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7373

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4.8.2011 13:30:19
mbam-log-2011-08-04 (13-30-19).txt

Scan type: Quick scan
Objects scanned: 207652
Time elapsed: 4 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Tak ještě .....

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštìní se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynù, bìhem aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by mìl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Nwm načo to potrebuješ no tu to máš :


ComboFix 11-08-03.03 - marek 04.08.2011 13:55:42.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3071.2201 [GMT 2:00]
Running from: C:\Documents and Settings\marek\My Documents\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\CFLog
C:\CFLog\CrashLog_20101225.txt
C:\CFLog\CrashLog_20101228.txt
C:\CFLog\CrashLog_20101229.txt
C:\CFLog\CrashLog_20101230.txt
C:\CFLog\CrashLog_20110101.txt
C:\CFLog\CrashLog_20110105.txt
C:\CFLog\CrashLog_20110107.txt
C:\CFLog\CrashLog_20110114.txt
C:\CFLog\CrashLog_20110115.txt
C:\CFLog\CrashLog_20110117.txt
C:\CFLog\CrashLog_20110128.txt
C:\CFLog\CrashLog_20110131.txt
C:\CFLog\CrashLog_20110201.txt
C:\CFLog\CrashLog_20110202.txt
C:\CFLog\CrashLog_20110203.txt
C:\CFLog\CrashLog_20110204.txt
C:\CFLog\CrashLog_20110206.txt
C:\CFLog\CrashLog_20110208.txt
C:\CFLog\CrashLog_20110209.txt
C:\CFLog\CrashLog_20110210.txt
C:\CFLog\CrashLog_20110211.txt
C:\CFLog\CrashLog_20110212.txt
C:\CFLog\CrashLog_20110213.txt
C:\CFLog\CrashLog_20110214.txt
C:\CFLog\CrashLog_20110215.txt
C:\CFLog\CrashLog_20110216.txt
C:\CFLog\CrashLog_20110217.txt
C:\CFLog\CrashLog_20110218.txt
C:\CFLog\CrashLog_20110219.txt
C:\CFLog\CrashLog_20110221.txt
C:\CFLog\CrashLog_20110303.txt
C:\CFLog\CrashLog_20110305.txt
C:\CFLog\CrashLog_20110318.txt
C:\CFLog\CrashLog_20110323.txt
C:\Documents and Settings\All Users\Start Menu\Programs\Internet Explorer.lnk
C:\Documents and Settings\marek\Application Data\PriceGong
C:\Documents and Settings\marek\Application Data\PriceGong\Data\1.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\a.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\b.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\c.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\d.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\e.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\f.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\g.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\h.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\i.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\J.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\k.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\l.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\m.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\mru.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\n.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\o.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\p.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\q.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\r.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\s.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\t.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\u.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\v.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\w.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\x.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\y.xml
C:\Documents and Settings\marek\Application Data\PriceGong\Data\z.xml
C:\Documents and Settings\marek\Application Data\Uninstal.exe
C:\Documents and Settings\marek\Desktop\Setup.exe
C:\Documents and Settings\zeithamo.ENTERPRISE\WINDOWS
C:\Program Files\messenger\msmsgsin.exe
C:\WINDOWS\IsUn0407.exe
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\hookdll.dll


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF


((((((((((((((((((((((((( Files Created from 2011-07-04 to 2011-08-04 )))))))))))))))))))))))))))))))


2011-08-04 12:03:28 . 2011-08-04 12:03:28 28752 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsle03ac059.sys
2011-08-03 20:01:03 . 2011-08-03 20:01:29 -------- d-----w- C:\Minecraftcrack
2011-08-03 18:25:19 . 2011-08-03 18:25:31 -------- d-----w- C:\Documents and Settings\marek\Application Data\Ventrilo
2011-08-03 11:20:25 . 2011-07-13 03:39:01 6881616 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\mpengine.dll
2011-08-02 18:40:27 . 2011-08-02 18:40:27 -------- d-----w- C:\Documents and Settings\marek\Application Data\Xfire
2011-08-02 18:40:06 . 2011-08-02 18:40:26 -------- d-----w- C:\Program Files\Xfire
2011-08-02 18:39:00 . 2011-08-02 18:39:00 -------- d-----w- C:\Program Files\Common Files\Steam
2011-08-01 11:42:22 . 2011-08-01 11:42:37 -------- d-----w- C:\Fraps
2011-07-28 19:45:53 . 2011-08-04 12:03:45 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
2011-07-28 19:45:53 . 2011-08-03 14:30:26 -------- d-----w- C:\Documents and Settings\marek\Local Settings\Application Data\LogMeIn Hamachi
2011-07-28 19:45:27 . 2011-07-28 19:45:28 -------- d-----w- C:\Program Files\LogMeIn Hamachi
2011-07-20 20:09:05 . 2011-07-20 20:09:05 -------- d-----w- C:\Documents and Settings\marek\Local Settings\Application Data\Threat Expert
2011-07-18 19:54:38 . 2011-07-18 19:54:38 -------- d-----w- C:\Program Files\BabylonToolbar
2011-07-18 09:45:27 . 2011-07-18 09:45:27 -------- d-----w- C:\Documents and Settings\marek\Application Data\SUPERAntiSpyware.com
2011-07-18 09:41:53 . 2011-08-03 15:13:33 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-07-18 09:35:09 . 2011-07-18 09:35:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2011-07-18 09:32:56 . 2011-08-03 15:12:35 21064 ----a-w- C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011-07-18 09:32:51 . 2011-07-18 09:32:51 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2011-07-18 09:32:23 . 2011-07-18 09:32:25 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2011-07-18 09:31:53 . 2011-07-18 09:31:53 -------- d-----w- C:\Documents and Settings\marek\Application Data\Malwarebytes
2011-07-18 09:31:43 . 2011-07-06 17:52:42 41272 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-18 09:31:41 . 2011-07-18 09:31:41 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-07-18 09:31:34 . 2011-07-06 17:52:42 22712 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-18 09:31:33 . 2011-07-18 10:10:52 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-15 13:48:03 . 2011-07-15 13:48:03 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ESET
2011-07-15 09:48:21 . 2011-07-15 09:48:21 -------- d-----w- C:\Documents and Settings\marek\Local Settings\Application Data\Max Secure Software
2011-07-15 09:29:46 . 2010-01-22 07:55:54 767952 ----a-w- C:\WINDOWS\BDTSupport.dll
2011-07-15 09:29:45 . 2010-01-22 07:56:28 149456 ----a-w- C:\WINDOWS\SGDetectionTool.dll
2011-07-15 09:29:43 . 2010-01-22 07:56:24 165840 ----a-w- C:\WINDOWS\PCTBDRes.dll
2011-07-15 09:29:43 . 2010-01-22 07:56:24 1652688 ----a-w- C:\WINDOWS\PCTBDCore.dll
2011-07-15 09:16:51 . 2010-02-05 07:17:56 233136 ----a-w- C:\WINDOWS\system32\drivers\pctgntdi.sys
2011-07-15 09:16:44 . 2011-07-15 09:45:21 218592 ----a-w- C:\WINDOWS\system32\drivers\PCTCore.sys
2011-07-15 09:16:44 . 2009-11-23 11:54:20 88040 ----a-w- C:\WINDOWS\system32\drivers\PCTAppEvent.sys
2011-07-15 09:16:23 . 2011-07-15 09:45:23 63360 ----a-w- C:\WINDOWS\system32\drivers\pctplsg.sys
2011-07-15 09:15:13 . 2011-08-03 14:30:26 -------- d-----w- C:\Program Files\Spyware Doctor
2011-07-15 09:15:13 . 2011-07-15 09:30:02 -------- d-----w- C:\Program Files\Common Files\PC Tools
2011-07-15 09:15:13 . 2011-07-15 09:15:13 -------- d-----w- C:\Documents and Settings\marek\Application Data\PC Tools
2011-07-15 09:15:13 . 2011-07-15 09:15:13 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PC Tools
2011-07-14 16:46:35 . 2011-07-14 16:46:35 -------- d-----w- C:\Documents and Settings\marek\Local Settings\Application Data\ESET
2011-07-14 16:18:45 . 2011-07-14 16:18:45 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
2011-07-14 12:16:31 . 2011-07-14 12:44:02 -------- d-----w- C:\Documents and Settings\marek\Application Data\Hamachi
2011-07-14 11:26:48 . 2011-07-14 11:26:49 -------- d-----w- C:\Documents and Settings\marek\Local Settings\Application Data\Babylon
2011-07-14 11:26:48 . 2011-07-14 11:26:48 -------- d-----w- C:\Documents and Settings\marek\Application Data\Babylon
2011-07-14 11:26:48 . 2011-07-14 11:26:48 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Babylon
2011-07-14 11:23:24 . 2011-07-14 11:23:24 0 ----a-w- C:\WINDOWS\system32\ConduitEngine.tmp
2011-07-13 16:50:57 . 2011-08-03 20:16:21 -------- d-----w- C:\Documents and Settings\marek\Application Data\.minecraft
2011-07-13 09:44:33 . 2011-07-13 19:34:41 -------- d-----w- C:\Documents and Settings\marek\Application Data\IObit
2011-07-13 08:30:44 . 2011-07-13 08:30:50 -------- d-----w- C:\Documents and Settings\marek\Application Data\Search Settings
2011-07-13 08:30:41 . 2011-07-13 08:30:41 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater
2011-07-13 08:30:36 . 2011-07-14 16:18:56 -------- d-----w- C:\Program Files\Application Updater
2011-07-13 08:30:36 . 2011-07-13 08:30:38 -------- d-----w- C:\Program Files\IObit Toolbar
2011-07-13 08:30:36 . 2011-07-13 08:30:36 -------- d-----w- C:\Program Files\Common Files\Spigot
2011-07-13 08:26:12 . 2011-07-13 19:32:41 -------- d-----w- C:\Documents and Settings\All Users\Application Data\IObit
2011-07-13 08:26:10 . 2011-07-13 19:27:20 -------- d-----w- C:\Program Files\IObit
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-08-03 19:19:05 . 2011-05-13 18:57:47 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-07-14 11:43:11 . 2009-03-13 08:49:54 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2011-07-14 11:43:10 . 2011-01-27 13:13:39 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2011-07-13 03:39:01 . 2010-12-26 07:18:08 6881616 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-02 14:02:05 . 2003-03-31 12:00:00 1858944 ----a-w- C:\WINDOWS\system32\win32k.sys
2011-05-28 12:56:24 . 2011-05-28 12:56:24 65536 ----a-w- C:\WINDOWS\system32\frapsvid.dll


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[7] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 11:51:12 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[7] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51:12 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\drivers\tcpip.sys

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "C:\Program Files\Softonic-Eng7\prxtbSof0.dll" [2011-01-17 14:54:02 175912]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54:02 175912 ----a-w- C:\Program Files\ConduitEngine\prxConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2011-01-17 14:54:02 175912 ----a-w- C:\Program Files\Softonic-Eng7\prxtbSof0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "C:\Program Files\Softonic-Eng7\prxtbSof0.dll" [2011-01-17 14:54:02 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "C:\Program Files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 14:54:02 175912]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "C:\Program Files\Softonic-Eng7\prxtbSof0.dll" [2011-01-17 14:54:02 175912]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 4"="C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 12:46:56 412560]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-03 15:13:33 2424192]
"msseces.exe"="C:\Program Files\Microsoft Security Client\msseces.exe" [2010-11-30 12:20:36 997408]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 00:12:16 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 10:59:52 254696]
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 17:52:38 449584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 23:44:24 435096]

C:\Documents and Settings\marek\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-8-24 101784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 13:39:22 294400]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 17:13:36 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21:41 548352 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0R\0???
\0\0M_Finish=Konec

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1644491937-616249376-682003330-1188\Scripts\Logon\0\0]
"Script"=login.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1644491937-616249376-682003330-1225\Scripts\Logon\0\0]
"Script"=login.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1644491937-616249376-682003330-3148\Scripts\Logon\0\0]
"Script"=login.vbs

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-09-01 13:57:48 282624 ----a-w- E:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
2008-04-14 00:12:26 143360 ----a-w- C:\WINDOWS\system32\mobsync.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\Counter-Strike\\hl.exe"=
"C:\\Program Files\\Z8Games\\CrossFire\\CF_G4box.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 PCTCore;PCTools KDS;C:\WINDOWS\system32\drivers\PCTCore.sys [15.7.2011 11:16:44 218592]
R1 MpKsle03ac059;MpKsle03ac059;C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsle03ac059.sys [4.8.2011 14:03:28 28752]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [12.7.2011 23:55:22 12880]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55:22 67664]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [13.7.2011 21:27:22 353168]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [15.7.2011 11:29:52 112592]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29:48 1336712]
R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [18.7.2011 11:31:43 366640]
R2 NCS;Numega Control Service;C:\PROGRA~1\COMPUW~1\PCShared\NCS.EXE [23.8.2005 13:37:24 45107]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\system32\drivers\mbam.sys [18.7.2011 11:31:34 22712]
S1 MpKsl174d4eed;MpKsl174d4eed;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8BB65545-0923-413E-BD06-DD8787978B98}\MpKsl174d4eed.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8BB65545-0923-413E-BD06-DD8787978B98}\MpKsl174d4eed.sys [?]
S1 MpKsl1d3c6dd4;MpKsl1d3c6dd4;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsl1d3c6dd4.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsl1d3c6dd4.sys [?]
S1 MpKsl263a9f09;MpKsl263a9f09;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl263a9f09.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl263a9f09.sys [?]
S1 MpKsl3c8fefe3;MpKsl3c8fefe3;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F9B942C8-AFCD-4676-A93B-6CA07175E380}\MpKsl3c8fefe3.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F9B942C8-AFCD-4676-A93B-6CA07175E380}\MpKsl3c8fefe3.sys [?]
S1 MpKsl6b4a4b7e;MpKsl6b4a4b7e;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl6b4a4b7e.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl6b4a4b7e.sys [?]
S1 MpKsl6c8fb4c6;MpKsl6c8fb4c6;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E7D71074-8161-4BE5-B430-0233AC62D109}\MpKsl6c8fb4c6.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E7D71074-8161-4BE5-B430-0233AC62D109}\MpKsl6c8fb4c6.sys [?]
S1 MpKsl702921f5;MpKsl702921f5;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl702921f5.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl702921f5.sys [?]
S1 MpKsl85b2e1c5;MpKsl85b2e1c5;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E7D71074-8161-4BE5-B430-0233AC62D109}\MpKsl85b2e1c5.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E7D71074-8161-4BE5-B430-0233AC62D109}\MpKsl85b2e1c5.sys [?]
S1 MpKsl90b2957a;MpKsl90b2957a;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl90b2957a.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsl90b2957a.sys [?]
S1 MpKsla20c5850;MpKsla20c5850;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsla20c5850.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsla20c5850.sys [?]
S1 MpKsla9e72041;MpKsla9e72041;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsla9e72041.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKsla9e72041.sys [?]
S1 MpKslac824ad4;MpKslac824ad4;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKslac824ad4.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKslac824ad4.sys [?]
S1 MpKslb4f92f1e;MpKslb4f92f1e;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKslb4f92f1e.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKslb4f92f1e.sys [?]
S1 MpKsldad4879b;MpKsldad4879b;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA72756D-3417-4852-8E7B-EB92D5005A7D}\MpKsldad4879b.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA72756D-3417-4852-8E7B-EB92D5005A7D}\MpKsldad4879b.sys [?]
S1 MpKsle3d6094c;MpKsle3d6094c;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsle3d6094c.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BC92E789-EAB2-4F83-90AE-C96A4FA6E6EB}\MpKsle3d6094c.sys [?]
S1 MpKslf7300e6c;MpKslf7300e6c;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKslf7300e6c.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4724EAE8-3722-4888-B96E-6C48A6F14D2E}\MpKslf7300e6c.sys [?]
S3 mach5;mach5;C:\WINDOWS\system32\mach5.sys [23.8.2005 13:37:05 20125]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\Spyware Doctor\pctsAuxs.exe [15.7.2011 11:16:01 366840]
S3 VNA;Check Point Virtual Network Adapter;C:\WINDOWS\system32\drivers\vna.sys [5.7.2005 18:27:18 108400]
S3 VSPerfDrv90;Performance Tools Driver 9.0;\??\E:\Program Files\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\VSPerfDrv90.sys --> E:\Program Files\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\VSPerfDrv90.sys [?]
S3 XDva379;XDva379;\??\C:\WINDOWS\system32\XDva379.sys --> C:\WINDOWS\system32\XDva379.sys [?]
S3 XDva380;XDva380;\??\C:\WINDOWS\system32\XDva380.sys --> C:\WINDOWS\system32\XDva380.sys [?]
S3 XDva382;XDva382;\??\C:\WINDOWS\system32\XDva382.sys --> C:\WINDOWS\system32\XDva382.sys [?]
S3 XDva383;XDva383;\??\C:\WINDOWS\system32\XDva383.sys --> C:\WINDOWS\system32\XDva383.sys [?]
S3 XDva384;XDva384;\??\C:\WINDOWS\system32\XDva384.sys --> C:\WINDOWS\system32\XDva384.sys [?]
S3 XDva386;XDva386;\??\C:\WINDOWS\system32\XDva386.sys --> C:\WINDOWS\system32\XDva386.sys [?]
S3 XDva387;XDva387;\??\C:\WINDOWS\system32\XDva387.sys --> C:\WINDOWS\system32\XDva387.sys [?]
S3 XDva388;XDva388;\??\C:\WINDOWS\system32\XDva388.sys --> C:\WINDOWS\system32\XDva388.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MPKSLE03AC059
*NewlyCreated* - WUAUSERV

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

Contents of the 'Scheduled Tasks' folder

2011-08-03 C:\WINDOWS\Tasks\ASC4_AutoUpdate.job
- C:\Program Files\IObit\Advanced SystemCare 4\AutoUpdate.exe [2011-07-13 19:27:23 . 2011-05-28 12:46:56]

2011-08-03 C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe [2011-07-13 19:27:22 . 2011-05-28 12:46:56]

2011-08-04 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26:42 . 2010-11-11 11:26:42]


------- Supplementary Scan -------

uStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java
DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} - hxxps://213.47.210.152/sre/ICSScanner.cab
FF - ProfilePath - C:\Documents and Settings\marek\Application Data\Mozilla\Firefox\Profiles\0vi9jf7s.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss ... =100370&q=
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

- - - - ORPHANS REMOVED - - - -

AddRemove-Minecraft 1.2.0_02 - C:\Documents and Settings\marek\Application Data\Uninstal.exe

Odinstaluj:
Max Secure Software
Spyware Doctor
PC Tools
BabylonToolbar
Babylon
IObit Toolbar
Spigot
ConduitEngine


Stačí MSE!!

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Už nič všetko sa opravilo asi tým ComboFixom čo mi sem dal memphisto... Ale moc dakujem obom

Proveď ten script , máš tam plno smetí!!!

a musím tie programy odinštalovať ?