PC-HELP.CZ

Dobrý večer, můžete mi prosím zkontrolovat log a taky jestli mi tam neběží nějaké věci navíc, něco jako prime,slysoft, a tak. natahal jsem si jakých si věcí do pc a tet si nejsem jisty jestli je to vše pryč. Děkuju moc


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:11, on 18.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Admin\Plocha\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - E:\TRANSLAT\WEBIE.DLL
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - E:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [Service] C:\WINDOWS\lasys32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRA~1\ICQTOO~1\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/ins ... csxp2k.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O17 - HKLM\System\CS1\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS2\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS3\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS4\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OneStep Search Service - Unknown owner - C:\Program Files\OneStepSearch\onestep.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Home 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Home 2007\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9750 bytes

máš tam toho navíc dost

ve službách najdi WinClamAVShieldrozklikni,zastav a typ spuštění dej na zakázáno

fixni
v okně programu HJT zaškrtni nalevo u položek co napíšu a potom klik na Fix checked
O4 - HKLM\..\Policies\Explorer\Run: [Service] C:\WINDOWS\lasys32.exe

stáhni si killbox
rozbal,spust a do okýnka zkopíruj tučné
C:\WINDOWS\lasys32.exe
zaškrtni Delete on Reboot
a klikni na křížek.stroj pude do restartu

po něm pošli novej log z hijackthis

Děkuju za odpověd, v HJT jsem to fixnul, KILLBOXem jsem to take projel ale ten WinClamAVShield jsem ve službách nikde nenašel. Tady je ten nový log po restartu:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:48:08, on 18.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Admin\Plocha\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - E:\TRANSLAT\WEBIE.DLL
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - E:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRA~1\ICQTOO~1\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/ins ... csxp2k.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O17 - HKLM\System\CS1\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS2\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS3\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS4\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OneStep Search Service - Unknown owner - C:\Program Files\OneStepSearch\onestep.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Home 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Home 2007\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9696 bytes

log je ok.

s tou službou je to moje chyba-jmenuje se
Spyware Terminator Clam Service
udělej s ní co sem psal

a mělo by to bejt

tak jsem ve službách zakázal ten Spyware Terminator Clam Service. dnes po startu vyskočilo okno avastu že našlo nějaký trojan tak jsem naplánoval ko po restartu, při restartu avast nasel nějaky .dll a ten smazal potom další dva z nichž jeden byl .exe a druhy myslím .unst ale to si nejsem jisty, každopadně napsal že je nemůže smazat protože nejsou zabaleny či co.? toto je ta hláška co avast píše:
Win32:Dialer-GC [Trj]

tak,prosím,nový log z hijackthis a log z COMBOFIXu
Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem klávesy 1
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log, který se ti zobrazí, jinak ho najdeš zde: C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Dobry vecer, omlouvam se za zpozdeni. tady je ten log z ComboFixu a Hjt dnes uz mi avast nasel i nejakeho trojana, poradte prosim, urcite mi tam bezi i spousta veci neskodnych ale zbytecnych a spolujicich pc.


ComboFix 08-01-20.1 - Admin 2008-01-20 20:03:14.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.625 [GMT 1:00]
Running from: C:\Documents and Settings\Admin\Plocha\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\regedit.com
C:\WINDOWS\system32\~.exe
C:\WINDOWS\system32\taskmgr.com
C:\WINDOWS\system32\vx.tll

.
((((((((((((((((((((((((( Files Created from 2007-12-20 to 2008-01-20 )))))))))))))))))))))))))))))))
.

2008-01-20 20:02 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-18 23:03 . 2008-01-18 23:03 <DIR> d-------- C:\Program Files\Pracovnˇ kalend ý_203
2008-01-16 13:33 . 2008-01-16 13:33 <DIR> d-------- C:\Program Files\Room Arranger
2008-01-16 13:32 . 2008-01-16 13:32 <DIR> d-------- C:\Program Files\ParallelGraphics
2008-01-16 13:32 . 2008-01-16 13:32 <DIR> d-------- C:\Program Files\Common Files\ParallelGraphics
2008-01-11 20:34 . 2008-01-11 20:34 <DIR> d--h----- C:\WINDOWS\Icons
2008-01-11 20:28 . <DIR> C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2008-01-11 20:28 . <DIR> C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2008-01-11 20:28 . <DIR> C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2008-01-11 20:28 . 2008-01-11 20:28 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-11 20:28 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-01-09 21:31 . 2008-01-09 21:30 8,704 --a------ C:\WINDOWS\wisyst32.exe
2008-01-09 21:30 . 2008-01-20 18:18 5,120 --a------ C:\WINDOWS\logon.dll
2008-01-09 20:03 . 2008-01-09 20:04 <DIR> d-------- C:\KBCertifikat
2008-01-09 19:49 . 2008-01-09 19:50 <DIR> d-------- C:\Documents and Settings\Admin\kbpki
2008-01-04 15:09 . 2008-01-04 15:09 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2007-12-29 15:52 . <DIR> C:\Documents and Settings\Admin\Data aplikací\vlc
2007-12-29 15:52 . <DIR> C:\Documents and Settings\Admin\Data aplikací\vlc
2007-12-29 15:52 . <DIR> C:\Documents and Settings\Admin\Data aplikací\vlc
2007-12-27 17:41 . <DIR> C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools
2007-12-27 17:41 . <DIR> C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools
2007-12-27 17:41 . <DIR> C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools
2007-12-27 17:40 . 2007-12-27 18:12 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2007-12-27 17:37 . 2007-12-27 17:37 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-12-26 15:16 . 1999-03-23 10:12 299,520 --a------ C:\WINDOWS\uninst.exe
2007-12-22 19:27 . <DIR> C:\Documents and Settings\Admin\Data aplikací\Opera
2007-12-22 19:27 . <DIR> C:\Documents and Settings\Admin\Data aplikací\Opera
2007-12-22 19:27 . <DIR> C:\Documents and Settings\Admin\Data aplikací\Opera

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-20 18:57 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Skype
2008-01-20 18:57 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Skype
2008-01-20 18:57 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Skype
2008-01-20 17:18 --------- d-----w C:\Program Files\SpeedFan
2008-01-18 22:03 --------- d-----w C:\Program Files\Pracovní kalendář_203
2008-01-18 22:02 --------- d-----w C:\Program Files\Spyware Terminator
2008-01-11 19:25 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-09 19:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-05 04:30 --------- d-----w C:\Program Files\Prime95
2008-01-04 14:11 --------- d-----w C:\Program Files\AlienGUIse
2007-12-29 10:38 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\ICQ
2007-12-29 10:38 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\ICQ
2007-12-29 10:38 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\ICQ
2007-12-21 13:54 --------- d-----w C:\Program Files\Multimedia Card Reader
2007-12-21 13:15 --------- d-----w C:\Program Files\Winamp
2007-12-18 08:04 --------- d-----w C:\Program Files\RALINK
2007-12-16 21:45 --------- d-----w C:\Program Files\hjt
2007-12-13 13:04 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\U3
2007-12-13 13:04 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\U3
2007-12-13 13:04 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\U3
2007-12-12 12:44 --------- d-----w C:\Program Files\PartyPoker
2007-12-10 21:16 --------- d-----w C:\Program Files\Avast4
2007-12-10 19:38 --------- d-s---w C:\Documents and Settings\Admin\Data aplikací\Microsoft
2007-12-10 19:38 --------- d-s---w C:\Documents and Settings\Admin\Data aplikací\Microsoft
2007-12-10 19:38 --------- d-s---w C:\Documents and Settings\Admin\Data aplikací\Microsoft
2007-12-08 02:30 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Adobe
2007-12-08 02:30 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Adobe
2007-12-08 02:30 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Adobe
2007-12-07 08:43 --------- d-----w C:\Program Files\Codec Pack - All In 1
2007-12-07 08:41 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-11-25 15:17 --------- d-----w C:\Program Files\HD Tune
2007-11-25 11:11 --------- d-----w C:\Program Files\Seagate
2007-11-24 11:54 --------- d-----w C:\Program Files\eRightSoft
2007-11-24 11:54 --------- d-----w C:\Program Files\AviSynth 2.5
2007-11-20 19:31 --------- d-----w C:\Program Files\AIDA32 - Enterprise System Information
2007-11-20 19:19 --------- d-----w C:\Program Files\SiSoftware
2007-11-20 18:31 --------- d-----w C:\Program Files\PC Doc Pro
2007-11-07 16:06 6,808 ----a-w C:\WINDOWS\system32\HWACCESS.SYS
1997-02-21 21:00 105,312 ----a-w C:\WINDOWS\Fonts\SR181.TMP
1997-02-21 21:00 101,336 ----a-w C:\WINDOWS\Fonts\SR182.TMP
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 15:29 7561216]
"nwiz"="nwiz.exe" [2006-03-09 15:29 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-09 15:29 86016]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 15:22 577536 C:\WINDOWS\soundman.exe]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2005-03-05 21:09 2573536]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 10:51 57344]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:49 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"7G21B2J74A"= C:\WINDOWS\wisyst32.exe

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\Program Files\DVD Region+CSS Free\DVDShell.dll [2004-10-09 14:18 49152]

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 13:46]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2007-08-27 17:47]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-17 14:49]
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;C:\WINDOWS\system32\drivers\wf88vcap.sys [2004-03-12 12:34]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;C:\WINDOWS\system32\drivers\WF88XBAR.sys [2004-03-12 12:34]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;C:\WINDOWS\system32\drivers\WF88TUNE.sys [2004-03-12 12:34]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
S2 HWiNFO32;HWiNFO32 Kernel Driver;C:\Instal\HWiNFO32\HWiNFO32.SYS []
S2 OneStep Search Service;OneStep Search Service;"C:\Program Files\OneStepSearch\onestep.exe" "C:\Program Files\OneStepSearch\onestep.dll" Service []
S3 GVCplDrv;GVCplDrv;C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 09:47]
S3 HWACCESS;HWACCESS;C:\WINDOWS\SYSTEM32\HWACCESS.SYS [2007-11-07 17:06]
S3 lredbooo;lredbooo;C:\DOCUME~1\Admin\LOCALS~1\Temp\lredbooo.sys []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-11 20:28]
S3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2003-09-10 09:53]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d7fa9dc-b5e2-11dc-8227-000fea15634d}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(0)\command - Recycled\ctfmon.exe

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-01-18 16:39:22 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- D:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-20 20:05:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-20 20:05:31
ComboFix-quarantined-files.txt 2008-01-20 19:05:23





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:34, on 20.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Admin\Plocha\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - E:\TRANSLAT\WEBIE.DLL
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - E:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor0.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRA~1\ICQTOO~1\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - E:\TRANSLAT\WEBIE.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/ins ... csxp2k.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O17 - HKLM\System\CS1\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS2\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS3\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O17 - HKLM\System\CS4\Services\Tcpip\..\{18DB2300-5694-4EB3-A86E-E67E4C81467C}: NameServer = 194.108.34.2,212.65.245.210
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OneStep Search Service - Unknown owner - C:\Program Files\OneStepSearch\onestep.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Home 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Home 2007\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9403 bytes

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

tak jsem to udelal, pc slo do restartu, po restartu vyskocila s listy vedle hodin bublina asi speedfanu že: sensors detected nforce2 IT8712F max 1617 HDO (160,0GB). co to znamena? nikdy nic takoveho nepsal. tady je ten log:



ComboFix 08-01-20.1 - Admin 2008-01-21 0:23:19.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.608 [GMT 1:00]
Running from: C:\Documents and Settings\Admin\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Admin\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE
C:\WINDOWS\wisyst32.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\wisyst32.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_ONESTEP_SEARCH_SERVICE
-------\OneStep Search Service


((((((((((((((((((((((((( Files Created from 2007-12-20 to 2008-01-20 )))))))))))))))))))))))))))))))
.

2008-01-20 20:02 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-18 23:03 . 2008-01-18 23:03 <DIR> d-------- C:\Program Files\Pracovnˇ kalend ý_203
2008-01-16 13:33 . 2008-01-16 13:33 <DIR> d-------- C:\Program Files\Room Arranger
2008-01-16 13:32 . 2008-01-16 13:32 <DIR> d-------- C:\Program Files\ParallelGraphics
2008-01-16 13:32 . 2008-01-16 13:32 <DIR> d-------- C:\Program Files\Common Files\ParallelGraphics
2008-01-11 20:34 . 2008-01-11 20:34 <DIR> d--h----- C:\WINDOWS\Icons
2008-01-11 20:28 . <DIR> C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2008-01-11 20:28 . <DIR> C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2008-01-11 20:28 . <DIR> C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2008-01-11 20:28 . 2008-01-11 20:28 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-11 20:28 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-01-09 21:30 . 2008-01-20 18:18 5,120 --a------ C:\WINDOWS\logon.dll
2008-01-09 20:03 . 2008-01-09 20:04 <DIR> d-------- C:\KBCertifikat
2008-01-09 19:49 . 2008-01-09 19:50 <DIR> d-------- C:\Documents and Settings\Admin\kbpki
2008-01-04 15:09 . 2008-01-04 15:09 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2007-12-29 15:52 . <DIR> C:\Documents and Settings\Admin\Data aplikací\vlc
2007-12-29 15:52 . <DIR> C:\Documents and Settings\Admin\Data aplikací\vlc
2007-12-29 15:52 . <DIR> C:\Documents and Settings\Admin\Data aplikací\vlc
2007-12-27 17:41 . <DIR> C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools
2007-12-27 17:41 . <DIR> C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools
2007-12-27 17:41 . <DIR> C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools
2007-12-27 17:40 . 2007-12-27 18:12 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2007-12-27 17:37 . 2007-12-27 17:37 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-12-26 15:16 . 1999-03-23 10:12 299,520 --a------ C:\WINDOWS\uninst.exe
2007-12-22 19:27 . <DIR> C:\Documents and Settings\Admin\Data aplikací\Opera
2007-12-22 19:27 . <DIR> C:\Documents and Settings\Admin\Data aplikací\Opera
2007-12-22 19:27 . <DIR> C:\Documents and Settings\Admin\Data aplikací\Opera

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-20 23:27 --------- d-----w C:\Program Files\SpeedFan
2008-01-20 23:18 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Skype
2008-01-20 23:18 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Skype
2008-01-20 23:18 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Skype
2008-01-20 19:06 --------- d-----w C:\Program Files\ICQToolbar
2008-01-18 22:03 --------- d-----w C:\Program Files\Pracovní kalendář_203
2008-01-18 22:02 --------- d-----w C:\Program Files\Spyware Terminator
2008-01-11 19:25 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-09 19:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-05 04:30 --------- d-----w C:\Program Files\Prime95
2008-01-04 14:11 --------- d-----w C:\Program Files\AlienGUIse
2007-12-29 10:38 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\ICQ
2007-12-29 10:38 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\ICQ
2007-12-29 10:38 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\ICQ
2007-12-21 13:54 --------- d-----w C:\Program Files\Multimedia Card Reader
2007-12-21 13:15 --------- d-----w C:\Program Files\Winamp
2007-12-18 08:04 --------- d-----w C:\Program Files\RALINK
2007-12-16 21:45 --------- d-----w C:\Program Files\hjt
2007-12-13 13:04 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\U3
2007-12-13 13:04 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\U3
2007-12-13 13:04 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\U3
2007-12-12 12:44 --------- d-----w C:\Program Files\PartyPoker
2007-12-10 21:16 --------- d-----w C:\Program Files\Avast4
2007-12-10 19:38 --------- d-s---w C:\Documents and Settings\Admin\Data aplikací\Microsoft
2007-12-10 19:38 --------- d-s---w C:\Documents and Settings\Admin\Data aplikací\Microsoft
2007-12-10 19:38 --------- d-s---w C:\Documents and Settings\Admin\Data aplikací\Microsoft
2007-12-08 02:30 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Adobe
2007-12-08 02:30 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Adobe
2007-12-08 02:30 --------- d-----w C:\Documents and Settings\Admin\Data aplikací\Adobe
2007-12-07 08:43 --------- d-----w C:\Program Files\Codec Pack - All In 1
2007-12-07 08:41 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-11-25 15:17 --------- d-----w C:\Program Files\HD Tune
2007-11-25 11:11 --------- d-----w C:\Program Files\Seagate
2007-11-24 11:54 --------- d-----w C:\Program Files\eRightSoft
2007-11-24 11:54 --------- d-----w C:\Program Files\AviSynth 2.5
2007-11-20 19:31 --------- d-----w C:\Program Files\AIDA32 - Enterprise System Information
2007-11-20 19:19 --------- d-----w C:\Program Files\SiSoftware
2007-11-20 18:31 --------- d-----w C:\Program Files\PC Doc Pro
1997-02-21 21:00 105,312 ----a-w C:\WINDOWS\Fonts\SR181.TMP
1997-02-21 21:00 101,336 ----a-w C:\WINDOWS\Fonts\SR182.TMP
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot@2008-01-20_20.05.09,05 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-20 19:03:03 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
+ 2008-01-20 23:23:15 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
- 2008-01-20 19:03:03 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
+ 2008-01-20 23:23:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
- 2008-01-20 19:03:04 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
+ 2008-01-20 23:23:15 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
- 2008-01-20 19:03:04 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
+ 2008-01-20 23:23:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
- 2008-01-20 19:03:04 9,646,080 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
+ 2008-01-20 23:23:16 9,646,080 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
- 2008-01-20 19:03:04 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
+ 2008-01-20 23:23:16 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-01-20 23:26:41 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_510.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 15:29 7561216]
"nwiz"="nwiz.exe" [2006-03-09 15:29 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-09 15:29 86016]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 15:22 577536 C:\WINDOWS\soundman.exe]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2005-03-05 21:09 2573536]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 10:51 57344]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:49 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\Program Files\DVD Region+CSS Free\DVDShell.dll [2004-10-09 14:18 49152]

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 13:46]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2007-08-27 17:47]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-17 14:49]
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;C:\WINDOWS\system32\drivers\wf88vcap.sys [2004-03-12 12:34]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;C:\WINDOWS\system32\drivers\WF88XBAR.sys [2004-03-12 12:34]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;C:\WINDOWS\system32\drivers\WF88TUNE.sys [2004-03-12 12:34]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
S2 HWiNFO32;HWiNFO32 Kernel Driver;C:\Instal\HWiNFO32\HWiNFO32.SYS []
S3 GVCplDrv;GVCplDrv;C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 09:47]
S3 HWACCESS;HWACCESS;C:\WINDOWS\SYSTEM32\HWACCESS.SYS [2007-11-07 17:06]
S3 lredbooo;lredbooo;C:\DOCUME~1\Admin\LOCALS~1\Temp\lredbooo.sys []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-11 20:28]
S3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2003-09-10 09:53]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2008-01-18 16:39:22 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- D:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-21 00:27:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-21 0:29:06 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-20 23:29:04
ComboFix2.txt 2008-01-20 19:05:32

no,dobrý.jak se chová komp?

kompl se zda byt ok, dekuju vam moc. Jaky zpusobem fungujete? Vy jste za to nejak placeni? nemam vas nejak podporit? Jsem vam vdecny za rady uz parkrat jste mi pomohli a mlademu taky, to prece nemuze byt zadarmo.? jeste jednou dekuju

když je komp ok,tak je to prostě příjemnej pocit. a to nám stačí-děláme to pro zábavu
tákže:neni zač