Prosím o kontrolu logu Vyřešeno

[brano]

Dobrý deň. Prosím o kontrolu logu. Niektoré programy (ojo total cov. nero) sa mi v poslednom čase nechcú otvoriť a hlásia pri otvorení zlyhanie. Keď potom spustím spyboot, tak chvíľu idú a za niekoľko hodín, alebo dní znova zlyhajú. Možno je to aj tým, že dosť často dočisťujem tune up - om a následne hlboké registre win. doctorom, lebo som si všimol, že keď nečistím veľmi často tak je to lepšie. Ale nemám istotu či je to naozaj tak.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29:09, on 10.4.2009
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Laplink Everywhere\ServerProxyService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Laplink\winShadow\shwSrvc.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/ig?hl=sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7316118328
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c9b074adf011ba) (gupdate1c9b074adf011ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServerProxyService - Unknown owner - C:\Program Files\Laplink Everywhere\ServerProxyService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: winShadow - OmniCom Technologies - C:\Program Files\Laplink\winShadow\shwSrvc.exe

--
End of file - 10105 bytes

[Reklama]

[jaro3]

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[brano]

Malwarebytes' Anti-Malware 1.36
Verzia databázy: 1962
Windows 5.1.2600 Service Pack 3, v.5657

10.4.2009 20:48:06
mbam-log-2009-04-10 (20-47-57).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 66723
Uplynutý cas: 1 minute(s), 30 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 6

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\Program Files\C4COM.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\CAGENT.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\CDV32.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\cnxfdg1en.dll (Spyware.OnlineGames) -> No action taken.
C:\Program Files\OGGC.DLL (Spyware.OnlineGames) -> No action taken.
C:\Program Files\ZLIB.DLL (Spyware.OnlineGames) -> No action taken.

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log z MbAM.

Vypni rez. ochranu u NOD32+deaktivuj Spybot.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Zítra se podívám..

[brano]

Malwarebytes' Anti-Malware 1.36
Verzia databázy: 1962
Windows 5.1.2600 Service Pack 3, v.5657

10.4.2009 21:18:37
mbam-log-2009-04-10 (21-18-37).txt

Typ kontroly: Úplná (C:\|D:\|)
Objektov kontrolovaných: 133576
Uplynutý cas: 20 minute(s), 1 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 6

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\Program Files\C4COM.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\CAGENT.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\CDV32.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\cnxfdg1en.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\OGGC.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\ZLIB.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.

[brano]

Prebehlo to dobre, až na to, že keď Combofix reštartoval PC, tak sa mi automaticky zapol aj Eset aj keď som ho pred inštaláciou Combofixu deaktivoval, takže som ho pred vytvorením logu z Combofixu musel znova pravým tlačítkom na spodnom panely deaktivovať, k čomu ma vyzval Combofix. Až potom ma napadlo, že som ho mal zakázať, aby sa spustil pri štarte v nastaveniach Tune up.

ComboFix 09-04-04.01 - PC 2009-04-10 21:40:09.4 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.2047.1590 [GMT 2:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\PC\Application Data\inst.exe
c:\documents and settings\PC\Application Data\wiaserva.log
c:\documents and settings\PC\Local Settings\Temporary Internet Files\_tmBB8.tmp
c:\documents and settings\PC\Local Settings\Temporary Internet Files\stb06759.tmp
c:\program files\autorun.inf
c:\windows\IE4 Error Log.txt
c:\windows\system32\mfc45.dll
c:\windows\system32\pthreadGC2.dll

.
((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.

2009-04-10 20:44 . 2009-04-10 20:44 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-10 20:44 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-10 20:44 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-10 18:28 . 2009-04-10 18:28 <DIR> d-------- c:\program files\Trend Micro
2009-04-10 17:00 . 2009-04-10 17:00 <DIR> d-------- c:\program files\OJOsoft
2009-04-10 17:00 . 2008-12-18 13:38 1,700,352 --a------ c:\windows\system32\gdiplus.dll
2009-04-10 17:00 . 2008-12-18 13:38 719,872 --a------ c:\windows\system32\devil.dll
2009-04-10 17:00 . 2008-12-18 13:38 351,744 --a------ c:\windows\system32\avisynth.dll
2009-04-09 17:42 . 2009-04-09 18:31 69 --a------ c:\windows\NeroDigital.ini
2009-04-09 15:38 . 2009-04-09 15:38 <DIR> d-------- c:\documents and settings\PC\Application Data\Tank Combat
2009-04-09 15:32 . 2009-04-09 15:32 <DIR> d-------- c:\program files\City Interactive
2009-04-08 12:39 . 2009-04-08 12:39 <DIR> d-------- c:\program files\iPod
2009-04-08 12:38 . 2009-04-08 12:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-08 12:37 . 2009-04-08 12:37 <DIR> d-------- c:\program files\Bonjour
2009-04-07 19:50 . 2009-04-09 18:02 <DIR> d-------- c:\documents and settings\PC\Application Data\Ahead
2009-04-07 19:50 . 2009-04-07 19:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-04-07 19:48 . 2009-04-07 19:48 <DIR> d-------- c:\program files\Nero
2009-04-05 16:41 . 2009-04-05 16:41 <DIR> d--h----- c:\windows\PIF
2009-04-03 16:37 . 2009-04-03 16:37 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2009-04-03 16:37 . 2009-04-04 08:10 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-04-03 11:38 . 2009-04-03 11:38 <DIR> d-------- c:\documents and settings\PC\Application Data\iolo
2009-04-03 11:38 . 2009-04-03 11:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\iolo
2009-04-03 10:17 . 2008-06-18 22:37 2,045,459 --a------ c:\windows\system32\x264vfw.dll
2009-04-03 10:17 . 2006-04-02 14:47 630,784 --a------ c:\windows\system32\vp7vfw.dll
2009-04-03 10:17 . 2004-12-10 10:03 438,272 --a------ c:\windows\system32\vp6vfw.dll
2009-04-03 10:17 . 1997-04-07 19:19 391,680 --a------ c:\windows\system32\I263_32.drv
2009-04-03 10:17 . 1998-11-18 15:33 144,384 --a------ c:\windows\system32\Iacenc.dll
2009-04-03 10:17 . 2004-05-18 20:16 39,936 --a------ c:\windows\system32\huffyuv.dll
2009-04-03 09:37 . 2009-04-03 09:37 <DIR> d-------- c:\documents and settings\PC\Application Data\DAEMON Tools Pro
2009-04-03 09:37 . 2009-04-03 16:44 <DIR> d-------- c:\documents and settings\PC\Application Data\DAEMON Tools Lite
2009-04-03 09:37 . 2009-04-03 09:37 <DIR> d-------- c:\documents and settings\PC\Application Data\DAEMON Tools
2009-04-03 09:37 . 2009-04-03 09:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-04-03 09:22 . 2009-04-03 09:22 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-04-03 07:32 . 2009-04-03 07:32 <DIR> d--hs---- c:\documents and settings\NetworkService\IETldCache
2009-04-02 18:23 . 2009-04-02 18:57 <DIR> d-------- c:\program files\The KMPlayer
2009-04-02 12:18 . 2009-04-02 12:18 <DIR> d-------- c:\program files\Zoner
2009-03-31 10:06 . 2009-03-31 10:06 <DIR> d-------- c:\program files\Common Files\intervations
2009-03-30 14:57 . 2009-03-30 14:57 <DIR> d-------- c:\documents and settings\PC\Application Data\OpenCandy
2009-03-30 14:56 . 2009-03-30 14:57 <DIR> d-------- c:\program files\VDOWNLOADER
2009-03-30 13:51 . 2009-04-03 10:17 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-03-30 13:51 . 2008-05-23 00:22 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2009-03-30 13:51 . 2008-07-04 08:34 860,160 --a------ c:\windows\system32\lameACM.acm
2009-03-30 13:51 . 2008-01-10 14:15 755,027 --a------ c:\windows\system32\xvidcore.dll
2009-03-30 13:51 . 2008-05-31 01:22 683,520 --a------ c:\windows\system32\divx.dll
2009-03-30 13:51 . 2004-01-25 18:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2009-03-30 13:51 . 2008-09-16 21:23 168,448 --a------ c:\windows\system32\unrar.dll
2009-03-30 13:51 . 2008-01-10 14:16 159,839 --a------ c:\windows\system32\xvidvfw.dll
2009-03-30 13:51 . 2007-09-21 02:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2009-03-30 13:51 . 2008-05-23 00:19 81,920 --a------ c:\windows\system32\dpl100.dll
2009-03-30 13:51 . 2008-06-12 20:36 7,680 --a------ c:\windows\system32\ff_vfw.dll
2009-03-30 13:51 . 2007-07-10 18:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-03-30 13:51 . 2007-10-03 17:03 414 --a------ c:\windows\system32\lame_acm.xml
2009-03-30 13:39 . 2009-03-30 13:39 <DIR> d-------- c:\documents and settings\PC\Application Data\Media Player Classic
2009-03-30 00:55 . 2009-03-30 00:55 <DIR> d--hs---- c:\documents and settings\PC\IECompatCache
2009-03-30 00:14 . 2009-03-30 00:14 <DIR> d--hs---- c:\documents and settings\LocalService\IETldCache
2009-03-30 00:04 . 2009-03-30 00:04 <DIR> d-------- c:\windows\system32\msmq
2009-03-29 23:38 . 2009-03-29 23:38 <DIR> d--hs---- c:\documents and settings\PC\PrivacIE
2009-03-29 23:37 . 2009-03-29 23:37 <DIR> d--hs---- c:\documents and settings\PC\IETldCache
2009-03-29 23:36 . 2009-03-29 23:36 <DIR> d-------- c:\windows\ie8updates
2009-03-29 23:34 . 2009-03-29 23:35 <DIR> d--h-c--- c:\windows\ie8
2009-03-29 23:33 . 2009-02-28 06:55 105,984 -----c--- c:\windows\system32\dllcache\iecompat.dll
2009-03-29 02:49 . 2009-04-04 08:11 <DIR> d-------- c:\documents and settings\PC\Tracing
2009-03-29 02:43 . 2009-03-29 02:43 <DIR> d-------- c:\program files\Microsoft Sync Framework
2009-03-29 02:41 . 2009-03-29 02:41 <DIR> d-------- c:\program files\Microsoft
2009-03-29 02:31 . 2009-03-29 02:31 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-03-28 02:36 . 2009-03-28 02:36 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-28 02:36 . 2009-03-28 02:36 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-28 02:36 . 2009-03-28 02:36 <DIR> d-------- c:\program files\MSBuild
2009-03-28 02:36 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-28 02:36 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-28 02:36 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-28 02:36 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-28 02:36 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-28 02:36 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-28 02:36 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-23 22:41 . 2009-03-23 22:41 <DIR> d-------- c:\windows\Downloaded Installations
2009-03-23 22:41 . 2009-03-23 22:42 <DIR> d-------- c:\program files\Laplink Everywhere
2009-03-23 22:41 . 2009-03-23 22:41 <DIR> d-------- c:\program files\Laplink
2009-03-23 08:59 . 2009-03-23 08:59 <DIR> d-------- c:\program files\Windows Doctor
2009-03-21 14:36 . 2009-03-21 14:36 <DIR> d-------- c:\program files\Total Uninstall 5
2009-03-21 14:36 . 2009-03-21 14:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\Martau
2009-03-19 16:31 . 2009-03-19 16:31 <DIR> d-------- c:\documents and settings\PC\WINDOWS
2009-03-18 14:53 . 2008-03-21 14:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2009-03-18 14:53 . 2009-03-18 14:53 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-03-18 14:53 . 2009-03-18 14:53 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2009-03-18 14:44 . 2009-03-18 14:44 1,107,296 --a------ c:\windows\system32\WdfCoInstaller01007.dll
2009-03-18 14:44 . 2009-03-18 14:44 24,616 --a------ c:\windows\system32\drivers\ggsemc.sys
2009-03-18 14:44 . 2009-03-18 14:44 13,224 --a------ c:\windows\system32\drivers\ggflt.sys
2009-03-18 14:21 . 2009-03-18 14:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\BVRP Software
2009-03-18 13:00 . 2009-03-18 13:00 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-03-18 08:26 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-18 08:26 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-17 18:26 . 2009-04-10 20:42 <DIR> d-------- c:\program files\INŠTALÁCIE
2009-03-16 23:16 . 2009-03-16 23:16 <DIR> d-------- c:\documents and settings\PC\Application Data\Real Desktop
2009-03-16 23:16 . 2009-03-16 23:16 <DIR> d-------- c:\documents and settings\PC\Application Data\AD ON Multimedia
2009-03-16 19:35 . 2009-02-28 07:16 172,032 --a------ c:\windows\system32\AVLibrary.dll
2009-03-16 15:11 . 2009-03-16 15:42 <DIR> d-------- c:\documents and settings\PC\Application Data\Hide IP NG
2009-03-13 12:36 . 2009-03-13 14:43 <DIR> d-------- c:\program files\AIMP2
2009-03-13 12:36 . 2009-04-10 16:02 <DIR> d-------- c:\documents and settings\PC\Application Data\AIMP
2009-03-13 01:20 . 2009-04-04 18:23 485 --a------ c:\windows\wininit.ini
2009-03-13 00:35 . 2009-03-13 00:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-13 00:33 . 2009-03-06 00:59 1,900,544 --a------ c:\windows\system32\usbaaplrc.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-10 14:58 --------- d-----w c:\program files\Common Files\Common Share
2009-04-10 14:34 --------- d-----w c:\program files\FreeRapid-0.81
2009-04-10 11:59 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2009-04-10 08:55 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-08 10:39 --------- d-----w c:\program files\iTunes
2009-04-08 10:39 --------- d-----w c:\program files\Common Files\Apple
2009-04-07 17:49 --------- d-----w c:\program files\Common Files\Ahead
2009-04-07 15:30 --------- d-----w c:\program files\Common Files\Nero
2009-04-04 13:00 93 ----a-w c:\program files\CZCS.INI
2009-04-04 13:00 93 ----a-w c:\program files\ANCS.INI
2009-04-03 07:39 --------- d-----w c:\program files\NCH Software
2009-04-03 05:33 --------- d-----w c:\program files\Google
2009-04-02 10:10 --------- d-----w c:\program files\Common Files\Adobe
2009-04-02 06:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-01 04:39 --------- d-----w c:\program files\Java
2009-03-30 21:11 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-30 18:48 45,346,888 ----a-w c:\program files\ANCS.DBF
2009-03-30 18:47 93 ----a-w c:\program files\GRCS.INI
2009-03-28 17:03 --------- d-----w c:\program files\Common Files\Corel
2009-03-28 17:03 --------- d-----w c:\documents and settings\PC\Application Data\Corel
2009-03-27 23:56 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-03-21 19:49 --------- d-----w c:\program files\ICQ6.5
2009-03-19 14:32 23,400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-18 12:43 --------- d-----w c:\program files\Sony Ericsson
2009-03-16 18:40 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-13 15:06 --------- d-----w c:\program files\QuickTime
2009-03-07 17:21 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-07 17:20 --------- d-----w c:\program files\Free Offers from Freeze.com
2009-03-07 17:03 16,409,960 ----a-w c:\program files\spybotsd162.exe
2009-03-05 22:59 36,864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-02 20:19 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Software
2009-03-01 07:48 --------- d-----w c:\program files\VstPlugins
2009-02-28 16:36 --------- d-----w c:\documents and settings\PC\Application Data\NCH Software
2009-02-21 11:23 --------- d-----w c:\program files\MP3Gain
2009-02-20 10:10 --------- d-----w c:\program files\data
2009-02-20 09:46 --------- d-----w c:\documents and settings\All Users\Application Data\Winferno
2009-02-19 18:12 181 ----a-w c:\program files\TRANSLAT.INI
2009-02-18 10:57 --------- d-----w c:\program files\Duhiki
2009-02-18 09:54 --------- d-----w c:\documents and settings\PC\Application Data\Desktopicon
2009-02-15 12:21 --------- d-----w c:\documents and settings\PC\Application Data\Zoner
2009-02-14 14:26 --------- d-----w c:\documents and settings\PC\Application Data\MusicLab
2009-02-13 19:56 --------- d-----w c:\program files\Mp3 Knife
2009-02-13 14:41 --------- d-----w c:\program files\OperaTor
2009-02-13 11:14 --------- d-----w c:\documents and settings\PC\Application Data\tor
2009-02-13 09:55 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-02-12 20:38 --------- d-----w c:\documents and settings\PC\Application Data\Steganos VPN
2009-02-12 20:35 --------- d-----w c:\program files\VMNetSrv
2009-02-12 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\SpeedBit
2009-02-12 18:41 630 ----a-w c:\program files\news.txt
2009-02-12 09:04 --------- d-----w c:\program files\blender-2.48a-windows
2009-02-10 19:36 22,328 ----a-w c:\documents and settings\PC\Application Data\PnkBstrK.sys
2009-02-10 15:46 --------- d-----w c:\documents and settings\PC\Application Data\U3
2009-02-06 22:21 14,261 ----a-w c:\program files\esi-eula.txt
2009-02-06 22:17 3,892,480 ----a-w c:\program files\SysInspector.exe
2009-02-06 10:18 146,598 ----a-w c:\program files\WEBFF.XPI
2009-02-06 10:18 132,690 ----a-w c:\program files\WEBTB.XPI
2009-02-06 10:16 98,304 ----a-w c:\program files\MAILTRANg.DLL
2009-02-06 10:15 82,758 ----a-w c:\program files\GRCSTCX.DBF
2009-02-06 10:14 979,968 ----a-w c:\program files\CSANTCX.CDX
2009-01-05 12:13 47,360 ----a-w c:\documents and settings\PC\Application Data\pcouffin.sys
2008-12-24 10:10 422,170 ----a-w c:\program files\TU2009v8_0_2000_35CZ.exe
2007-04-22 07:01 1,174 ----a-w c:\program files\Release.txt
2007-04-20 15:44 4,088 ----a-w c:\program files\README.TXT
2007-04-20 15:42 180 ----a-w c:\program files\file_id.diz
2006-12-15 09:08 2,829 ----a-w c:\documents and settings\PC\_gzuninstall.pif
2009-03-28 19:37 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Google Update"="c:\documents and settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-29 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-02-12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-04-10 29757440]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-28 30192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-02-12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OEXPRESS"=c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"ASUSGamerOSD"=c:\program files\ASUS\GamerOSD\GamerOSD.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\qsb.exe" /autorun

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-03-13 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 ServerProxyService;ServerProxyService;c:\program files\Laplink Everywhere\ServerProxyService.exe [2005-08-26 131072]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-02-07 603904]
R2 winShadow;winShadow;c:\program files\Laplink\winShadow\shwSrvc.exe [2005-08-26 274432]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2008-02-12 69120]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-11-01 222976]
S2 gupdate1c9b074adf011ba;Google Update Service (gupdate1c9b074adf011ba);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 133104]
S3 a016bus;Sony Ericsson Device A016 driver (WDM);c:\windows\system32\drivers\a016bus.sys [2008-11-04 83880]
S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter;c:\windows\system32\drivers\a016mdfl.sys [2008-11-04 15016]
S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver;c:\windows\system32\drivers\a016mdm.sys [2008-11-04 110504]
S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\a016mgmt.sys [2008-11-04 104488]
S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface;c:\windows\system32\drivers\a016obex.sys [2008-11-04 100648]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-03-18 13224]
S3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [2007-02-15 26624]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5da3b160-aa3d-11dd-9f61-002215c9b29c}]
\Shell\AutoRun\command - 8ng8w.com
\Shell\explore\Command - 8ng8w.com
\Shell\open\Command - 8ng8w.com

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-04-10 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]

2009-03-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]

2009-04-10 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 20:05]

2009-04-10 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 15:45]

2009-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1500820517-1801674531-1003.job
- c:\documents and settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-29 10:48]

2009-04-10 c:\windows\Tasks\User_Feed_Synchronization-{85C6AB20-180E-4DBB-B8B0-D4674D7D1EEC}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]

2009-04-10 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/ig?hl=sk
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\kl5g0g5a.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://sk.start2.mozilla.com/firefox?cl ... k:official
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - plugin: c:\documents and settings\PC\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin9.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin9.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 21:43:48
Windows 5.1.2600 Service Pack 3, v.5657 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\ATKKBService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-04-10 21:45:34 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-10 19:45:32

Pre-Run: 94 076 354 560 bytes free
Post-Run: 8 adresárov, 94,121,230,336 voľných bajtov

341 --- E O F --- 2009-03-28 02:59:32

[brano]

Prestal ísť PC Translator, to by nebol problém dá sa znova preinštalovať a Totalcomander - "Applicationn Error module TOTAL CMD.EXE at 00039E40
Acces violation at address 0043306C.Read of adress 029788FO

Ešte mi ukazuje jeden problém so zdravým v Tune up a to, že mám zapnuté Administrativní sdílení a nedá sa to kliknutím napraviť.

Zatiaľ nebudem robiť nič, ani nedočisťujem tune up a windows doctor.

[jaro3]

To je divný, že to přestalo chodit, v logu je mi divný jediný výmaz:
c:\windows\system32\mfc45.dll
měl by patřit myslím k System Mechanic. Pak budeš muset přeinstalovat.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5da3b160-aa3d-11dd-9f61-002215c9b29c}]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[brano]

Ten Mechanic System som chcel pôvodne nainštalovať minule, ale keď ma vyzvalo, aby som najprv odinštaloval Eset, za ktorý si platím, tak som to ukončil. Ten priečinok tam ostal zrejme z tej úvodnej fázy inštalácie.

mboFix 09-04-04.01 - PC 2009-04-11 7:47:48.5 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.2047.1569 [GMT 2:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\PC\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-03-11 to 2009-04-11 )))))))))))))))))))))))))))))))
.

2009-04-10 20:44 . 2009-04-10 20:44 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-10 20:44 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-10 20:44 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-10 18:28 . 2009-04-10 18:28 <DIR> d-------- c:\program files\Trend Micro
2009-04-10 17:00 . 2009-04-10 17:00 <DIR> d-------- c:\program files\OJOsoft
2009-04-10 17:00 . 2008-12-18 13:38 1,700,352 --a------ c:\windows\system32\gdiplus.dll
2009-04-10 17:00 . 2008-12-18 13:38 719,872 --a------ c:\windows\system32\devil.dll
2009-04-10 17:00 . 2008-12-18 13:38 351,744 --a------ c:\windows\system32\avisynth.dll
2009-04-09 17:42 . 2009-04-09 18:31 69 --a------ c:\windows\NeroDigital.ini
2009-04-09 15:38 . 2009-04-09 15:38 <DIR> d-------- c:\documents and settings\PC\Application Data\Tank Combat
2009-04-09 15:32 . 2009-04-09 15:32 <DIR> d-------- c:\program files\City Interactive
2009-04-08 12:39 . 2009-04-08 12:39 <DIR> d-------- c:\program files\iPod
2009-04-08 12:38 . 2009-04-08 12:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-08 12:37 . 2009-04-08 12:37 <DIR> d-------- c:\program files\Bonjour
2009-04-07 19:50 . 2009-04-09 18:02 <DIR> d-------- c:\documents and settings\PC\Application Data\Ahead
2009-04-07 19:50 . 2009-04-07 19:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-04-07 19:48 . 2009-04-07 19:48 <DIR> d-------- c:\program files\Nero
2009-04-05 16:41 . 2009-04-05 16:41 <DIR> d--h----- c:\windows\PIF
2009-04-03 16:37 . 2009-04-03 16:37 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2009-04-03 16:37 . 2009-04-04 08:10 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-04-03 11:38 . 2009-04-03 11:38 <DIR> d-------- c:\documents and settings\PC\Application Data\iolo
2009-04-03 11:38 . 2009-04-03 11:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\iolo
2009-04-03 10:17 . 2008-06-18 22:37 2,045,459 --a------ c:\windows\system32\x264vfw.dll
2009-04-03 10:17 . 2006-04-02 14:47 630,784 --a------ c:\windows\system32\vp7vfw.dll
2009-04-03 10:17 . 2004-12-10 10:03 438,272 --a------ c:\windows\system32\vp6vfw.dll
2009-04-03 10:17 . 1997-04-07 19:19 391,680 --a------ c:\windows\system32\I263_32.drv
2009-04-03 10:17 . 1998-11-18 15:33 144,384 --a------ c:\windows\system32\Iacenc.dll
2009-04-03 10:17 . 2004-05-18 20:16 39,936 --a------ c:\windows\system32\huffyuv.dll
2009-04-03 09:37 . 2009-04-03 09:37 <DIR> d-------- c:\documents and settings\PC\Application Data\DAEMON Tools Pro
2009-04-03 09:37 . 2009-04-03 16:44 <DIR> d-------- c:\documents and settings\PC\Application Data\DAEMON Tools Lite
2009-04-03 09:37 . 2009-04-03 09:37 <DIR> d-------- c:\documents and settings\PC\Application Data\DAEMON Tools
2009-04-03 09:37 . 2009-04-03 09:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-04-03 09:22 . 2009-04-03 09:22 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-04-03 07:32 . 2009-04-03 07:32 <DIR> d--hs---- c:\documents and settings\NetworkService\IETldCache
2009-04-02 18:23 . 2009-04-02 18:57 <DIR> d-------- c:\program files\The KMPlayer
2009-04-02 12:18 . 2009-04-02 12:18 <DIR> d-------- c:\program files\Zoner
2009-03-31 10:06 . 2009-03-31 10:06 <DIR> d-------- c:\program files\Common Files\intervations
2009-03-30 14:57 . 2009-03-30 14:57 <DIR> d-------- c:\documents and settings\PC\Application Data\OpenCandy
2009-03-30 14:56 . 2009-03-30 14:57 <DIR> d-------- c:\program files\VDOWNLOADER
2009-03-30 13:51 . 2009-04-03 10:17 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-03-30 13:51 . 2008-05-23 00:22 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2009-03-30 13:51 . 2008-07-04 08:34 860,160 --a------ c:\windows\system32\lameACM.acm
2009-03-30 13:51 . 2008-01-10 14:15 755,027 --a------ c:\windows\system32\xvidcore.dll
2009-03-30 13:51 . 2008-05-31 01:22 683,520 --a------ c:\windows\system32\divx.dll
2009-03-30 13:51 . 2004-01-25 18:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2009-03-30 13:51 . 2008-09-16 21:23 168,448 --a------ c:\windows\system32\unrar.dll
2009-03-30 13:51 . 2008-01-10 14:16 159,839 --a------ c:\windows\system32\xvidvfw.dll
2009-03-30 13:51 . 2007-09-21 02:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2009-03-30 13:51 . 2008-05-23 00:19 81,920 --a------ c:\windows\system32\dpl100.dll
2009-03-30 13:51 . 2008-06-12 20:36 7,680 --a------ c:\windows\system32\ff_vfw.dll
2009-03-30 13:51 . 2007-07-10 18:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-03-30 13:51 . 2007-10-03 17:03 414 --a------ c:\windows\system32\lame_acm.xml
2009-03-30 13:39 . 2009-03-30 13:39 <DIR> d-------- c:\documents and settings\PC\Application Data\Media Player Classic
2009-03-30 00:55 . 2009-03-30 00:55 <DIR> d--hs---- c:\documents and settings\PC\IECompatCache
2009-03-30 00:14 . 2009-03-30 00:14 <DIR> d--hs---- c:\documents and settings\LocalService\IETldCache
2009-03-30 00:04 . 2009-03-30 00:04 <DIR> d-------- c:\windows\system32\msmq
2009-03-29 23:38 . 2009-03-29 23:38 <DIR> d--hs---- c:\documents and settings\PC\PrivacIE
2009-03-29 23:37 . 2009-03-29 23:37 <DIR> d--hs---- c:\documents and settings\PC\IETldCache
2009-03-29 23:36 . 2009-03-29 23:36 <DIR> d-------- c:\windows\ie8updates
2009-03-29 23:34 . 2009-03-29 23:35 <DIR> d--h-c--- c:\windows\ie8
2009-03-29 23:33 . 2009-02-28 06:55 105,984 -----c--- c:\windows\system32\dllcache\iecompat.dll
2009-03-29 02:49 . 2009-04-04 08:11 <DIR> d-------- c:\documents and settings\PC\Tracing
2009-03-29 02:43 . 2009-03-29 02:43 <DIR> d-------- c:\program files\Microsoft Sync Framework
2009-03-29 02:41 . 2009-03-29 02:41 <DIR> d-------- c:\program files\Microsoft
2009-03-29 02:31 . 2009-03-29 02:31 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-03-28 02:36 . 2009-03-28 02:36 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-28 02:36 . 2009-03-28 02:36 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-28 02:36 . 2009-03-28 02:36 <DIR> d-------- c:\program files\MSBuild
2009-03-28 02:36 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-28 02:36 . 2008-07-06 14:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-28 02:36 . 2008-07-06 12:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-28 02:36 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-28 02:36 . 2008-07-06 14:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-28 02:36 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-28 02:36 . 2008-07-06 14:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-23 22:41 . 2009-03-23 22:41 <DIR> d-------- c:\windows\Downloaded Installations
2009-03-23 22:41 . 2009-03-23 22:42 <DIR> d-------- c:\program files\Laplink Everywhere
2009-03-23 22:41 . 2009-03-23 22:41 <DIR> d-------- c:\program files\Laplink
2009-03-23 08:59 . 2009-03-23 08:59 <DIR> d-------- c:\program files\Windows Doctor
2009-03-21 14:36 . 2009-03-21 14:36 <DIR> d-------- c:\program files\Total Uninstall 5
2009-03-21 14:36 . 2009-03-21 14:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\Martau
2009-03-19 16:31 . 2009-03-19 16:31 <DIR> d-------- c:\documents and settings\PC\WINDOWS
2009-03-18 14:53 . 2008-03-21 14:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2009-03-18 14:53 . 2009-03-18 14:53 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-03-18 14:53 . 2009-03-18 14:53 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2009-03-18 14:44 . 2009-03-18 14:44 1,107,296 --a------ c:\windows\system32\WdfCoInstaller01007.dll
2009-03-18 14:44 . 2009-03-18 14:44 24,616 --a------ c:\windows\system32\drivers\ggsemc.sys
2009-03-18 14:44 . 2009-03-18 14:44 13,224 --a------ c:\windows\system32\drivers\ggflt.sys
2009-03-18 14:21 . 2009-03-18 14:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\BVRP Software
2009-03-18 13:00 . 2009-03-18 13:00 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-03-18 08:26 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-18 08:26 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-17 18:26 . 2009-04-10 20:42 <DIR> d-------- c:\program files\INŠTALÁCIE
2009-03-16 23:16 . 2009-03-16 23:16 <DIR> d-------- c:\documents and settings\PC\Application Data\Real Desktop
2009-03-16 23:16 . 2009-03-16 23:16 <DIR> d-------- c:\documents and settings\PC\Application Data\AD ON Multimedia
2009-03-16 19:35 . 2009-02-28 07:16 172,032 --a------ c:\windows\system32\AVLibrary.dll
2009-03-16 15:11 . 2009-03-16 15:42 <DIR> d-------- c:\documents and settings\PC\Application Data\Hide IP NG
2009-03-13 12:36 . 2009-03-13 14:43 <DIR> d-------- c:\program files\AIMP2
2009-03-13 12:36 . 2009-04-10 22:07 <DIR> d-------- c:\documents and settings\PC\Application Data\AIMP
2009-03-13 01:20 . 2009-04-04 18:23 485 --a------ c:\windows\wininit.ini
2009-03-13 00:35 . 2009-03-13 00:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-13 00:33 . 2009-03-06 00:59 1,900,544 --a------ c:\windows\system32\usbaaplrc.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-10 21:05 --------- d-----w c:\documents and settings\PC\Application Data\Skype
2009-04-10 14:58 --------- d-----w c:\program files\Common Files\Common Share
2009-04-10 14:47 2,285,056 ----a-w c:\windows\system32\TUKernel.exe
2009-04-10 14:34 --------- d-----w c:\program files\FreeRapid-0.81
2009-04-10 11:59 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2009-04-10 08:55 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-08 10:39 --------- d-----w c:\program files\iTunes
2009-04-08 10:39 --------- d-----w c:\program files\Common Files\Apple
2009-04-07 17:49 --------- d-----w c:\program files\Common Files\Ahead
2009-04-07 15:30 --------- d-----w c:\program files\Common Files\Nero
2009-04-04 13:00 93 ----a-w c:\program files\CZCS.INI
2009-04-04 13:00 93 ----a-w c:\program files\ANCS.INI
2009-04-03 07:39 --------- d-----w c:\program files\NCH Software
2009-04-03 05:33 --------- d-----w c:\program files\Google
2009-04-02 10:10 --------- d-----w c:\program files\Common Files\Adobe
2009-04-02 06:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-01 04:39 --------- d-----w c:\program files\Java
2009-03-30 21:11 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-30 18:48 45,346,888 ----a-w c:\program files\ANCS.DBF
2009-03-30 18:47 93 ----a-w c:\program files\GRCS.INI
2009-03-28 17:03 --------- d-----w c:\program files\Common Files\Corel
2009-03-28 17:03 --------- d-----w c:\documents and settings\PC\Application Data\Corel
2009-03-27 23:56 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-03-22 22:10 2,516 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-03-21 19:49 --------- d-----w c:\program files\ICQ6.5
2009-03-19 14:32 23,400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-18 12:43 --------- d-----w c:\program files\Sony Ericsson
2009-03-16 18:40 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-13 15:06 --------- d-----w c:\program files\QuickTime
2009-03-09 03:19 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 02:34 914,944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 43,008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:33 420,352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:33 18,944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:32 72,704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 71,680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:31 48,128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 02:31 45,568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 02:31 34,816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 02:22 156,160 ----a-w c:\windows\system32\msls31.dll
2009-03-07 17:21 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-07 17:20 --------- d-----w c:\program files\Free Offers from Freeze.com
2009-03-07 17:03 16,409,960 ----a-w c:\program files\spybotsd162.exe
2009-03-05 22:59 36,864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-02 20:19 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Software
2009-03-01 07:48 --------- d-----w c:\program files\VstPlugins
2009-02-28 16:36 --------- d-----w c:\documents and settings\PC\Application Data\NCH Software
2009-02-21 11:23 --------- d-----w c:\program files\MP3Gain
2009-02-20 10:10 --------- d-----w c:\program files\data
2009-02-20 09:46 --------- d-----w c:\documents and settings\All Users\Application Data\Winferno
2009-02-19 18:12 181 ----a-w c:\program files\TRANSLAT.INI
2009-02-18 10:57 --------- d-----w c:\program files\Duhiki
2009-02-18 09:54 --------- d-----w c:\documents and settings\PC\Application Data\Desktopicon
2009-02-15 12:21 --------- d-----w c:\documents and settings\PC\Application Data\Zoner
2009-02-14 14:26 --------- d-----w c:\documents and settings\PC\Application Data\MusicLab
2009-02-13 19:56 --------- d-----w c:\program files\Mp3 Knife
2009-02-13 14:41 --------- d-----w c:\program files\OperaTor
2009-02-13 11:14 --------- d-----w c:\documents and settings\PC\Application Data\tor
2009-02-13 09:55 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-02-12 20:38 --------- d-----w c:\documents and settings\PC\Application Data\Steganos VPN
2009-02-12 20:35 --------- d-----w c:\program files\VMNetSrv
2009-02-12 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\SpeedBit
2009-02-12 18:41 630 ----a-w c:\program files\news.txt
2009-02-12 09:04 --------- d-----w c:\program files\blender-2.48a-windows
2009-02-10 19:36 22,328 ----a-w c:\documents and settings\PC\Application Data\PnkBstrK.sys
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-07 14:38 603,904 ----a-w c:\windows\system32\TUProgSt.exe
2009-02-07 14:38 360,192 ----a-w c:\windows\system32\TuneUpDefragService.exe
2009-02-06 22:21 14,261 ----a-w c:\program files\esi-eula.txt
2009-02-06 22:17 3,892,480 ----a-w c:\program files\SysInspector.exe
2009-02-06 10:18 146,598 ----a-w c:\program files\WEBFF.XPI
2009-02-06 10:18 132,690 ----a-w c:\program files\WEBTB.XPI
2009-02-06 10:16 98,304 ----a-w c:\program files\MAILTRANg.DLL
2009-02-06 10:15 82,758 ----a-w c:\program files\GRCSTCX.DBF
2009-02-06 10:14 979,968 ----a-w c:\program files\CSANTCX.CDX
2009-01-05 12:13 47,360 ----a-w c:\documents and settings\PC\Application Data\pcouffin.sys
2008-12-24 10:10 422,170 ----a-w c:\program files\TU2009v8_0_2000_35CZ.exe
2007-04-22 07:01 1,174 ----a-w c:\program files\Release.txt
2007-04-20 15:44 4,088 ----a-w c:\program files\README.TXT
2007-04-20 15:42 180 ----a-w c:\program files\file_id.diz
2006-12-15 09:08 2,829 ----a-w c:\documents and settings\PC\_gzuninstall.pif
2009-03-28 19:37 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-04-10_21.44.58.75 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-11 04:59:15 16,384 ----atw c:\windows\temp\Perflib_Perfdata_100.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-29 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-02-12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-04-10 29757440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-28 30192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-02-12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OEXPRESS"=c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"ASUSGamerOSD"=c:\program files\ASUS\GamerOSD\GamerOSD.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\qsb.exe" /autorun
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-03-13 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 ServerProxyService;ServerProxyService;c:\program files\Laplink Everywhere\ServerProxyService.exe [2005-08-26 131072]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-02-07 603904]
R2 winShadow;winShadow;c:\program files\Laplink\winShadow\shwSrvc.exe [2005-08-26 274432]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2008-02-12 69120]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-11-01 222976]
S2 gupdate1c9b074adf011ba;Google Update Service (gupdate1c9b074adf011ba);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 133104]
S3 a016bus;Sony Ericsson Device A016 driver (WDM);c:\windows\system32\drivers\a016bus.sys [2008-11-04 83880]
S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter;c:\windows\system32\drivers\a016mdfl.sys [2008-11-04 15016]
S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver;c:\windows\system32\drivers\a016mdm.sys [2008-11-04 110504]
S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\a016mgmt.sys [2008-11-04 104488]
S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface;c:\windows\system32\drivers\a016obex.sys [2008-11-04 100648]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-03-18 13224]
S3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [2007-02-15 26624]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-04-11 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]

2009-03-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]

2009-04-11 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 20:05]

2009-04-11 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 15:45]

2009-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1500820517-1801674531-1003.job
- c:\documents and settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-29 10:48]

2009-04-11 c:\windows\Tasks\User_Feed_Synchronization-{85C6AB20-180E-4DBB-B8B0-D4674D7D1EEC}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]

2009-04-11 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 22:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/ig?hl=sk
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\kl5g0g5a.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://sk.start2.mozilla.com/firefox?cl ... k:official
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - plugin: c:\documents and settings\PC\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin9.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin9.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-11 07:49:09
Windows 5.1.2600 Service Pack 3, v.5657 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-04-11 7:50:08
ComboFix-quarantined-files.txt 2009-04-11 05:50:06
ComboFix2.txt 2009-04-10 19:45:35

Pre-Run: 94 046 474 240 bytes free
Post-Run: 8 adresárov, 94,037,528,576 voľných bajtov

335 --- E O F --- 2009-03-28 02:59:32

[brano]

gfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:46, on 11.4.2009
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Laplink Everywhere\ServerProxyService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Laplink\winShadow\shwSrvc.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/ig?hl=sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66020
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7316118328
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c9b074adf011ba) (gupdate1c9b074adf011ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServerProxyService - Unknown owner - C:\Program Files\Laplink Everywhere\ServerProxyService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: winShadow - OmniCom Technologies - C:\Program Files\Laplink\winShadow\shwSrvc.exe

--
End of file - 9363 bytes

[brano]

Ešte by som prosil o radu ako mám zrušiť to "administrativní sdílení", čo mi ukazuje v tuneup ako problém so zdravým. Prosím o inštrukciu čo urobiť po skončení odstraňovania škodlivýn z PC s HJT, MBaM a ComboFix, už minule, keď si mi pomohol som ich najprv asi týždeň nechal, potom odinštaloval, ale ComboFix sa nedal, tak som ho hodil do koša a dočistil PC, čo asi nie je korektné.
Total Commander už ide, dal som repair cez ovládací panel - pridanie/odobranie soft.
Translator som chcel tiež, ale nie je v ponuke medzi programami, tak ho potom preinštalujem.

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

TuneUp zkus přenastavit, mě ukazuje taky v Health nějaké problémy, ale nechávám to být. Jinak zkus zadat do sekce vše ostatní (sw) případně nové téma.
PC by mělo být čisté takže tady je to vše.