pomože i niekto s tymto prosím

[goberaz]

pomože mi niekto s týmto prosím vopred ďakujem





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:12:00, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashserv.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Video Add-on\icthis.exe
C:\Program Files\Video Add-on\isfmntr.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Video Add-on\icmntr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Video Add-on\isfmm.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\WinPCDoctor\strpmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\JOZEF GANDI\My Documents\rp10-bbc-en-setup.exe
C:\Documents and Settings\JOZEF GANDI\My Documents\GPS\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.ie/ig/dell?hl=en&clie ... bd=1070918
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=en&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/defau ... l=en&s=gen
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.ie/ig/dell?hl=en&clie ... bd=1070918
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: (no name) - {D1BD315B-8706-4C47-B443-A0784865CD04} - C:\Program Files\Video Add-on\isfmdl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: IE Custom Tools - {6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} - C:\Program Files\Video Add-on\ictmdl.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NI.UGA6P_0001_N122M2210] "c:\documents and settings\jozef gandi\application data\install_en[1].exe"
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com; ad=http://winpcdoctor.com
O4 - HKLM\..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: complacential - {41591d7f-9e25-4bd0-af53-9908fcf3a738} - C:\WINDOWS\system32\yneid.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashserv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10302 bytes

[Reklama]

[fredik]

Vítej na fóru

Stáhni si SmitFraudFix (by S!Ri)

Restartuj PC do nouzového režimu:
Spustíš SmitFraudFix - objeví se modrá obrazovka aplikace a stiskni libovolnou klávesu, tím se dostaneš do menu.
Zde zvol volbu číslo 2
Nechej proskenovat počítač.
Pokud budeš dotázán, zda povolíš čištění registrů (Do you want to clean the registry ?), stiskni klávesu Y (pozor na záměnu Y a Z na klávesnici)
Pokud budeš dotázán na odstranění zavirovaných souborů z počítače (Replace infected file ?), stiskneš opět klávesu Y.

Pak restartuj PC do normálního režimu, vlož sem z něho log který najdeš v souboru na C:\rapport.txt

Stáhni si SUPERAntiSpyware
Nainstaluj a spusť ho a klikni na tlačítko Check for Updates...
Po provedení Update klikni na tlačítko: Scan your computer
Zvol možnost: Perform Complete Scan a klikni na tlačítko Další >

Proběhne kontrola, po skončení vypíše vše co našel.
Ujisti se že všechny položko jsou zaškrtnuty a pak zvol tlačítko Další
Pak klikni na tlačítko Finish a měl by ses dostat na úvodní obrazovku.
Tam klikni na tlačítko: Preferences... a tam zvol záložku Statistics/Logs
Tam klikni na log s dnešním datem který tam bude a dej tlačítko: View Log...
Otevře se ti Okno s logem tak jeho obsah sem zkopíruj.

Nakonec udělej nový log z HijackThis a dej ho taky sem.

[goberaz]

Ďakujem idem to skusiť

[goberaz]

tak tu je výpis s C:/rapport.txt
SmitFraudFix v2.246

Scan done at 16:11:52,57, so 03.11.2007
Run from C:\Documents and Settings\\My Documents\GPS\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{41591d7f-9e25-4bd0-af53-9908fcf3a738}"="complacential"

[HKEY_CLASSES_ROOT\CLSID\{41591d7f-9e25-4bd0-af53-9908fcf3a738}\InProcServer32]
@="C:\WINDOWS\system32\yneid.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41591d7f-9e25-4bd0-af53-9908fcf3a738}\InProcServer32]
@="C:\WINDOWS\system32\yneid.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{1A1041AA-E39C-4C51-A427-2FFB5BCFEAE1}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A689FC55-D913-4E36-AAEB-B51FFDE1C578}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1A1041AA-E39C-4C51-A427-2FFB5BCFEAE1}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A689FC55-D913-4E36-AAEB-B51FFDE1C578}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A689FC55-D913-4E36-AAEB-B51FFDE1C578}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\..\{1A1041AA-E39C-4C51-A427-2FFB5BCFEAE1}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A689FC55-D913-4E36-AAEB-B51FFDE1C578}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{41591d7f-9e25-4bd0-af53-9908fcf3a738}"="complacential"

[HKEY_CLASSES_ROOT\CLSID\{41591d7f-9e25-4bd0-af53-9908fcf3a738}\InProcServer32]
@="C:\WINDOWS\system32\yneid.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41591d7f-9e25-4bd0-af53-9908fcf3a738}\InProcServer32]
@="C:\WINDOWS\system32\yneid.dll"



»»»»»»»»»»»»»»»»»»»»»»»» End

[goberaz]

tak tu je moj log z Superanty spyware
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/03/2007 at 05:55 PM

Application Version : 3.9.1008

Core Rules Database Version : 3337
Trace Rules Database Version: 1338

Scan type : Complete Scan
Total Scan Time : 00:35:56

Memory items scanned : 747
Memory threats detected : 0
Registry items scanned : 6208
Registry threats detected : 62
File items scanned : 34694
File threats detected : 115

Malware.LocusSoftware Inc/BestSellerAntivirus
[NI.UGA6P_0001_N122M2210] C:\DOCUMENTS AND SETTINGS\JOZEF GANDI\APPLICATION DATA\INSTALL_EN[1].EXE
C:\DOCUMENTS AND SETTINGS\JOZEF GANDI\APPLICATION DATA\INSTALL_EN[1].EXE
C:\DOCUMENTS AND SETTINGS\JOZEF GANDI\APPLICATION DATA\SETUP_EN[1].EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0050264.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0050265.EXE

Trojan.Smitfraud Variant
HKLM\Software\Classes\CLSID\{41591d7f-9e25-4bd0-af53-9908fcf3a738}
HKCR\CLSID\{41591D7F-9E25-4BD0-AF53-9908FCF3A738}
HKCR\CLSID\{41591D7F-9E25-4BD0-AF53-9908FCF3A738}\InProcServer32
HKCR\CLSID\{41591D7F-9E25-4BD0-AF53-9908FCF3A738}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\YNEID.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{41591d7f-9e25-4bd0-af53-9908fcf3a738}

Trojan.Media-Codec/V4
HKLM\Software\Classes\CLSID\{D1BD315B-8706-4C47-B443-A0784865CD04}
HKCR\CLSID\{D1BD315B-8706-4C47-B443-A0784865CD04}
HKCR\CLSID\{D1BD315B-8706-4C47-B443-A0784865CD04}#xxx
HKCR\CLSID\{D1BD315B-8706-4C47-B443-A0784865CD04}\InprocServer32
HKCR\CLSID\{D1BD315B-8706-4C47-B443-A0784865CD04}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ADD-ON\ISFMDL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1BD315B-8706-4C47-B443-A0784865CD04}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center#UninstallString
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0011324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0012324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0013324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0014324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0015324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0016324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0017324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0018323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0019323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0020324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0021324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0022324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0023324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0024324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0025324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0026324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0027324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0028324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0029324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0030324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0031323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0032323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0033323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0034324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0035324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0036323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0037323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0039323.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0040324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0041324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0042324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0043324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0044324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0045324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0046324.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP66\A0049395.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0049449.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0049853.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0050241.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0050274.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0050292.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0050321.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0051372.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0052371.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0052390.DLL

Adware.Tracking Cookie
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@ad.wz[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@showit[3].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@ads.ft[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@hmt.connexpromotions[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@please[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@showit[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@windowsmedia[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@please[5].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@counter.cnw[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@clickaider[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@toplist[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@goclick[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@www.viruslocker[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@please[6].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@1068632757[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@revsci[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@avsystemcare[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@please[3].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@please[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@1072371767[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@cgi[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@k.iinfo[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@hit.stat[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@1058474639[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@stat.dealtime[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@please[4].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@adrenaline[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@toplist[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@adrenalinesk[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@please[7].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@1064351627[1].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@adbrite[2].txt
C:\Documents and Settings\JOZEF GANDI\Cookies\jozef gandi@ads.o2[1].txt

Malware.VirusRescue
HKCR\Interface\{679B00B5-0783-4DE4-A478-7227FDD50825}
HKCR\Interface\{679B00B5-0783-4DE4-A478-7227FDD50825}\ProxyStubClsid
HKCR\Interface\{679B00B5-0783-4DE4-A478-7227FDD50825}\ProxyStubClsid32
HKCR\Interface\{679B00B5-0783-4DE4-A478-7227FDD50825}\TypeLib
HKCR\Interface\{679B00B5-0783-4DE4-A478-7227FDD50825}\TypeLib#Version

Unclassified.SpywareBot (Not A Threat)
HKU\S-1-5-21-1604788455-2898618453-1817826344-1006\Software\SpywareBot
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Setup Version
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: App Path
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#InstallLocation
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Icon Group
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: User
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Selected Tasks
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Deselected Tasks
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#QuietUninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#InstallDate
C:\Program Files\SpywareBot\DataBase.ref
C:\Program Files\SpywareBot\Launcher.exe
C:\Program Files\SpywareBot\license.rtf
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\msvcp80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\msvcr80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.CRT
C:\Program Files\SpywareBot\Microsoft.VC80.MFC\mfc80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.MFC\Microsoft.VC80.MFC.manifest
C:\Program Files\SpywareBot\Microsoft.VC80.MFC
C:\Program Files\SpywareBot\SpyCleaner.dll
C:\Program Files\SpywareBot\SpywareBot.exe
C:\Program Files\SpywareBot\SpywareBot.url
C:\Program Files\SpywareBot\TCL.dll
C:\Program Files\SpywareBot\unins000.dat
C:\Program Files\SpywareBot\unins000.exe
C:\Program Files\SpywareBot\zlib.dll
C:\Program Files\SpywareBot
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\Uninstall SpywareBot.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot
C:\Documents and Settings\JOZEF GANDI\Desktop\SpywareBot.lnk
C:\DOCUMENTS AND SETTINGS\JOZEF GANDI\MY DOCUMENTS\GPS\SETUP.EXE
C:\WINDOWS\Prefetch\SETUP.EXE-07313860.pf

Malware.VirusRanger
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\AosmtX
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\IjQizs
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\Implemented Categories
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\InprocServer32
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\InprocServer32#ThreadingModel
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\leYhuop
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\nXnwlpWfmsmjP
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\pApoCndS
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\ProgID
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\Programmable
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\soTjomhaqw
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\srnjBxF
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\Svwpeaalfotvk
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\TypeLib
HKCR\CLSID\{14869272-E04B-66DC-80DD-58BAB2570CF0}\VersionIndependentProgID
HKCR\Interface\{139C109E-08C6-4B60-9142-860B8CD5D000}
HKCR\Interface\{139C109E-08C6-4B60-9142-860B8CD5D000}\ProxyStubClsid
HKCR\Interface\{139C109E-08C6-4B60-9142-860B8CD5D000}\ProxyStubClsid32
HKCR\Interface\{139C109E-08C6-4B60-9142-860B8CD5D000}\TypeLib
HKCR\Interface\{139C109E-08C6-4B60-9142-860B8CD5D000}\TypeLib#Version
C:\Program Files\VirusRanger\result.lst
C:\Program Files\VirusRanger\sdebug.log
C:\Program Files\VirusRanger\updater.plb
C:\Program Files\VirusRanger\vrext.dll
C:\Program Files\VirusRanger

Rogue.AntiSpywareShield
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP67\A0050262.EXE

[goberaz]

a tu je lozaverečný log z hijackthins
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:31:27, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashserv.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\WinPCDoctor\strpmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\JOZEF GANDI\My Documents\GPS a vír\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.ie/ig/dell?hl=en&clie ... bd=1070918
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com; ad=http://winpcdoctor.com
O4 - HKLM\..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashserv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9317 bytes

[fredik]

Odinstaluj přes Přidat nebo odebrat programy:
WinPCDoctor
AntiSpywareShield

Pro lepší zabezpečení by bylo dobré si doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině, čeština by měla být asi až od verze 3 která by se měl objevit v brzké době
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině

Dej sem pak nový log z HJT

[goberaz]

odinštaloval som tie dva programy nainštaloval som kerio a posielam log bude to teraz v poriadku


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:31:04, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Alwil Software\Avast4\ashserv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\WinPCDoctor\strpmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\JOZEF GANDI\My Documents\GPS a vír\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.ie/ig/dell?hl=en&clie ... bd=1070918
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com; ad=http://winpcdoctor.com
O4 - HKLM\..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashserv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9446 bytes

[fredik]

Ještě tam něco zůstalo vlož sem prosím tě tento log:

Spusť znovu HijackThis
Klikni na tlačítko: Open the Mics Tools section (případně tlačítko Config... pokud jsi v okně kde se zobrazuje log z HJT)
Na hoře klikni na položku: Misc Tools pokud už nebudu vybraná
pak klikni pod položkou System tools na tlačítko: Open Uninstall Manager...
tam klikni na tlačítko: Save list...
ulož si daný log a jeho výsledek sem zkopíruj

[goberaz]

tak tu je ten log
7-Zip 4.42
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.1
Adobe® Photoshop® Album Starter Edition 3.0
AMD Processor Driver
Apple Software Update
ATI Catalyst Control Center
ATI Display Driver
Audio-Video Software
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
avast! Antivirus
Broadcom Management Programs
Browser Address Error Redirector
Conexant HDA D110 MDC V.92 Modem
Dell Support Center
Dell Wireless WLAN Card
DellSupport
Digital Line Detect
Google Desktop
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
ICQ 5.1
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 3
Kerio Personal Firewall
Language Lab Demo
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Modem Helper
Mozilla Firefox (2.0.0.9)
MSN
MSXML 4.0 SP2 (KB936181)
NetWaiting
Nokia Connectivity Cable Driver
Nokia Lifeblog
Nokia PC Connectivity Solution
Nokia PC Suite
Nokia Software Updater
PowerDVD 5.7
QuickSet
RealPlayer
Rhapsody
Rhapsody Player Engine
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
SearchAssist
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Sonic Activation Module
Spybot - Search & Destroy 1.3
SUPERAntiSpyware Free Edition
Synaptics Pointing Device Driver
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Windows Desktop Search 3.01
Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
Windows Imaging Component
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR

[fredik]

Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
O4 - HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com; ad=http://winpcdoctor.com
po zaškrtnutí klikni na tlačítko Fix Checked

Odinstaluj přes přidat nebo odebrat programy:
J2SE Runtime Environment 5.0 Update 6

Pokud používáš Spybot tak můžeš provést jeho aktualizaci, protože tam máš starou verzi, aktuální je 1.5

Restartuj pak PC a dej sem už poslední log z HJT.

[goberaz]

spravil som všetko podľa tvojho návodu a nainštaloval som aj Spybota 1.5 a zasielam ti ten log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:30:06, on 6.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\JOZEF GANDI\My Documents\GPS a vír\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.ie/ig/dell?hl=en&clie ... bd=1070918
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10421 bytes