Poprosim o kontrolu logu HJT - Trojany Vyřešeno

[Melania]

to je v pohode,vidim co to obnasa,mas to somnou des
ale po tomto scripte,..mi strasne moc zadrha pc,.robi si co chce precooo

ComboFix 09-01-17.04 - admin 2009-01-18 15:31:35.4 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.1007.606 [GMT 1:00]
Körs frĺn: c:\documents and settings\admin\Desktop\ComboFix.exe
Använda kommandoväxlar :: c:\documents and settings\admin\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Outdated)
* Skapade en ny ĺterställningspunkt
* Resident AV is active


FILE ::
c:\windows\system32\szbvrzregz.exe
.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\szbvrzregz.exe

.
(((((((((((((((((((((((( Filer Skapade frĺn 2008-12-18 till 2009-01-18 ))))))))))))))))))))))))))))))
.

2009-01-18 00:27 . 2009-01-18 11:30 280 --a------ c:\windows\emm386n.dl
2009-01-18 00:25 . 2009-01-18 00:25 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-17 22:38 . 2009-01-17 22:39 9,123 --a------ C:\ResetTeaTimer.bat
2009-01-17 20:16 . 2009-01-17 20:16 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-17 20:16 . 2009-01-17 20:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-17 20:16 . 2009-01-17 20:16 <DIR> d-------- c:\documents and settings\admin\Application Data\Malwarebytes
2009-01-17 20:16 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-17 20:16 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-17 16:48 . 2009-01-17 16:48 <DIR> d-------- c:\program files\Trend Micro
2009-01-17 00:38 . 2009-01-17 00:43 <DIR> d-------- c:\program files\360desktop
2009-01-17 00:38 . 2009-01-17 00:38 <DIR> d-------- c:\documents and settings\admin\Application Data\360desktop
2009-01-16 20:07 . 2009-01-17 00:09 <DIR> d---s---- c:\documents and settings\Administrator
2009-01-16 19:37 . 2009-01-16 19:37 380,764 --a------ c:\program files\TU2009v8_0_2000_35CZ.zip
2009-01-16 19:31 . 2009-01-16 19:31 <DIR> d-------- c:\documents and settings\admin\Application Data\TuneUp Software
2009-01-16 19:30 . 2009-01-17 00:10 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-01-16 19:30 . 2009-01-16 19:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-01-15 12:52 . 2009-01-17 10:59 <DIR> d-------- c:\program files\Pivot Stickfigure Animator
2009-01-12 14:11 . 2009-01-12 14:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\Easy CD-DA Extractor
2009-01-12 14:10 . 2009-01-12 14:39 <DIR> d-------- c:\program files\Easy CD-DA Extractor 12
2009-01-12 12:42 . 2009-01-12 12:42 <DIR> d-------- c:\windows\Easy CD-DA Extractor 12
2009-01-10 10:22 . 2009-01-10 10:22 <DIR> d--hs---- c:\windows\ftpcache
2009-01-10 07:12 . 2009-01-10 07:12 <DIR> d-------- c:\documents and settings\admin\Application Data\Playrix Entertainment
2009-01-10 07:11 . 2009-01-10 07:11 <DIR> d-------- c:\windows\Fishdom
2009-01-10 07:11 . 2009-01-10 07:12 <DIR> d-------- c:\program files\Fishdom
2009-01-08 14:20 . 2009-01-08 14:20 4,096 --a------ c:\windows\d3dx.dat
2009-01-08 10:51 . 2009-01-08 10:51 <DIR> d-------- c:\program files\CCleaner
2009-01-08 06:27 . 2009-01-08 06:27 330 --a------ c:\windows\CDPlayer.ini
2009-01-07 12:17 . 2009-01-17 11:45 <DIR> d-------- C:\My Music
2009-01-07 12:14 . 2009-01-07 12:15 <DIR> d-------- c:\program files\MediaMonkey
2009-01-05 23:14 . 2009-01-08 11:52 599 --a------ c:\windows\TRNCOM.INI
2009-01-03 15:51 . 2009-01-03 15:51 <DIR> d-------- c:\documents and settings\admin\Application Data\Jane s Hotel Family Hero
2009-01-03 13:22 . 2009-01-03 13:22 <DIR> d-------- c:\program files\Outsim
2009-01-03 13:22 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm
2009-01-03 13:22 . 2006-06-20 09:56 225,280 --a------ c:\windows\system32\rewire.dll
2009-01-03 13:20 . 2009-01-03 13:23 <DIR> d-------- c:\program files\Image-Line
2009-01-03 13:06 . 2009-01-16 08:04 <DIR> d-------- C:\Download Bitlord
2009-01-03 12:55 . 2009-01-03 12:55 <DIR> d-------- c:\documents and settings\admin\Application Data\Sony
2009-01-03 12:52 . 2009-01-03 12:52 <DIR> d-------- c:\program files\Sony Setup
2009-01-03 12:50 . 2009-01-03 12:50 <DIR> d-------- c:\program files\Acoustica Shared Effects
2009-01-03 12:50 . 2009-01-03 13:24 <DIR> d-------- c:\program files\Acoustica Beatcraft
2009-01-02 12:51 . 2009-01-02 13:05 <DIR> d-------- c:\program files\Rockstar Games
2009-01-02 12:24 . 2009-01-02 13:23 43,520 --a------ c:\windows\system32\CmdLineExt03.dll
2009-01-02 08:19 . 2009-01-07 09:10 <DIR> d-------- c:\documents and settings\admin\Application Data\GlarySoft
2009-01-01 18:44 . 2009-01-01 18:44 <DIR> d-------- c:\documents and settings\admin\Application Data\CyberLink
2009-01-01 11:10 . 2009-01-01 11:10 3,731 --a------ c:\windows\wtran32.INI
2008-12-31 16:46 . 2009-01-17 23:09 2,839 --a------ c:\windows\wdict32.INI
2008-12-31 16:09 . 2008-12-31 16:09 <DIR> d-------- c:\program files\PC Translator
2008-12-29 10:07 . 2008-12-29 10:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\VirtualFarm
2008-12-29 09:23 . 2008-12-29 09:23 <DIR> d-------- c:\windows\INDSOFT
2008-12-29 09:21 . 2008-12-29 09:21 <DIR> d-------- c:\documents and settings\admin\Application Data\Astro Gemini Software
2008-12-29 09:21 . 2007-11-06 14:16 106,496 --a------ c:\windows\system32\Astro Gemini Screensaver Manager.scr
2008-12-27 20:00 . 2008-12-27 20:00 <DIR> d-------- c:\program files\Glary Utilities
2008-12-27 12:35 . 2008-04-14 06:12 91,136 --a------ c:\windows\system32\kswdmcap.ax
2008-12-27 12:35 . 2008-04-14 06:12 91,136 --a--c--- c:\windows\system32\dllcache\kswdmcap.ax
2008-12-27 12:35 . 2008-04-14 06:12 61,952 --a------ c:\windows\system32\kstvtune.ax
2008-12-27 12:35 . 2008-04-14 06:12 61,952 --a--c--- c:\windows\system32\dllcache\kstvtune.ax
2008-12-27 12:35 . 2008-04-14 06:12 53,760 --a------ c:\windows\system32\vfwwdm32.dll
2008-12-27 12:35 . 2008-04-14 06:12 53,760 --a--c--- c:\windows\system32\dllcache\vfwwdm32.dll
2008-12-27 12:35 . 2008-04-14 06:12 43,008 --a------ c:\windows\system32\ksxbar.ax
2008-12-27 12:35 . 2008-04-14 06:12 43,008 --a--c--- c:\windows\system32\dllcache\ksxbar.ax
2008-12-27 12:35 . 2008-04-14 06:12 28,672 --a------ c:\windows\system32\vidcap.ax
2008-12-27 12:35 . 2008-04-14 06:12 28,672 --a--c--- c:\windows\system32\dllcache\vidcap.ax
2008-12-27 12:33 . 2008-12-27 12:33 <DIR> d-------- c:\windows\PixArt
2008-12-27 12:33 . 2008-12-27 12:33 <DIR> d-------- c:\windows\Cache
2008-12-27 12:33 . 2008-12-27 12:33 <DIR> d-------- c:\windows\Album
2008-12-27 12:33 . 2008-12-27 12:33 <DIR> d-------- c:\program files\VideoCAM GE111
2008-12-27 12:33 . 2008-12-27 12:33 <DIR> d-------- c:\program files\Common Files\PCCamera
2008-12-27 12:32 . 2008-12-27 12:32 <DIR> d-------- c:\windows\Downloaded Installations
2008-12-27 08:01 . 2008-12-05 18:48 499,712 --a------ c:\windows\system32\msvcp71.dll
2008-12-27 08:01 . 2008-12-05 18:48 348,160 --a------ c:\windows\system32\msvcr71.dll
2008-12-26 08:22 . 2008-04-14 00:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2008-12-26 08:22 . 2008-04-14 00:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2008-12-25 08:42 . 2009-01-17 08:55 <DIR> d-------- c:\windows\SxsCaPendDel
2008-12-25 08:09 . 2008-12-27 08:04 <DIR> d-------- c:\windows\system32\Adobe
2008-12-24 14:38 . 2008-12-24 14:38 <DIR> d-------- c:\program files\Opera
2008-12-24 14:38 . 2008-12-24 14:38 0 --a------ c:\windows\nsreg.dat
2008-12-24 14:37 . 2008-12-24 14:38 7,848,496 --a------ C:\Firefox Setup 3.0.5.exe
2008-12-24 14:36 . 2008-12-24 14:36 7,408,904 --a------ C:\Opera_963_int_Setup.exe
2008-12-24 12:13 . 2009-01-17 22:36 <DIR> d-------- c:\program files\Conduit
2008-12-24 12:12 . 2009-01-03 13:05 <DIR> d-------- c:\program files\BitLord
2008-12-24 12:12 . 2008-12-24 12:12 3,096,064 --a------ C:\BitLord_1.01.exe
2008-12-24 11:39 . 2009-01-17 12:13 69 --a------ c:\windows\NeroDigital.ini
2008-12-23 20:46 . 2009-01-18 11:03 <DIR> d-------- c:\program files\Taskbar Shuffle
2008-12-23 20:43 . 2008-12-23 20:43 <DIR> d-------- c:\program files\Fractalis Software
2008-12-23 20:32 . 2009-01-18 15:01 <DIR> d-------- c:\documents and settings\admin\Application Data\skypePM
2008-12-23 20:32 . 2008-12-23 20:32 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-12-23 20:30 . 2008-12-23 20:30 <DIR> d-------- c:\program files\Skype
2008-12-23 20:30 . 2008-12-23 20:30 <DIR> d-------- c:\program files\Common Files\Skype
2008-12-23 20:30 . 2008-12-23 20:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype
2008-12-23 20:30 . 2009-01-18 15:28 <DIR> d-------- c:\documents and settings\admin\Application Data\Skype
2008-12-22 22:59 . 2008-12-22 22:59 <DIR> d-------- c:\windows\system32\sk-SK
2008-12-22 22:41 . 2008-12-22 22:42 <DIR> d-------- c:\windows\system32\URTTemp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-17 23:26 --------- d-----w c:\program files\Zoner
2009-01-17 22:14 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-01-17 22:12 --------- d-----w c:\program files\SpywareBlaster
2009-01-17 21:30 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-14 15:48 --------- d-----w c:\documents and settings\admin\Application Data\Vso
2009-01-07 11:05 --------- d-----w c:\program files\Winamp
2008-12-30 07:37 --------- d-----w c:\program files\CD Audio MP3 Converter
2008-12-27 05:53 --------- d-----w c:\program files\DVDFab Platinum 3
2008-12-25 07:42 --------- d-----w c:\program files\Common Files\Adobe
2008-12-22 19:49 737,280 ----a-w c:\windows\iun6002.exe
2008-12-22 19:49 --------- d-----w c:\program files\Codec Pack - All In 1
2008-12-22 19:41 --------- d-----w c:\program files\Realtek
2008-12-22 19:39 --------- d-----w c:\program files\S3
2008-12-22 19:38 --------- d-----w c:\program files\VIA
2008-12-22 19:30 --------- d-----w c:\program files\microsoft frontpage
2008-12-22 19:26 --------- d-----w c:\program files\Windows Media Connect 2
2008-12-22 18:42 --------- d-----w c:\documents and settings\admin\Application Data\IsolatedStorage
2008-12-22 18:03 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-22 18:03 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-12-22 16:41 --------- d-----w c:\program files\Symantec
2008-12-22 16:41 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-22 16:39 --------- d-----w c:\documents and settings\admin\Application Data\Zoner
2008-12-22 16:37 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-22 16:37 --------- d-----w c:\program files\CyberLink
2008-12-22 16:37 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2008-12-22 16:36 --------- d-----w c:\program files\Webteh
2008-12-22 16:36 --------- d-----w c:\program files\Common Files\InstallShield
2008-12-22 16:35 --------- d-----w c:\documents and settings\admin\Application Data\Ahead
2008-12-22 16:33 --------- d-----w c:\program files\Microsoft.NET
2008-12-22 16:33 --------- d-----w c:\program files\Microsoft Works
2008-12-22 16:31 87,608 ----a-w c:\documents and settings\admin\Application Data\ezpinst.exe
2008-12-22 16:31 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-12-22 16:31 47,360 ----a-w c:\documents and settings\admin\Application Data\pcouffin.sys
2008-12-22 16:31 --------- d-----w c:\program files\Common Files\Ahead
2008-12-22 16:30 --------- d-----w c:\program files\Nero
2008-12-22 16:27 --------- d-----w c:\program files\ESET
2008-12-22 16:27 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
.

((((((((((((((((((((((((((((( snapshot@2009-01-17_22.45.45,50 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-10 16:46:33 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-01-17 23:30:29 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"Taskbar Shuffle"="c:\program files\Taskbar Shuffle\taskbarshuffle.exe" [2008-04-16 818176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Norton Ghost 9.0"="c:\program files\Symantec\Norton Ghost\Agent\GhostTray.exe" [2004-07-29 1122304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"VTTimer"="VTTimer.exe" [2006-09-21 c:\windows\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2007-09-30 c:\windows\system32\S3Trayp.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-02 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-17 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [2004-07-29 138780]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-12-16 21656]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-07-01 34312]
R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [2004-07-29 46779]
R3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2006-11-10 603648]
R4 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-07-01 468224]
.
Innehĺllet i mappen 'Schemalagda aktiviteter'

2009-01-18 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe []

2009-01-18 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-10-29 14:28]
.
.
------- Extra genomsökning -------
.
uStart Page = hxxp://www.zoznam.sk/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~1\PCTRAN~1\webie.dll
FF - ProfilePath - c:\documents and settings\admin\Application Data\Mozilla\Firefox\Profiles\wsinwa0q.default\

---- FIREFOX POLICY ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-18 15:32:17
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

genomsökningen avslutades lyckosamt
dolda filer: 0

**************************************************************************
.
Sluttid: 2009-01-18 15:33:21
ComboFix-quarantined-files.txt 2009-01-18 14:33:18
ComboFix2.txt 2009-01-18 14:16:52
ComboFix3.txt 2009-01-18 13:35:21
ComboFix4.txt 2009-01-17 21:46:30

Före genomsökningen: 22 164 160 512 bytes free
Efter genomsökningen: 12 adresárov, 22,154,334,208 voľných bajtov

231 --- E O F --- 2009-01-14 17:26:06

[Reklama]

[jaro3]

Najdi a smaž tuto složku: c:\windows\SxsCaPendDel
Nevím , proč zadrhává , žádnou nákazu tam již nevidím. Zkus restart.
Vlož sem ještě log z HJT a zkusíme ještě pročistit.

//EDIT nevím proč , ale ten druhý a třetí Combofix Ti to píše švédsky nebo , co je to za řeč, poprvé to bylo normálně ENG...

[Melania]

log HJT >>

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:53:39, on 18.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Taskbar Shuffle] C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 6120 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.
Nainstaluj si javu:
Java SE Runtime Environment 6u11
Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u11-windows-i586-p.exe

[Melania]

,..takze som urobila vsetko,ako si mi doporucil,akurat mi hodne dlho trva pokial mi nacita stranky,ale len na IE,..
,..Firefox slape rychlo,pekne vsetko nabieha,ale i ked teraz pisem/pracujem v IE/,mi to nejak brzdi /aj samotne pisanie je ako spomaleny film/ neviem,cim to moze byt,../ tak nejak mi to tu vsetko vlni,nejak ako ked pracujes v nudz.rezime-to len na prirovnanie/

,..inak ti mnohokrat dakujem !!! naozaj klobuk dolu si fakt jednicka !! prajem ti taktiez vela zdaru, nech sa ti dari

[jaro3]

Vlní se to jen v IE7, nebo i jinde ve win, myslím posuvník? Kdyby to bylo všude tak přeinstalovat ovladače ke grafice, ještě to upřesni.

[Melania]

,..nie,inde je to v pohode,..len v IE mi to robi tento problem,..uz ma to dost mrzi!!

[jaro3]

Zkus toto:
Stáhni si Dial-a-fix
Empty Temp Folders - Vyčistí dočasné adresáře %TEMP%, %TMP% a %WINDIR%/TEMP.
Fix SSL/HTTPS/Cryptsvc - Opraví problémy s prohlížením zabezpečných stránek.
ActiveX controls/codecs - Pokusí se o opravu prvků ActiveX.
Explorer/IE/OE/shell/WMP - Pokusí se o opravu Internet Exploreru, Outlook Expressu, Windows Media Playeru atd.
Klikni na kladívko-další možnosti:
Repair/reinstall IE - Reinstaluje Internet Explorer (případná potřeba instalačního media Windows).
Klikni na službu a pak na Go.
Čistila si pomocí CCleaneru a ATF Cleaneru?

[Melania]

pomocou CCleaneru a ATF Cleaneru som cistila,ale mozno je to blbost-ale robi to odkedy som nainst. tu Javu... je to mozne??

[jaro3]

Můžeš zkusit odinstalovat, ale ta java by spíš měla zabezpečit kvalitní načítání stránek, žádné zbytky po starších verzích javy tam nejsou vidět...
Nic mě nenapadá, snad jen Macromedia Flash Player? Zkus to prosím v jiné sekci , viry to již není , a ostatní prohlížeče jsou O.K. (?).

[Melania]

-ano,ostatne prehliadace su absolutne OK :)
-ja ti ale samozrejme mnohokrat dakujem,za pomoc,cas a trpezlivost!!! este raz prajem hodne zdaru

[jaro3]

Není zač!!