prosím o kontrolu PC 2

[Luigy88]

prosím o kontrolu PC 2

[Luigy88]

Trend Micro End User License Agreement 
Software: HijackThis
Version: English/Multi-country
Date: April 2007


IMPORTANT: YOU MUST CAREFULLY READ AND AGREE TO ALL TERMS AND
CONDITIONS OF THE FOLLOWING END USER LICENSE AGREEMENT BEFORE
INSTALLING OR USING THE SOFTWARE.

THIS AGREEMENT SETS FORTH THE TERMS AND CONDITIONS UNDER WHICH
TREND MICRO IS WILLING TO LICENSE THE "SOFTWARE" TO "YOU" AS AN
INDIVIDUAL USER OR AN AUTHORIZED REPRESENTATIVE OF AN ENTITY.
BY CLICKING THE "I ACCEPT" BUTTON BELOW, YOU ARE EXPRESSING YOUR
INTENT TO ENTER INTO, AND ARE ENTERING INTO, A BINDING LEGAL
CONTRACT ("AGREEMENT") BETWEEN YOU AND TREND MICRO
INCORPORATED OR ONE OF ITS AFFILIATES ("TREND MICRO"). THE TERMS
AND CONDITIONS OF THE AGREEMENT THEN APPLY TO YOUR USE OF THE
SOFTWARE. WE ENCOURAGE YOU TO PRINT A COPY OF THE AGREEMENT FOR
YOUR RECORDS
YOU MUST ACCEPT THIS AGREEMENT BEFORE YOU INSTALL OR USE THE
SOFTWARE. IF YOU ARE ACQUIRING THE SOFTWARE ON BEHALF OF AN ENTITY, THEN YOU
MUST BE PROPERLY AUTHORIZED TO REPRESENT THAT ENTITY AND TO
ACCEPT THIS AGREEMENT ON ITS BEHALF.

YOU ACCEPT THIS END USER LICENSE BY CLICKING THE "I ACCEPT" BUTTON
BELOW. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, SELECT
"I DO NOT ACCEPT". YOU WILL THEN NOT BE PERMITTED TO INSTALL OR USE
THE SOFTWARE.

1. LICENSE. Upon Your acceptance of the terms and conditions of this Agreement,
Trend Micro hereby grants You a nonexclusive, nontransferable, non-sublicensable,
royalty-free, worldwide license, to download, install the Software, for Your own use only.
Trend Micro reserves the right to enhance, modify, or discontinue the Software or to
impose new or different conditions on its use at any time without notice.

2. USE RESTRICTIONS AND OWNERSHIP. The Software is licensed not sold. Trend
Micro owns the title and intellectual property rights to the Software, and reserves all rights
not expressly granted to You in this Agreement. You agree that you will not rent, loan,
lease or sublicense the Software. You agree not to attempt to reverse engineer,
decompile, modify, translate, disassemble, discover the source code of, or create
derivative works from, any part of the Software or authorize others to undertake any of
these acts.

3. BACKUP. For as long as You use the Software, You agree to regularly back-up Your
computer programs and files ("Data") on a separate media. You acknowledge that the
failure to do so may cause You to lose Data in the event that any error in the Software
causes computer problems, and that Trend Micro is not responsible for any such Data
loss.

4. TERMINATION. Trend Micro may terminate the license at any time for any reason.
Upon such termination, You agree to delete or destroy all copies of the Software. You
may terminate this Agreement at any point by destroying or deleting all copies of the
Software.

5. REPORTS AND PRIVACY. At any time during the term of this Agreement, You may
choose to send to Trend Micro a report of log files that may include personal information
that the Software scanned on Your computer. By accepting this Agreement, You hereby
give Your consent to Trend Micro to process log file data provided by You ("Information")
in connection with this Agreement; processing may include collection, registration,
storage, modification or disclosure of such Information to third parties. As a condition to
using the Software and by accepting this Agreement, You ensure, represent and warrant
that You are legally permitted to provide Trend Micro with access to the Information and
You also give Your consent to Trend Micro to transfer or store the Information in one or
more of its group companies, located in and/or outside the country where You are
located, and/or in jurisdictions which may have a lower level of protection of Information
than is applicable in the country where You are located or where pr
ivacy laws may not be as stringent as those in Your own country.

6. CAUTION AND ACKNOWLEDGEMENT. The Software is designed to identify different
types of files, operating system changes, registry or browser settings, which, in Trend
Micro's judgment, may compromise computer security or productivity. You agree that
Trend Micro shall not be responsible for any removal or disabling of files or settings or the
results of such removal or disabling. You are solely responsible for selecting which files or
settings to remove from Your computer.

7. NO WARRANTY. THE SOFTWARE IS PROVIDED "AS IS," WITHOUT
WARRANTIES OF ANY KIND. TREND MICRO DOES NOT WARRANT THAT YOUR
USE OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR FREE. TO THE
FULLEST EXTENT PERMITTED BY APPLICABLE LAW, TREND MICRO DISCLAIMS
AND EXCLUDES ALL REPRESENTATIONS AND WARRANTIES WITH RESPECT TO
THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO IMPLIED WARRANTIES OF NONINFRINGEMENT OF THIRD PARTY RIGHTS,
SATISFACTORY QUALITY, MERCHANTABILITY, AND FITNESS FOR A
PARTICULAR PURPOSE.

8. NO LIABILITY FOR CONSEQUENTIAL DAMAGES.
(A) TREND MICRO DOES NOT SEEK TO LIMIT OR EXCLUDE ITS LIABILITY IN THE
EVENT OF DEATH OR PERSONAL INJURY CAUSED BY ITS NEGLIGENCE OR FOR
FRAUD OR FOR ANY OTHER LIABILITY FOR WHICH IT IS NOT PERMITTED BY
LAW TO EXCLUDE.
(B) TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, TREND MICRO
DISCLAIMS ALL LIABILITY FOR CONSEQUENTIAL, SPECIAL, INCIDENTAL OR
INDIRECT DAMAGES OF ANY KIND OR FOR LOST OR CORRUPTED DATA OR
MEMORY, SYSTEM CRASH, DISK/SYSTEM DAMAGE, LOST PROFITS OR
SAVINGS, OR LOSS OF BUSINESS, ARISING OUT OF OR RELATED TO THIS
AGREEMENT. YOU ALSO UNDERSTAND AND AGREE THAT YOU DOWNLOAD,
INSTALL AND/OR USE THE SOFTWARE AT YOUR OWN DISCRETION AND RISK
AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR
COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE USE OF THE
SOFTWARE.
9. CONSUMER PROTECTION AND PRIVACY. SOME COUNTRIES, STATES AND
PROVINCES, INCLUDING MEMBER STATES OF THE EUROPEAN ECONOMIC
AREA, DO NOT ALLOW CERTAIN EXCLUSIONS OR LIMITATIONS OF LIABILITY, SO
THE ABOVE DISCLAIMER OF WARRANTY AND EXCLUSION OR LIMITATION OF
LIABILITIES (SECTIONS 7 AND 8) MAY NOT FULLY APPLY TO YOU. YOU MAY
HAVE ADDITIONAL RIGHTS AND REMEDIES. SUCH POSSIBLE RIGHTS OR
REMEDIES, IF ANY, SHALL NOT BE AFFECTED BY THIS AGREEMENT. THERE
MAY BE MANDATORY REGULATIONS OR LEGAL PROVISIONS THAT ARE
APPLICABLE TO YOU AS A CONSUMER.
10. COMPLIANCE WITH ALL LAWS, EXPORT CONTROL. The Software is subject to
export controls under the U.S. Export Administration Regulations. The Software may not
be exported or re-exported to entities within, or residents or citizens of, embargoed
countries or countries subject to applicable trade sanctions, nor to prohibited or denied
persons or entities without proper government licenses. Information about such
restrictions can be found at the following websites: http://www.treas.gov/ofac/ and
http://www.bis.doc.gov/complianceandenf ... oCheck.htm. You are responsible
for any violation of the US export control laws related to Your copy of the Software. By
accepting this Agreement, You confirm that You are not a resident or citizen of any
country currently embargoed by the U.S. and that You are not otherwise prohibited from
receiving the Software.

11. U.S. GOVERNMENT RESTRICTED RIGHTS. If the entity on whose behalf You are
acquiring the Software is any unit or agency of the United States Government, then that
Government entity acknowledges that the Software, (i) was developed at private
expense, (ii) is commercial in nature, (iii) is not in the public domain, and (iv) is "Restricted
Computer Software" as that term is defined in Clause 52.227 19 of the Federal
Acquisition Regulations (FAR) and is "Commercial Computer Software" as that term is
defined in Subpart 227.471 of the Department of Defense Federal Acquisition Regulation
Supplement (DFARS). The Government agrees that (i) if the Software is supplied to the
Department of Defense (DoD), the Software is classified as "Commercial Computer
Software" and the Government is acquiring only "restricted rights" in the Software and its
documentation as that term is defined in Clause 252.227 7013(c)(1) of the DFARS, and
(ii) if the Software is supplied to any unit or agency of the United States Government ot
her than DoD, the Government's rights in the Software and its documentation will be as
defined in Clause 52.227 19(c)(2) of the FAR.

12. GOVERNING LAW. Unless otherwise required by the specific jurisdiction’s laws,
this Agreement will be governed by the laws of the State of California, USA, without
regard to the provisions of the United Nations Convention on Contracts for the
International Sale of Goods and the conflict of laws provisions of Your state or country of
residence.  

13. GENERAL PROVISIONS. This is the entire agreement between You and Trend
Micro with respect to the subject matter hereof and supersedes and replaces all prior or
contemporaneous understandings or agreements regarding such subject matter. Any
waiver of any provision of this Agreement will be effective only if in writing and signed by
Trend Micro. In the event that any provision or portion of this Agreement is found to be
invalid, that finding will not affect the validity of the remaining parts of this Agreement.
Trend Micro may assign or subcontract some or all of its obligations under this Agreement
to qualified third parties or its affiliates and/or subsidiaries, provided that no such
assignment or subcontract shall relieve Trend Micro of its obligations under this
Agreement.

14. QUESTIONS. Address all questions about this Agreement to:
legalnotice@trendmicro.com.


The Software is protected by copyright, trade secret and U.S. PATENT laws, and
international treaty provisions. UNAUTHORIZED REPRODUCTION OR DISTRIBUTION
IS SUBJECT TO CIVIL AND CRIMINAL PENALTIES.

[Luigy88]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Alfa at 2010-01-06 19:44:50
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 779 MB (4%) free of 19 GB
Total RAM: 767 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:20:13, on 24.6.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Alfa\Local Settings\Temporary Internet Files\Content.IE5\YZ01KLM5\RSIT[1].exe
C:\Program Files\trend micro\Alfa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 - URLSearchHook: (no name) - *{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 94.232.248.66 inetavirus.com
O1 - Hosts: 94.232.248.66 www.inetavirus.com
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{23E30203-1DF9-49B9-AD48-110D637D355B}: NameServer = 85.237.0.65 85.237.1.66
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c9a4f519563658) (gupdate1c9a4f519563658) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SonicStage SCSI Service SSScsiSVLmHosts (SSScsiSVLmHosts) - Unknown owner - C:\WINDOWS\system32\apcupsl.exe (file missing)
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Alfa/LOCALS~1/Temp/msohtml1/01/clip_image001.gif

--
End of file - 7391 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-963894560-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-963894560-682003330-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-22 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL [2009-08-22 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D}
{B922D405-6D13-4A2B-AE89-08A030DA4402}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-22 378736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2005-01-24 81920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
""=1 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"Google Update"=C:\Documents and Settings\Alfa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-02-09 25388584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe"="C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe:*:Enabled:Pomoc na diaľku - Windows Messenger a Voice"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"D:\dc++\StrongDC.exe"="D:\dc++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:RTC App Sharing"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26716a8c-d96b-11db-8e6c-000ea6a64348}]
shell\AutoRun\command - n1deiect.com
shell\explore\command - n1deiect.com
shell\open\command - n1deiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{def2fe04-f177-11de-be9e-000ea6a64348}]
shell\AutoRun\command - F:\Toshiba\more4you.exe


======File associations======

.js - open - "C:\Program Files\Macromedia\Dreamweaver 4\Dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2010-01-06 19:31:13 ----D---- C:\Documents and Settings\All Users\Application Data\Estsoft
2010-01-06 19:31:03 ----D---- C:\Documents and Settings\Alfa\Application Data\ESTsoft
2010-01-06 19:30:17 ----D---- C:\Program Files\ESTsoft
2009-12-09 20:32:05 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 20:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 20:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-09 20:28:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 20:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 20:27:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

======List of files/folders modified in the last 1 months======

2010-01-06 19:53:41 ----D---- C:\Documents and Settings\Alfa\Application Data\uTorrent
2010-01-06 19:45:40 ----D---- C:\WINDOWS\Prefetch
2010-01-06 19:45:26 ----D---- C:\Program Files\trend micro
2010-01-06 19:44:55 ----D---- C:\WINDOWS\temp
2010-01-06 19:41:28 ----D---- C:\Documents and Settings\Alfa\Application Data\Skype
2010-01-06 19:30:17 ----RD---- C:\Program Files
2010-01-06 17:40:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-06 16:07:26 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-28 11:51:17 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-28 11:44:01 ----SHD---- C:\WINDOWS\Installer
2009-12-28 11:44:00 ----HD---- C:\Config.Msi
2009-12-28 11:42:54 ----D---- C:\Program Files\Google
2009-12-25 18:06:30 ----HD---- C:\WINDOWS\inf
2009-12-21 23:27:51 ----D---- C:\Documents and Settings\Alfa\Application Data\Adobe
2009-12-09 21:11:56 ----D---- C:\WINDOWS\system32
2009-12-09 21:11:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 21:10:32 ----D---- C:\WINDOWS
2009-12-09 21:09:48 ----D---- C:\WINDOWS\system32\drivers
2009-12-09 20:32:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-09 20:31:02 ----A---- C:\WINDOWS\imsins.BAK
2009-12-09 20:29:19 ----D---- C:\Program Files\Internet Explorer
2009-12-09 20:28:03 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\BHDrvx86.sys [2009-08-22 259632]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\ccHPx86.sys [2009-09-15 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091230.004\IDSxpx86.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1007020.00B\SRTSPX.SYS [2009-08-22 43696]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMTDI.SYS [2009-08-22 217136]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-11-06 755392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100105.053\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100105.053\NAVEX15.SYS []
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-08-24 10240]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SRTSP.SYS [2009-08-22 308272]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMFW.SYS [2009-08-22 89904]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMIDS.SYS [2009-08-22 33072]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMNDIS.SYS [2009-08-22 36400]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [2009-08-22 117640]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2005-01-24 69632]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 gupdate1c9a4f519563658;Google Update Service (gupdate1c9a4f519563658); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-14 133104]
S2 SSScsiSVLmHosts;SonicStage SCSI Service SSScsiSVLmHosts; C:\WINDOWS\system32\apcupsl.exe srv []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-25 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-15 137200]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-02-26 65795]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 usnjsvc;Služba Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

[Luigy88]

prepacte za ten 1- a 2. prospevok....
PC je pomerne pomale , aj internetove pripojenie , tak neviem , ci nehodou som niekde nezchytal nejaku havet... dakujem za pomoc

[motji]

Hezké odpoledne
Kvůli těm dalším příspěvkům jste se nám ztratil v zodpovězených , příště když tak napište nějakému rádci, at se na Vás podívá

Něco tam je , nicméně máte nějak moc bezpečnostních programů , nechte jeden a zbytek odinstalujte

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem