Prosím o kontrolu logu. Dík.

[foxy_whiteFox]

Pc se znatelně zpomalilo, tady je log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:11:39, on 14.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\system32\PSIService.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\windows\system32\Rundll32.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Documents and Settings\Aleš\Dokumenty\Support\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC translator\WEBIE.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [BMf72c3c4a] Rundll32.exe "C:\windows\system32\ekxtrbop.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2025429265-1844823847-725345543-1007\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'mama')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: bw+0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: NVDESK32.DLL C:\windows\system32\guard32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\windows\system32\PSIService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\windows\system32\sfrem01.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 18107 bytes

[Reklama]

[memphisto]

po jen rychlé kontrole jsem v logu neviděl nic špatného. to zpomalení bych přisuzoval Spyware Doctorovi. to je nenasytný žrout paměti a CPU a dost zpomaluje PC.nechal bych si ho spíše pro občasnou kontrolu než jako rezidentní štít

fixnout můžeš:

O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

zaktualizujte Javu:

- Stáhni si poslení verzi Java Runtime Environment (JRE) 6 Update 5
- Posuň se dolů kde je napsáno Java Runtime Environment (JRE) 6 Update 5 a klikni na tlačítko Download
- Zatrhni možnost kde je napsáno: Accept License Agreement
- Stránka se ti znovu načte.
- Klikni na odkaz pro stažení: Windows Offline Installation, Multi-language a ulož si ho na disk
- Ukonči běžící programy které máš spuštěné, hlavě webový prohlížeč
- Jdi přes Start -> Ovládací panely -> Přidat nebo odebrat programy a odinstaluj všechny staré verze Javy
- Podívej se po položkách s názvem Java Runtime Environment (JRE or J2SE)
* příklady starých verzí v Přidat nebo odebrat programy:

J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2

- Odinstaluj je přes tlačítko Změnit nebo odebrat nebo Odebrat
- Odinstaluj postupně po sobě případné všechny staré verze Javy
- Po skončení odinstalovaní restartuj Pc.
- Pak už jen spusť instalaci poslední verze ze souboru jre-6u5-windows-i586-p.exe, který sis stáhl na začátku.

[foxy_whiteFox]

Dík memphisto. Toho SD jsem odinstaloval a hle; PC běží jak má...

[memphisto]

není zač.doplň ho ale něčím míň náročným.třeba Spyware Terminátorem.ten v poho stačí.jeden antispyware by měl běžet rezidentně

[fredik]

Nicméně to v pořádku není.

Fixni v HJT tuto položku:
O4 - HKLM\..\Run: [BMf72c3c4a] Rundll32.exe "C:\windows\system32\ekxtrbop.dll",s
po jejím fixnutí spusť znovu HJT a udělej si nový log.Pokud by se tam vyskytla nějaká podobná, nebo stejná položka, tak sem vlož log z ComboFix.

Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[foxy_whiteFox]

Tady je:

ComboFix 08-04-14.2 - Aleš 2008-04-15 7:36:39.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1595 [GMT 2:00]
Running from: C:\Documents and Settings\Aleš\Plocha\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\windows\pskt.ini
C:\windows\rs.txt
C:\windows\system32\awttuvwv.dll
C:\windows\system32\bhvauati.dll
C:\windows\system32\cchhydes.dll
C:\windows\system32\cqsgodef.dll
C:\WINDOWS\system32\deOYFfhk.ini
C:\WINDOWS\system32\deOYFfhk.ini2
C:\WINDOWS\system32\DNqAayay.ini
C:\WINDOWS\system32\DNqAayay.ini2
C:\windows\system32\ekxtrbop.dll
C:\windows\system32\eqwgqyqe.dll
C:\windows\system32\fccBtTJy.dll
C:\windows\system32\fccbYpNh.dll
C:\WINDOWS\system32\hpgnselw.ini
C:\WINDOWS\system32\itauavhb.ini
C:\windows\system32\khfFYOed.dll
C:\windows\system32\tuvvuTnL.dll
C:\WINDOWS\system32\Uvutwyay.ini
C:\WINDOWS\system32\Uvutwyay.ini2
C:\windows\system32\wlesngph.dll
C:\windows\system32\xqwnpciy.dll
C:\windows\system32\yayaAqND.dll
C:\windows\system32\yaywtuvU.dll

.
((((((((((((((((((((((((( Files Created from 2008-03-15 to 2008-04-15 )))))))))))))))))))))))))))))))
.

2008-04-15 08:09 . 2008-04-15 08:09 264,109 --a------ C:\Documents and Settings\Alecatchme.zip
2008-04-15 07:14 . 2008-04-15 07:15 <DIR> d-------- C:\Rustbfix
2008-04-15 07:14 . 2008-04-15 07:14 16 --a------ C:\chdir.bat
2008-04-13 23:22 . 2008-04-14 15:55 594 ---hs---- C:\WINDOWS\system32\kfwmsucw.ini
2008-04-13 18:53 . 2008-04-13 23:11 354 ---hs---- C:\WINDOWS\system32\vkewived.ini
2008-04-13 14:04 . 2008-04-14 22:35 101,147 --a------ C:\WINDOWS\BMf72c3c4a.xml
2008-04-06 23:47 . 2008-04-06 23:51 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-03-29 22:03 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-29 22:03 . 2008-03-29 00:19 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-29 22:03 . 2008-03-26 09:50 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-29 22:03 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-29 18:50 . 2008-03-29 18:51 6,095,052 --a------ C:\WINDOWS\REGBK03.ZIP
2008-03-28 11:12 . 2007-10-12 16:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-03-28 11:12 . 2007-10-12 16:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-03-28 11:12 . 2007-10-02 10:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-03-28 11:12 . 2007-10-22 04:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-03-24 23:57 . 2008-03-24 23:57 <DIR> d-------- C:\Program Files\OpenAL
2008-03-22 13:54 . 2008-03-22 13:55 <DIR> d-------- C:\Program Files\OsmismŘrky - ITPro CZ
2008-03-21 18:41 . 2008-04-14 23:44 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2008-03-20 16:25 . 2001-10-24 12:54 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-03-20 16:25 . 2001-10-24 12:54 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-03-20 16:25 . 2001-08-17 23:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-03-20 16:25 . 2001-08-17 23:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-03-20 16:22 . 2008-03-20 16:22 <DIR> d-------- C:\Program Files\A4Tech
2008-03-18 22:11 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\DIFX
2008-03-18 22:11 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-03-18 22:11 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-03-18 22:10 . 2008-03-18 22:10 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-03-18 22:10 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\Nokia
2008-03-18 22:10 . 2007-02-22 12:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-03-18 22:10 . 2007-02-22 12:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-03-18 22:10 . 2007-02-22 12:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-03-18 22:10 . 2007-02-22 12:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-03-18 22:10 . 2007-02-22 12:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-03-18 22:10 . 2007-02-22 12:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-03-18 03:05 . 2008-03-28 12:16 <DIR> d-------- C:\Documents and Settings\All Users\DRM
2008-03-15 23:35 . 2008-03-15 23:36 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-03-15 23:35 . 2008-03-15 23:35 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-15 23:35 . 2007-12-20 11:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-15 06:22 --------- d-----w C:\Program Files\SpeedFan
2008-04-15 04:49 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-04-14 15:27 --------- d-----w C:\Program Files\RegScrubXP
2008-04-14 04:45 --------- d-----w C:\Program Files\BeClean
2008-04-08 13:12 --------- d-----w C:\Program Files\Opera
2008-04-05 22:09 --------- d-----w C:\Program Files\MSN Messenger
2008-04-04 21:47 --------- d-----w C:\Program Files\Smarty Uninstaller Pro
2008-04-04 21:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-22 11:55 --------- d-----w C:\Program Files\Osmisměrky - ITPro CZ
2008-03-18 01:10 --------- d-----w C:\Program Files\Motorola Phone Tools
2008-03-18 01:07 --------- d-----w C:\Program Files\Avanquest update
2008-03-15 21:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-06 01:06 --------- d-----w C:\Program Files\DAEMON Tools
2008-03-01 20:12 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-27 18:44 --------- d-----w C:\Program Files\GameShadow
2008-02-26 14:21 22,328 ----a-w C:\windows\system32\drivers\PnkBstrK.sys
2008-02-24 15:06 --------- d-----w C:\Program Files\JetAudio
2008-02-24 14:57 --------- d-----w C:\Program Files\Common Files\COWON
2008-02-24 14:56 --------- d-----w C:\Program Files\Winamp
2008-02-20 10:11 33,800 ----a-w C:\windows\system32\drivers\epfwtdir.sys
2008-02-20 10:02 29,704 ----a-w C:\windows\system32\drivers\easdrv.sys
2008-02-20 10:01 39,944 ----a-w C:\windows\system32\drivers\eamon.sys
2007-05-13 17:22 88 -csh--r C:\windows\system32\F0DF32ECB0.sys
2007-05-13 17:22 2,516 -csha-w C:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\windows\system32\ctfmon.exe" [2004-08-17 15:49 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\cfp.exe" [2007-11-23 07:49 1481984]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 12:06 1443072]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-12-26 17:08 196608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 15:49 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 11:17 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awttuvwv]
awttuvwv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=NVDESK32.DLL C:\windows\system32\guard32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\ooVoo\\ooVoo.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"=
"F:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"F:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"F:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"F:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\windows\system32\drivers\sfsync03.sys [2005-12-06 17:11]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\windows\system32\DRIVERS\cmdguard.sys [2007-11-23 07:49]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\windows\system32\DRIVERS\cmdhlp.sys [2007-11-23 07:49]
R1 epfwtdir;epfwtdir;C:\windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 12:11]
R2 athsgt;athsgt;C:\windows\system32\DRIVERS\athsgt.sys [2008-01-27 12:46]
R2 limsgt;limsgt;C:\windows\system32\DRIVERS\limsgt.sys [2008-01-27 12:46]
R2 UxTuneUp;TuneUp Theme Extension;C:\windows\System32\svchost.exe [2004-08-17 15:49]
R3 PSched;Plánovač paketů technologie QoS;C:\windows\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\windows\system32\DRIVERS\Amps2prt.sys [2006-05-09 18:27]
S3 Asushwio;Asushwio;C:\windows\system32\drivers\Asushwio.sys [2005-04-30 14:30]
S3 jgameenp;jgameenp;C:\DOCUME~1\Tom\LOCALS~1\Temp\jgameenp.sys []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\windows\System32\TuneUpDefragService.exe [2008-03-15 23:35]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\windows\system32\DRIVERS\w200bus.sys [2006-11-07 10:42]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2008-04-11 15:15:00 C:\windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-15 08:22:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\WudfHost.exe
C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\WudfHost.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\SpeedFan\speedfan.exe
.
**************************************************************************
.
Completion time: 2008-04-15 8:27:16 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-15 06:27:08

Adresářů: 6, Volných bajtů: 30,490,124,288
Adres ý…: 8, Volněch bajt…: 31,192,760,320
.
2008-04-10 21:24:23 --- E O F ---

[fredik]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
C:\WINDOWS\system32\kfwmsucw.ini
C:\WINDOWS\system32\vkewived.ini
C:\WINDOWS\BMf72c3c4a.xml

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awttuvwv]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT.

[foxy_whiteFox]

Hranole, smaž si svůj příspěvek a založ si své téma. Dík

//příspěvěk uživatelel hranol přesunut do vlastního threadu
fredik

Tady to je fredíku:

ComboFix 08-04-14.2 - Aleš 2008-04-15 19:02:23.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1576 [GMT 2:00]
Running from: C:\Documents and Settings\Aleš\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Aleš\Plocha\CFScript.txt
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\BMf72c3c4a.xml
C:\WINDOWS\system32\kfwmsucw.ini
C:\WINDOWS\system32\vkewived.ini
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BMf72c3c4a.xml
C:\WINDOWS\system32\kfwmsucw.ini
C:\WINDOWS\system32\vkewived.ini

.
((((((((((((((((((((((((( Files Created from 2008-03-15 to 2008-04-15 )))))))))))))))))))))))))))))))
.

2008-04-15 08:27 . 2008-04-15 08:27 <DIR> d-------- C:\Documents and Settings\AleÜ
2008-04-15 08:09 . 2008-04-15 08:09 264,109 --a------ C:\Documents and Settings\Alecatchme.zip
2008-04-15 07:14 . 2008-04-15 07:15 <DIR> d-------- C:\Rustbfix
2008-04-15 07:14 . 2008-04-15 07:14 16 --a------ C:\chdir.bat
2008-04-13 23:04 . 2008-04-13 23:04 <DIR> d-------- C:\Documents and Settings\mama\Data aplikací\COWON
2008-04-06 23:47 . 2008-04-06 23:51 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-03-29 22:03 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-29 22:03 . 2008-03-29 00:19 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-29 22:03 . 2008-03-26 09:50 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-29 22:03 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-29 18:50 . 2008-03-29 18:51 6,095,052 --a------ C:\WINDOWS\REGBK03.ZIP
2008-03-28 11:17 . 2008-03-28 11:17 <DIR> d-------- C:\Documents and Settings\Aleš\Data aplikací\Ubisoft
2008-03-28 11:12 . 2007-10-12 16:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-03-28 11:12 . 2007-10-12 16:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-03-28 11:12 . 2007-10-02 10:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-03-28 11:12 . 2007-10-22 04:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-03-24 23:57 . 2008-03-24 23:57 <DIR> d-------- C:\Program Files\OpenAL
2008-03-22 13:54 . 2008-03-22 13:55 <DIR> d-------- C:\Program Files\Osmisměrky - ITPro CZ
2008-03-21 18:41 . 2008-04-15 08:50 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2008-03-20 16:25 . 2001-10-24 12:54 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-03-20 16:25 . 2001-10-24 12:54 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-03-20 16:25 . 2001-08-17 23:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-03-20 16:25 . 2001-08-17 23:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-03-20 16:22 . 2008-03-20 16:22 <DIR> d-------- C:\Program Files\A4Tech
2008-03-19 15:51 . 2008-03-19 15:51 <DIR> d-------- C:\Documents and Settings\Aleš\Data aplikací\PC Suite
2008-03-18 22:12 . 2008-03-18 22:18 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2008-03-18 22:11 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\DIFX
2008-03-18 22:11 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-03-18 22:11 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-03-18 22:10 . 2008-03-18 22:10 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-03-18 22:10 . 2008-03-18 22:11 <DIR> d-------- C:\Program Files\Nokia
2008-03-18 22:10 . 2007-02-22 12:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-03-18 22:10 . 2007-02-22 12:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-03-18 22:10 . 2007-02-22 12:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-03-18 22:10 . 2007-02-22 12:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-03-18 22:10 . 2007-02-22 12:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-03-18 22:10 . 2007-02-22 12:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-03-18 22:09 . 2008-03-18 22:09 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Installations
2008-03-18 03:05 . 2008-03-28 12:16 <DIR> d-------- C:\Documents and Settings\All Users\DRM
2008-03-15 23:36 . 2008-03-15 23:36 <DIR> d-------- C:\Documents and Settings\Aleš\Data aplikací\TuneUp Software
2008-03-15 23:35 . 2008-03-15 23:36 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-03-15 23:35 . 2008-03-15 23:35 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2008-03-15 23:35 . 2008-03-15 23:35 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-15 23:35 . 2007-12-20 11:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-15 16:55 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-04-15 15:19 --------- d-----w C:\Program Files\SpeedFan
2008-04-14 15:27 --------- d-----w C:\Program Files\RegScrubXP
2008-04-14 15:07 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-04-14 04:45 --------- d-----w C:\Program Files\BeClean
2008-04-08 13:12 --------- d-----w C:\Program Files\Opera
2008-04-05 22:09 --------- d-----w C:\Program Files\MSN Messenger
2008-04-04 21:47 --------- d-----w C:\Program Files\Smarty Uninstaller Pro
2008-04-04 21:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-30 13:25 --------- d-----w C:\Documents and Settings\Aleš\Data aplikací\Bioshock
2008-03-29 20:09 1,598 ----a-w C:\windows\system32\tmp.reg
2008-03-28 09:17 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2008-03-24 21:57 86,016 ----a-w C:\windows\system32\OpenAL32.dll
2008-03-24 21:57 413,696 ----a-w C:\windows\system32\wrap_oal.dll
2008-03-20 08:09 1,845,248 ----a-w C:\windows\system32\win32k.sys
2008-03-18 01:10 --------- d-----w C:\Program Files\Motorola Phone Tools
2008-03-18 01:07 --------- d-----w C:\Program Files\Avanquest update
2008-03-15 21:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-06 02:54 144,384 ----a-w C:\windows\system32\miccyhook.dll
2008-03-06 01:06 --------- d-----w C:\Program Files\DAEMON Tools
2008-03-01 20:12 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-01 13:02 826,368 ----a-w C:\windows\system32\wininet.dll
2008-02-27 18:44 --------- d-----w C:\Program Files\GameShadow
2008-02-26 14:21 669,184 ----a-w C:\windows\system32\pbsvc.exe
2008-02-26 14:21 66,872 ----a-w C:\windows\system32\PnkBstrA.exe
2008-02-26 14:21 22,328 ----a-w C:\windows\system32\drivers\PnkBstrK.sys
2008-02-26 14:21 22,328 ----a-w C:\Documents and Settings\Aleš\Data aplikací\PnkBstrK.sys
2008-02-26 14:21 103,736 ----a-w C:\windows\system32\PnkBstrB.exe
2008-02-24 15:06 --------- d-----w C:\Program Files\JetAudio
2008-02-24 14:58 --------- d-----w C:\Documents and Settings\Aleš\Data aplikací\COWON
2008-02-24 14:57 --------- d-----w C:\Program Files\Common Files\COWON
2008-02-24 14:56 --------- d-----w C:\Program Files\Winamp
2008-02-20 10:11 33,800 ----a-w C:\windows\system32\drivers\epfwtdir.sys
2008-02-20 10:02 29,704 ----a-w C:\windows\system32\drivers\easdrv.sys
2008-02-20 10:01 39,944 ----a-w C:\windows\system32\drivers\eamon.sys
2008-02-20 06:51 282,624 ----a-w C:\windows\system32\gdi32.dll
2008-02-20 05:38 45,568 ----a-w C:\windows\system32\dnsrslvr.dll
2008-02-17 14:08 107,888 ----a-w C:\windows\system32\CmdLineExt.dll
2008-02-15 21:00 --------- d-----w C:\Documents and Settings\Aleš\Data aplikací\Skype
2007-05-13 17:22 88 -csh--r C:\windows\system32\F0DF32ECB0.sys
2007-05-13 17:22 2,516 -csha-w C:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-04-15_ 8.26.48.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-15 06:19:49 2,048 --s-a-w C:\windows\bootstat.dat
+ 2008-04-15 15:16:41 2,048 --s-a-w C:\windows\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\windows\system32\ctfmon.exe" [2004-08-17 15:49 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\cfp.exe" [2007-11-23 07:49 1481984]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 12:06 1443072]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-12-26 17:08 196608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 15:49 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 11:17 1241088]

C:\Documents and Settings\Ashley\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Z stupce - speedfan.lnk - C:\Program Files\SpeedFan\speedfan.exe [2007-09-17 19:04:02 2902528]

C:\Documents and Settings\Aleç\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe [2007-09-17 19:04:02 2902528]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=NVDESK32.DLL C:\windows\system32\guard32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\ooVoo\\ooVoo.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"=
"F:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"F:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"F:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"F:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\windows\system32\drivers\sfsync03.sys [2005-12-06 17:11]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\windows\system32\DRIVERS\cmdguard.sys [2007-11-23 07:49]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\windows\system32\DRIVERS\cmdhlp.sys [2007-11-23 07:49]
R1 epfwtdir;epfwtdir;C:\windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 12:11]
R2 athsgt;athsgt;C:\windows\system32\DRIVERS\athsgt.sys [2008-01-27 12:46]
R2 limsgt;limsgt;C:\windows\system32\DRIVERS\limsgt.sys [2008-01-27 12:46]
R2 UxTuneUp;TuneUp Theme Extension;C:\windows\System32\svchost.exe [2004-08-17 15:49]
R3 PSched;Plánovač paketů technologie QoS;C:\windows\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\windows\system32\DRIVERS\Amps2prt.sys [2006-05-09 18:27]
S3 Asushwio;Asushwio;C:\windows\system32\drivers\Asushwio.sys [2005-04-30 14:30]
S3 jgameenp;jgameenp;C:\DOCUME~1\Tom\LOCALS~1\Temp\jgameenp.sys []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\windows\System32\TuneUpDefragService.exe [2008-03-15 23:35]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\windows\system32\DRIVERS\w200bus.sys [2006-11-07 10:42]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2008-04-11 15:15:00 C:\windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-15 19:18:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\windows\system32\winlogon.exe
-> C:\windows\system32\guard32.dll

PROCESS: C:\windows\system32\lsass.exe
-> C:\windows\system32\guard32.dll
.
Completion time: 2008-04-15 19:22:22
ComboFix-quarantined-files.txt 2008-04-15 17:22:04
ComboFix2.txt 2008-04-15 06:27:17

Adresářů: 6, Volných bajtů: 31,130,165,248
Adresářů: 8, Volných bajtů: 31,129,116,672
.
2008-04-10 21:24:23 --- E O F ---

----------------------------------------------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:29:47, on 15.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\system32\PSIService.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Aleš\Dokumenty\Support\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PC translator\WEBIE.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC translator\WEBIE.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC translator\WEBIE.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: bw+0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2046CE26-F08F-41B7-8540-6FBDE6AC8E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: NVDESK32.DLL C:\windows\system32\guard32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\windows\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\windows\system32\sfrem01.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 18381 bytes

[fredik]

Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře ComboFix /u a dej Ok.
- mezi comobofix a /u musí být mezera

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Stáhni si a spusť T-cleaner, odstraní zálohy a pozůstatky použitých programů.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Doporučil bych ti jak už bylo zmíněno aktualizovat Javu.

Máš ještě problémy?

[foxy_whiteFox]

Vypadá to nadějně, dobrá práce! Díky všem.