PC-HELP.CZ

ComboFix 10-02-12.01 - noname 13.02.2010 20:53:25.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1535.907 [GMT 1:00]
Spuštěný z: c:\documents and settings\noname\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100213-1] *On-access scanning disabled* (Updated)

{7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton AntiVirus *On-access scanning enabled* (Updated)

{E10A9785-9598-4754-B552-92431C1C35F8}
.
ADS - WIN32: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\win32\system32\drivers\etc\lmhosts

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-13 do 2010-02-13

)))))))))))))))))))))))))))))))
.

2010-02-06 13:02 . 2001-10-24 11:24 110621 -c--a-w- c:\win32\system32\dllcache\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 11:24 110621 ----a-w- c:\win32\system32\digirlpt.dll
2010-02-06 13:02 . 2001-10-24 10:41 42432 -c--a-w- c:\win32\system32\dllcache\digirlpt.sys
2010-02-06 13:02 . 2001-10-24 10:41 42432 ----a-w- c:\win32\system32\drivers\digirlpt.sys
2010-01-30 19:00 . 2010-01-30 19:00 27632 ----a-w- c:\win32\system32\drivers\seehcri.sys
2010-01-30 17:30 . 2010-02-01 06:33 -------- d-----w- c:\program files\QuickTime
2010-01-30 16:57 . 2010-01-31 17:29 -------- d-----w- c:\win32\Downloaded Installations
2010-01-30 14:26 . 2010-01-30 14:26 -------- d-----w- c:\program files\AnvSoft
2010-01-30 14:25 . 2010-01-03 23:20 -------- d-----w- c:\program

files\Any.DVD.Converter.Professional.v4.0.1.(1.1.2010) (Šlape OKI)
2010-01-29 05:33 . 2006-03-23 08:38 69632 ----a-w- c:\win32\sm56spn.dll
2010-01-29 05:33 . 2006-03-23 08:38 69632 ----a-w- c:\win32\sm56itl.dll
2010-01-29 05:33 . 2006-03-23 08:38 69632 ----a-w- c:\win32\sm56eng.dll
2010-01-29 05:33 . 2006-03-23 08:38 69632 ----a-w- c:\win32\sm56brz.dll
2010-01-29 05:33 . 2006-03-23 08:38 61440 ----a-w- c:\win32\sm56ger.dll
2010-01-29 05:33 . 2006-03-23 08:38 61440 ----a-w- c:\win32\sm56fra.dll
2010-01-29 05:33 . 2006-03-23 08:38 53248 ----a-w- c:\win32\sm56jpn.dll
2010-01-29 05:33 . 2006-03-23 08:38 49152 ----a-w- c:\win32\sm56cht.dll
2010-01-29 05:33 . 2006-03-23 08:38 49152 ----a-w- c:\win32\sm56chs.dll
2010-01-27 04:37 . 2010-01-27 04:37 -------- d-----w- c:\program files\Innovative Solutions
2010-01-27 01:24 . 2010-01-27 01:24 -------- dc----w- C:\inetpub
2010-01-27 01:22 . 2010-01-27 01:22 -------- d-----w- c:\win32\system32\wbem\MUI
2010-01-25 05:46 . 2010-01-25 05:46 -------- d-----w- c:\program files\PSPad editor
2010-01-24 23:32 . 2010-01-25 01:32 -------- d-----w- c:\program files\Notepad++
2010-01-24 20:54 . 2010-02-13 14:42 -------- dc----w- C:\Firefox cache
2010-01-18 20:49 . 2010-02-12 05:19 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-01-17 09:45 . 2010-01-17 09:45 -------- d-----w- c:\program files\Conduit
2010-01-17 09:45 . 2010-01-17 09:45 -------- d-----w- c:\program files\P2P_Torrent
2010-01-17 09:23 . 2010-01-17 11:28 -------- d-----w- c:\program files\Kazaa Acceleration Patch
2010-01-16 22:47 . 2008-09-26 17:01 621056 ----a-r- c:\win32\system32\drivers\mod7700.sys
2010-01-16 22:47 . 2009-10-07 11:01 102912 ----a-w-

c:\win32\system32\drivers\ewusbmdm.sys
2010-01-16 22:47 . 2008-09-26 17:01 113664 ----a-r- c:\win32\system32\drivers\ewusbnet.sys
2010-01-16 22:47 . 2008-09-26 17:00 24448 ----a-r- c:\win32\system32\drivers\ewdcsc.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis

))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-13 14:24 . 2010-01-02 22:28 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 5
2010-02-13 11:41 . 2009-01-30 21:18 298 ----a-w- c:\win32\dorp.dat
2010-02-12 18:15 . 2001-10-25 14:00 96734 ----a-w- c:\win32\system32\perfc005.dat
2010-02-12 18:15 . 2001-10-25 14:00 489228 ----a-w- c:\win32\system32\perfh005.dat
2010-02-01 06:33 . 2008-12-30 23:07 -------- d--h--w- c:\program files\InstallShield Installation

Information
2010-02-01 05:40 . 2009-01-09 12:28 -------- d-----w- c:\program files\Sony Ericsson
2010-01-31 17:32 . 2009-03-22 06:23 -------- d-----w- c:\program files\Common Files\Teleca

Shared
2010-01-30 14:16 . 2009-05-17 21:22 -------- d-----w- c:\program files\SlySoft
2010-01-21 19:10 . 2009-04-18 07:56 -------- d-----w- c:\program files\Opera
2010-01-17 01:48 . 2009-12-25 21:36 -------- d-----w- c:\program files\mozilla.org
2010-01-16 23:51 . 2009-10-24 10:03 -------- d-----w- c:\program files\Serials 2005
2010-01-16 23:41 . 2009-12-25 22:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-16 23:29 . 2009-05-02 14:18 -------- d-----w- c:\program files\Lavalys
2010-01-14 20:39 . 2010-01-12 06:10 -------- d-----w- c:\program files\USBTrace
2010-01-14 20:38 . 2009-04-28 11:36 -------- d-----w- c:\program files\Vodafone
2010-01-14 14:54 . 2010-01-12 06:11 16 ----a-w- c:\win32\system32\utinfo.dat
2010-01-12 12:29 . 2010-01-10 06:31 -------- d-----w- c:\program files\Maxthon2
2010-01-10 16:09 . 2010-01-10 16:09 389632 ----a-w- c:\win32\system32\CF14348.exe
2010-01-10 13:33 . 2010-01-10 13:33 0 ----a-w- c:\win32\system32\cid_store.dat
2010-01-10 10:13 . 2010-01-10 10:13 389632 ----a-w- c:\win32\system32\CF10216.exe
2010-01-10 09:40 . 2010-01-10 09:54 389632 ----a-w- c:\win32\system32\CF3646.exe
2010-01-10 09:36 . 2010-01-10 09:38 389632 ----a-w- c:\win32\system32\CF3041.exe
2010-01-10 09:24 . 2010-01-10 09:30 389632 ----a-w- c:\win32\system32\CF651.exe
2010-01-10 09:23 . 2010-01-10 09:24 389632 ----a-w- c:\win32\system32\CF390.exe
2010-01-07 21:45 . 2010-01-04 04:47 -------- d-----w- c:\program files\Trojan Remover
2010-01-07 21:43 . 2010-01-04 05:16 -------- d-----w- c:\program files\Anti Trojan Elite
2010-01-07 18:04 . 2010-01-04 01:25 -------- d-----w- c:\program files\Fighters
2010-01-06 05:57 . 2010-01-06 05:57 -------- d-----w- c:\program files\OO Software
2010-01-05 13:15 . 2010-01-05 13:15 -------- d-----w- c:\program files\Driver-Soft
2010-01-04 03:47 . 2010-01-03 21:55 -------- d-----w- c:\program files\CCleaner
2010-01-04 00:27 . 2010-01-02 16:23 -------- d-----w- c:\program files\Lavasoft
2010-01-03 19:13 . 2009-01-03 09:47 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-02 21:27 . 2009-12-14 21:54 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2
2009-12-29 02:36 . 2009-12-29 02:36 0 ----a-w- c:\win32\ativpsrm.bin
2009-12-29 02:14 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI Technologies
2009-12-29 01:24 . 2009-12-28 21:44 -------- d-----w- c:\program files\ATI
2009-12-28 20:03 . 2009-08-06 16:56 -------- d-----w- c:\program files\VSO
2009-12-28 20:01 . 2009-08-06 17:10 -------- d-----w- c:\program files\GRETECH
2009-12-28 11:40 . 2009-01-01 09:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-28 11:00 . 2009-01-31 14:51 -------- d-----w- c:\program files\Nokia
2009-12-27 13:57 . 2009-12-27 13:57 -------- d-----w- c:\program files\Alwil Software
2009-12-27 11:32 . 2009-12-27 11:32 -------- d-----w- c:\program files\AVG
2009-12-27 11:12 . 2009-12-26 22:56 -------- d-----w- c:\program files\Common Files\Symantec

Shared
2009-12-27 01:13 . 2009-10-28 18:44 -------- d-----w- c:\program files\Zkratky
2009-12-26 20:37 . 2009-12-07 04:46 -------- d-----w- c:\program files\CrackDown22
2009-12-26 19:35 . 2009-12-26 19:35 -------- d-----w- c:\program files\Windows Sidebar
2009-12-26 14:56 . 2009-12-17 12:26 -------- d-----w- c:\program files\ProxyPlus
2009-12-25 21:38 . 2009-04-13 10:26 335 -c--a-w- c:\win32\nsreg.dat
2009-12-25 21:37 . 2009-12-25 21:37 8657 ----a-w- c:\win32\mozver.dat
2009-12-23 17:01 . 2009-12-22 20:04 -------- d-----w- c:\program files\Panda Security
2009-12-19 13:31 . 2009-12-17 18:23 -------- d-----w- c:\program files\A4Proxy
2009-12-19 13:30 . 2009-08-06 17:39 -------- d-----w- c:\program files\DesktopPlant
2009-12-15 08:00 . 2009-12-15 08:01 411368 ----a-w- c:\win32\system32\deploytk.dll
2009-11-24 23:54 . 2009-12-29 05:13 1280480 ----a-w- c:\win32\system32\aswBoot.exe
2009-11-24 23:51 . 2009-12-29 05:13 93424 ----a-w- c:\win32\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-12-29 05:13 94160 ----a-w- c:\win32\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-12-29 05:13 114768 ----a-w- c:\win32\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-29 05:13 20560 ----a-w- c:\win32\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-29 05:13 48560 ----a-w- c:\win32\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-29 05:13 23120 ----a-w- c:\win32\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-29 05:13 27408 ----a-w- c:\win32\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-12-29 05:13 97480 ----a-w- c:\win32\system32\AvastSS.scr
2009-11-08 22:09 . 2009-11-08 22:09 4607344 ----a-w- c:\program files\PSPad.exe
2008-07-25 08:31 . 2009-05-19 01:17 28672 ----a-w- c:\program files\mozilla

firefox\components\flashgetXpi.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla

firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla

firefox\plugins\ssldivx.dll
2009-10-29 22:11 . 2010-01-17 11:34 251392 ----a-w- c:\program

files\opera\program\plugins\dapop.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program

files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program

files\opera\program\plugins\ssldivx.dll
.

------- Sigcheck -------

[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . .

c:\win32\system32\dllcache\tcpip.sys
[-] 2004-08-03 . 6A603809F598332DBEDD535BDBCE313E . 359040 . . [5.1.2600.2180] . .

c:\win32\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru

)))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P_.dll"

[2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B}]
2009-10-24 11:42 2655736 ----a-w- c:\program files\SpeedBit Video

Downloader\Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]
2009-11-09 17:38 2331672 ----a-w- c:\program files\P2P_Torrent\tbP2P_.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBFCD017-BCAD-42C3-9ED5-89DBDFC59171}"= "c:\program files\SpeedBit

Toolbar\Toolbar\SpeedBit.dll" [2009-10-23 2598896]
"{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P_.dll"

[2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{ebfcd017-bcad-42c3-9ed5-89dbdfc59171}]
[HKEY_CLASSES_ROOT\SPEEDBIT1.SPEEDBIT1.3]
[HKEY_CLASSES_ROOT\SPEEDBIT1.SPEEDBIT1]

[HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EBFCD017-BCAD-42C3-9ED5-89DBDFC59171}"= "c:\program files\SpeedBit

Toolbar\Toolbar\SpeedBit.dll" [2009-10-23 2598896]
"{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}"= "c:\program files\P2P_Torrent\tbP2P_.dll"

[2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{ebfcd017-bcad-42c3-9ed5-89dbdfc59171}]
[HKEY_CLASSES_ROOT\SPEEDBIT1.SPEEDBIT1.3]
[HKEY_CLASSES_ROOT\SPEEDBIT1.SPEEDBIT1]

[HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe"

[2008-11-04 2087424]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\win32\system32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\c:\0autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WIN32^Nabídka Start^Programy^Po

spuštění^Sledování připojení telefonu.lnk]
backupExtension=.CommonStartup
backup=c:\win32\pss\Sledování připojení telefonu.lnk.CommonStartup

[HKLM\~\startupfolder\C:^Documents and Settings^noname^Nabídka Start^Programy^Po

spuštění^A4Proxy.lnk]
backup=c:\win32\pss\A4Proxy.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless

Manager UI]
c:\win32\system32\WLTRAY [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\win32\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
2008-12-01 13:35 450560 ----a-w- c:\program files\VIAudioi\SBADeck\ADeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
2009-11-24 23:51 81000 ----a-w- c:\progra~1\ALWILS~1\Avast4\ashDisp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cproxy]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\DownloadAccelerator]
2009-10-29 22:11 2754048 ----a-w- c:\program files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2010-01-18 09:07 9072032 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-25 15:38 133104 ----atw- c:\documents and settings\noname\Local Settings\Data

aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kazaa Acceleration

Patch]
2010-01-17 09:45 792 ----a-w- c:\program files\Kazaa Acceleration Patch\Kazaa Acceleration

Patch.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\oodtray]
2009-09-11 23:34 2524416 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory

Dispatcher v2]
2006-06-19 20:15 499712 ----a-w- c:\win32\system32\spool\drivers\w32x86\3\fppdis2a.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\SpeedBitVideoAccelerator]
2009-10-23 14:15 1435240 ----a-w- c:\program files\SpeedBit Video

Accelerator\VideoAccelerator.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-02-03 21:21 61440 ----a-w- c:\program files\ATI

Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2007-03-14 14:52 3770024 ----a-w- c:\program files\TomTom HOME\TomTomHOME.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\www.cproxy.com]
2009-12-13 07:21 1896448 ----a-w- c:\program files\www.cproxy.com\CPROXY.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinProxy"=2 (0x2)
"NMIndexingService"=3 (0x3)
"wltrysvc"=2 (0x2)
"VideoAcceleratorService"=3 (0x3)
"O&O Defrag"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\

List]
"c:\\WIN32\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\noname\\Local Settings\\Data

aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TomTom HOME\\TomTomHOME.exe"=
"c:\\Program Files\\Vodafone\\HUAWEI K3520\\Driver\\DriverSetup.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe"=
"c:\\Program Files\\Lavalys\\EVEREST Ultimate Edition\\everest.exe"=
"c:\\Documents and Settings\\noname\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\AnvSoft\\Any DVD Converter Professional\\DVDConvPro.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\Kazaa Acceleration Patch\\Kazaa Acceleration Patch.exe"=
"c:\\Program Files\\OO Software\\Defrag\\oodag.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\UpDates.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\Setup\\avast.setup"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Mozilla Firefox 3.6 Beta 5\\firefox.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Fighters\\SLOW-PCfighter\\SLOW-PCfighter.exe"=
"c:\\Program Files\\Adobe\\Acrobat.com\\Acrobat.com.exe"=
"c:\\Program Files\\Innovative Solutions\\DriverMax\\devices.exe"=
"c:\\WIN32\\system32\\dpnsvr.exe"=
"c:\\WIN32\\system32\\dxdiag.exe"=
"c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
"e:\\setup_vmc_lite.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1:TCP"= 1:TCP:*:Disabled:BT COM
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)
"AllowRedirect"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\win32\system32\drivers\klbg.sys [27.12.2009 2:17

33808]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\win32\system32\drivers\xfilt.sys [24.10.2009 11:23 22168]
R1 aswSP;avast! Self Protection;c:\win32\system32\drivers\aswSP.sys [29.12.2009 6:13 114768]
R1

HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c

:\win32\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [29.10.2009 18:51

24064]
R2 aswFsBlk;aswFsBlk;c:\win32\system32\drivers\aswFsBlk.sys [29.12.2009 6:13 20560]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile

Connect\Bin\VMCService.exe [4.11.2008 11:39 14336]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\win32\system32\drivers\klmouflt.sys [27.12.2009 2:18

19472]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\win32\system32\drivers\seehcri.sys [30.1.2010

20:00 27632]
S1 SASKUTIL;SASKUTIL; [x]
S3 ATE_PROCMON;ATE_PROCMON; [x]
S3 AVFSFilter;AVFSFilter;c:\win32\system32\DRIVERS\avfsfilter.sys -->

c:\win32\system32\DRIVERS\avfsfilter.sys [?]
S3 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN

v4.0.21006_X86;c:\win32\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [7.10.2009 1:44

129856]
S3 DIGIRPS;Ovladač Digi PortServer Driver;c:\win32\system32\drivers\digirlpt.sys [6.2.2010 14:02

42432]
S3 FTLUND;Lundinova Filter Driver;c:\win32\system32\drivers\ftlund.sys [14.2.2009 15:17 6828]
S3 GTMMDMUSB;GT M 3G+ USB MDM;c:\win32\system32\drivers\gtmmdmusb.sys [9.1.2010 22:00

25472]
S3 GTMSERUSB;GT M 3G+ USB SER;c:\win32\system32\drivers\gtmserusb.sys [9.1.2010 19:45

21888]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\win32\system32\drivers\klim5.sys [27.12.2009 2:18

31760]
S3 utdrv;utdrv; [x]
S3 VideoAcceleratorService;VideoAcceleratorService; [x]
S3 zFTPSvc;zFTPServer; [x]
S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache

4.0.0.0;c:\win32\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [7.10.2009

1:44 752984]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - WPFFONTCACHE_V0400
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download with Rapget
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth

Software\btsendto_ie_ctx.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
IE: ???????? ? ????-??????
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} -

c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} -

c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} -

c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} -

c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} -

c:\translat\WEBIE.DLL
LSP: c:\progra~1\SPEEDB~2\sblsp.dll
TCP: {4D898CA6-F4BF-4DF3-9FA5-F2F129680E23} = 217.77.165.81,217.77.161.131
FF - ProfilePath - c:\documents and settings\noname\Data

aplikací\Mozilla\Firefox\Profiles\77xv9e16.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\noname\Data

aplikací\Mozilla\Firefox\Profiles\77xv9e16.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211d

b97}\platform\WINNT_x86-msvc\components\pagespeed.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox 3.6 Beta 5\defaults\pref\firefox-l10n.js -

pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-HijackThis - g:\wintools\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-13 21:00
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="B63DC7CD0802A42A38BA5BA702986FC21478533CACD5327

A8F3AABB9041C3A99C25870391F13CF0447B95951E2842277F6110503C98BC51EBA76B4EFBB0E356CE

9C9A1E3F08A77523568DCACEBB4C1BDA92EC6447FE134E83BD08D4562C427FCE7FB4139597B047FE0

4C74ABEA69ABFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E

127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA2D97226D213B555A6171C1

1EC38DE3DF1502D1769CDB3241FFDFEA9DBC7EF0C2F04112A43ACDD9AF199D40AF589339B2C610244

3B5C59160B1D02FBEA5347B4DDECBBB6CD0A303DAF1A2619DC677F1EA0F62CBA447D248B994D600B

4284AFA34BDD06C0C762BEAC006EDB5BF63C39DF3D67CC3BEA215E43AE83DB3FCB3E2012EE8CE9783

E27CDBB11ACCE6C97AB93EA834B39E7E43DC81FC2796263C5E6065CD6F4977317D2965EA3B28BC7E6

E034EB0B80F847BFCD14A6DFAF9B2841E940002156F0A8065EC5AD8BA04FD0600535347D27C842DD4

D6884A6E4DF9E24B423A383348C7597CA7DE534590FCA53CAA4BB1A2599A872406008C823BC3F29BA

768D46D43399AA1D52E91A8572E06467049B32248F2D072A0CA48E3274E5DB7377AA4444653AEF594

DBB4E92D4200B914A912B1083E378156D6F529F7C5221D7D489EFD15660710F6A06752EC4F91387DF

FE811A014AF68FFB24843F7E262CE7B35FCB8FEA7607CA1C164B4F06C21C0AA5EAC139C93D882B22A2

A72756E908A4AB84F0D43DCEE023C75B9AAC913599DC6AFE0FA3D1FE04FC3F6C533097891217C7F28

B3D1D1C022D44EB454112ED55C776081ED9C236189EA7A9B27987547C47094B5B280CF7C005607F41

4F676EE79A03F83C9A776E44AD20A385E41EFBCB46E351B538C1DE47CB5DF4965A241C43223DE7C46

B0114DDCC654B9D988A9ADBA4BFEE02D429AF15246ECA64A990C02A36498DAB16A3F98C2025B1E47

E2DA9D87BF72D3DA85EB0FCB53EA75A4A270AB5AC3B49F62859574F52040FD3C51D0945E25EBDF62

4368926ACE8543E0C9908CF659D1BC071CCC6F49118BDFADFA2FA76FAB573537836C68AB7803DE983

4932BA3E6FAB37085F45230EEBBCFD82BA299566B5C70C9E9958F90B89734A87CE5F089CA1C11C4426

37D2FE002F13A8971EA2CA8B556BD1CD92155E7C2B5F3675CF1FE99ACDC6C4E8E0D01C455B078F9FC

96DD3565C538FF5AED46DC73E41EE3DA13E13B360A0E8246EBCA4252CB73A6B7D1CB02ABF371C68C8

03F7C9299655585DF2073C30A8D6096D0DD9783119ED4972A8920F0920FD30603F41D90D9D5130EA2

33C769671787B4F8901101D32363A43603082632A810B5C7A91412EA68FDD1805A916119F7914ECCE

E3AD479E5FF270E6C4721F0434EB02FD333C7799013494A44DC7C26F"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(612)
c:\win32\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(668)
c:\program files\SpeedBit Video Accelerator\Accelerator.dll
c:\program files\SpeedBit Video Accelerator\CommPipe.dll
c:\program files\SpeedBit Video Accelerator\Collector.dll
.
Celkový čas: 2010-02-13 21:03:54
ComboFix-quarantined-files.txt 2010-02-13 20:03

Před spuštěním: 6 845 775 872
Po spuštění: 6 819 442 688

Current=7 Default=7 Failed=6 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 38E02EB4EFBE9C2EBBE8AD66B08FE389

Kdo Ti radil Combofix??
Co ty dva antiviry??

Používám Avast,ten Norton jsem používal dříve,před instalací Avastu jsem ho odinstaloval,vůbec nevím proč se mi tam hlásí když ho už v PC nemám.Kontrolu logu dělám poprvé,na netu jsem našel Combofix a HijackThis,nemám ani s jedním žádné zkušenosti tak jsem náhodně zvolil Combofix.Budu vděčný za každou dobrou radu.Díky

Nejdříve Hjt! Proto se tato sekce jmenuje HiJackThis.
Combofix jen za rady pomocníků.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47:23, on 15.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WIN32\System32\smss.exe
C:\WIN32\system32\winlogon.exe
C:\WIN32\system32\services.exe
C:\WIN32\system32\lsass.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\WIN32\system32\Ati2evxx.exe
C:\WIN32\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WIN32\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\WIN32\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WIN32\system32\locator.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P_.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: SBCONVERT - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: SPEEDBIT1 - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} - C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P_.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~3\Toolbar\grabber.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: SpeedBit - {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} - C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O3 - Toolbar: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P_.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN32\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\win32\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D898CA6-F4BF-4DF3-9FA5-F2F129680E23}: NameServer = 217.77.165.81,217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{57A535B7-15C5-457E-BCD0-202C73ADD322}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WIN32\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WIN32\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: VideoAcceleratorService - VIA Technologies, Inc. - (no file)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WIN32\System32\wltrysvc.exe

--
End of file - 8462 bytes

Vemu to kdyžtak já Jaro mě potom doplní.
Stáhni Norton-Removal-Tool 834kb

---

Zaškrtni a fixni :

Stáhni si ATF Cleaner
Spust a stiskni na select all found
Jestli jedeš přes Mozilu Firefox klikni na Firefox nahoře a vyber: Select All, potom klikni na Empty Selected.
Jestli jedeš přes Operu klikni nahoře na Operu a vyber: Select All, potom klikni na Empty Selected.
Až se to vyčistí klikni na exit pro ukončení.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

15.2.2010 22:47:06
mbam-log-2010-02-15 (22-46-20).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 158519
Uplynulý čas: 9 minute(s), 23 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bc4be15d-6a34-4356-9e97-79e43da32b1d} (Adware.Shopper) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{bc4be15d-6a34-4356-9e97-79e43da32b1d} (Adware.Shopper) -> No action taken.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Documents and Settings\noname\Data aplikací\svighost.dll (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrator.NONAME-AD9F9473\results.txt (Malware.Trace) -> No action taken.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit log z MbAM.

Vlož znovu HjT log ať se ujistíme že je vše správné.

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

15.2.2010 23:21:13
mbam-log-2010-02-15 (23-21-13).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 158440
Uplynulý čas: 8 minute(s), 6 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bc4be15d-6a34-4356-9e97-79e43da32b1d} (Adware.Shopper) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{bc4be15d-6a34-4356-9e97-79e43da32b1d} (Adware.Shopper) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Documents and Settings\noname\Data aplikací\svighost.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator.NONAME-AD9F9473\results.txt (Malware.Trace) -> Quarantined and deleted successfully.

Odinstaluj si: SPEEDBIT, MyAshampoo Toolbar , ASk a P2P Torrent Toolbar.

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Když to nepujde musíš ručně smazat:
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
a Combofix.exe
Pak si stáhni OTCleanIt.
- Připoj se k internetu a dvojklikem spusť program
- Klikni na tlačítko CleanUp
- Po dokončení povol restart PC
- Po restartu tento nástroj smaž - není určen pro běžné používání

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)