Potrebuji poradit mam spyware

[zpev]

je pravda ze uz chodi lepe ale mam porad tapetu modrou tapetu s napisem ze tam mam spyware jinak uz reaguje lepe. Jo a nemuzu spustit skype

[Reklama]

[Baron Prášil]

hele,tohle je nanic. proč si instaloval aviru??

takže to bude chtít tvrdší přístup,jinak se nehnem.

stáhni instalačku zkušební Eset Smart Security (nod)

stáhni ccleaner-jestli nemáš

použij T-Cleaner smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

stáhni znova Combofix na plochu.

odpoj se od netu.(fyzicky nejlépe)

restartuj komp do nouzvého režimu.

odinstaluj všechny bezpečnostní softy-antiviry,antispywary,firewally

pročisti ccleanerem

spust Combofix.

poté nainstaluj Eset Smart Security

restartuj do normálního režimu,připoj se k síti a pošli log z combofixu a log z hijackthis z norm.režimu

[zpev]

Tak ja myslim, ze uz je vse o.k. a vypis prikladam

ComboFix 08-04-04.1 - mira 2008-04-06 18:32:08.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1494 [GMT 2:00]
Running from: C:\Documents and Settings\mira\Plocha\ComboFix.exe
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\saiemod.dll

.
((((((((((((((((((((((((( Files Created from 2008-03-06 to 2008-04-06 )))))))))))))))))))))))))))))))
.

2008-04-06 18:20 . 2008-04-06 18:24 <DIR> d-------- C:\WINDOWS\LastGood
2008-04-06 18:16 . 2008-04-06 18:16 241 --a------ C:\Documents and Settings\mira\SR.vbs
2008-04-06 17:31 . 2008-04-06 17:31 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Avg7
2008-04-06 17:08 . 2008-04-06 18:26 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-06 14:20 . 2008-04-06 14:20 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-06 14:13 . 2008-04-06 14:13 <DIR> d-------- C:\Program Files\Sysmnt
2008-04-06 14:13 . 2008-04-06 14:13 <DIR> d-------- C:\Program Files\stc
2008-04-06 14:13 . 2008-04-06 14:13 <DIR> d-------- C:\Program Files\180search assistant
2008-04-06 14:13 . 2008-04-06 14:13 29,440 --a------ C:\WINDOWS\system32\shdocpe.dll
2008-04-06 14:13 . 2008-04-06 14:13 11,008 --a------ C:\WINDOWS\winsb.dll
2008-04-06 11:16 . 2008-04-06 11:16 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-06 02:31 . 2008-04-06 13:17 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-04-06 02:31 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-04-06 01:32 . 2008-04-06 01:32 30,720 --a------ C:\WINDOWS\system32\SIPSPI32.dll
2008-04-05 22:37 . 2008-04-05 22:37 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-04-04 19:24 . 2008-04-04 19:24 <DIR> d-------- C:\WINDOWS\wb
2008-04-02 08:43 . 2008-04-02 08:43 <DIR> d-------- C:\Program Files\directx
2008-04-02 07:48 . 2006-01-10 10:50 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll
2008-04-02 07:48 . 2005-12-22 04:22 5,685 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys
2008-04-02 07:48 . 2005-07-05 10:43 5,120 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2008-04-02 07:48 . 2005-07-05 10:43 3,328 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2008-04-02 04:19 . 2008-04-02 00:19 <DIR> d-------- C:\WINDOWS\NV10241392(2).TMP
2008-04-02 00:23 . 2008-04-02 00:26 <DIR> d-------- C:\WINDOWS\NV10201392.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-06 16:30 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Skype
2008-04-06 16:27 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-04-06 16:24 --------- d-----w C:\Program Files\ESET
2008-04-06 16:23 --------- d-----w C:\Program Files\SpeedFan
2008-04-06 15:31 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Grisoft
2008-04-06 15:26 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\TomTom
2008-04-06 15:11 --------- d-----w C:\Documents and Settings\mira\Data aplikací\skypePM
2008-04-06 12:20 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2008-04-06 11:17 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-04-06 10:42 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-05 22:07 --------- d-----w C:\Program Files\Lavasoft
2008-04-05 22:07 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-04 15:02 --------- d-----w C:\Program Files\Common Files\Logitech
2008-04-04 05:23 --------- d-----w C:\Program Files\Java
2008-04-03 19:21 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-02 05:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-02 05:52 --------- d-----w C:\Program Files\Asus
2008-04-01 22:19 --------- d-----w C:\Program Files\Analog Devices
2008-03-08 04:21 --------- d-----w C:\Program Files\Resco
2008-03-04 06:22 --------- d-----w C:\Documents and Settings\mira\Data aplikací\SUPERAntiSpyware.com
2008-03-02 02:26 --------- d-----w C:\Program Files\Netgate
2008-03-02 02:22 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\NETGATE
2008-03-02 02:05 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Lavasoft
2008-03-02 01:54 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-02-27 07:02 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-02-26 22:43 --------- d-----w C:\Program Files\Skype
2008-02-26 17:04 --------- d-----w C:\Program Files\Google
2008-02-26 17:02 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Styler
2008-02-25 20:45 --------- d-s---w C:\Documents and Settings\All Users\Data aplikací\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Western Digital
2008-02-25 20:45 --------- d-----w C:\Program Files\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\eSellerate
2008-02-25 20:45 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\InstallShield
2008-02-20 09:11 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2008-02-20 09:02 29,704 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2008-02-20 09:01 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2008-02-20 06:55 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\TERMINAL Studio
2008-02-16 01:57 --------- d-----w C:\Program Files\Britanik
2008-02-16 01:12 --------- d-----w C:\Program Files\Microsoft Games
2008-02-15 22:18 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-02-15 19:46 --------- d-----w C:\Program Files\Winamp
2008-02-13 20:10 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Sierra
2008-02-13 17:01 --------- d-----w C:\Program Files\Sierra
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB32.tmp
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB30.tmp
2008-01-18 08:46 37,376 ----a-w C:\WINDOWS\Internet Logs\xDB2E.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB33.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB31.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB2F.tmp
2008-01-18 08:46 1,288,192 ----a-w C:\WINDOWS\Internet Logs\xDB2D.tmp
2008-01-17 20:10 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-01-17 20:10 434,252 ----a-w C:\WINDOWS\system32\MSVCRTD.DLL
2008-01-17 20:10 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-01-17 20:10 216,576 ----a-w C:\WINDOWS\system32\monln.dll
2008-01-17 20:10 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll
2008-01-13 17:14 30,240 ----a-w C:\WINDOWS\system32\VRVD302.dll
2008-01-07 18:23 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-24 18:10 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2007-07-10 17:21 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IE Privacy Keeper"="C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" [2005-12-03 14:52 1015808]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 13:32 81920]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"speedfan"="C:\Program Files\SpeedFan\speedfan.exe" [2007-09-17 19:04 2902528]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 17:50 1289000]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-04-04 17:05 36864]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-05-31 13:09 1314816]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 18:14 8491008]
"nwiz"="nwiz.exe" [2007-10-04 18:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 04:07 843776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 18:14 81920]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 12:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Logitech Hardware Abstraction Layer"="C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2006-07-19 12:03 94208]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-08-03 09:44 529968]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-08-03 13:29 244520]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 20:29 39264]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IETI"="C:\Program Files\Skype\Phone\IEPlugin\unins000.exe" [ ]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-04-04 17:05:08 196608]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-04-04 17:02:49 671744]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo8"= VfWWDM32.dll
"msacm.lameacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm
"msacm.CoreFLAC_ACM"= C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"msacm.divxa32"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"msacm.l3acm"= l3codeca.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Microsoft Office Outlook"=C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE /recycle
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 RC 16.1\RivaTuner.exe" /S
"WD Button Manager"=WDBtnMgr.exe
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
"ASM"="C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe"
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"Ai Nap"="C:\Program Files\ASUS\AI Nap\AiNap.exe"
"Ai Gear Help"="C:\Program Files\ASUS\AI Gear\GearHelp.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Dc Strong\\StrongDC.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\mira\\Plocha\\Dc Strong\\StrongDC.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Documents and Settings\\mira\\Plocha\\My Mobile\\MyMobiler\\MyMobiler.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]
R1 OxFWLF;OxFWLF;C:\WINDOWS\system32\drivers\OxFWLF.sys [2007-05-25 10:17]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-01-04 15:13]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2008-01-04 15:13]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2008-01-04 15:13]
R1 VRVD302;VRVD302;C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-01-13 19:14]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2006-03-02 14:00]
R3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);C:\WINDOWS\system32\drivers\averhbtv.sys [2007-09-07 05:36]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2006-03-02 14:00]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 23:08]
R3 usbhub;Ovladač standardního rozbočovače USB;C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 23:08]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 14:00]
S0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys []
S2 0108381200634640mcinstcleanup;McAfee Application Installer Cleanup (0108381200634640);C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini []
S2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2002-11-18 17:05]
S2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2002-11-18 17:05]
S2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
S3 autorun;autorun;C:\huadio.tmp []
S3 FWL;Fwl Packet Filter;C:\Program files\Software602\602LAN SUITE\fwl.sys []
S3 OXUDIDRV;OXUDIDRV;C:\WINDOWS\system32\Drivers\OXUDIDRV_X32.sys [2007-05-25 10:17]
S3 SeNpf;SeNpf;C:\WINDOWS\system32\drivers\SeNpf.sys [2007-05-03 14:17]
S3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 TVICHW32;TVICHW32;C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [2007-01-18 14:38]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 AutoSyncService;Memeo AutoSync ;"C:\Program Files\Memeo\AutoSync\MemeoService.exe" [2007-07-06 18:28]
S4 hpdj00;hpdj00;C:\DOCUME~1\mira\LOCALS~1\Temp\hpdj00.exe []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f3a42284-69bf-11dc-a1ad-0018f3b14476}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe

*Newly Created Service* - EAMON
*Newly Created Service* - EASDRV
*Newly Created Service* - EKRN
*Newly Created Service* - EPFWTDIR
.
Contents of the 'Scheduled Tasks' folder
"2008-04-04 15:16:26 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2008-04-06 14:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"2008-04-04 15:16:03 C:\WINDOWS\Tasks\Úklid 1 kliknutím.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-06 18:35:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\autorun]
"ImagePath"="\??\C:\huadio.tmp"
.
Completion time: 2008-04-06 18:35:55
ComboFix-quarantined-files.txt 2008-04-06 16:35:52
Adresářů: 12, Volných bajtů: 68,724,912,128
Adresářů: 14, Volných bajtů: 68,705,157,120
.
2008-04-04 08:12:36 --- E O F ---




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:46:29, on 6.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\mira\Plocha\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Bleskově - {141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz (file missing)
O9 - Extra button: Centrum.cz - {2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz (file missing)
O9 - Extra button: Xchat - {2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz (file missing)
O9 - Extra button: Aktuálně - {2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Slovníky - {2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz (file missing)
O9 - Extra button: Supermapy - {309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz (file missing)
O9 - Extra button: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra 'Tools' menuitem: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra button: mp3.centrum.cz - {49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/ (file missing)
O9 - Extra button: Žena - {8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz (file missing)
O9 - Extra button: Fotoalba - {8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Počasí - {A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz (file missing)
O9 - Extra button: Sportplus - {BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz (file missing)
O9 - Extra button: Digitálně - {DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/ (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Stahuj.cz - {FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/ (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6027693703
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79C51EA5-57DF-4E3A-9B81-69C930530217}: NameServer = 192.168.10.1
O18 - Protocol: bw+0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: McAfee Application Installer Cleanup (0108381200634640) (0108381200634640mcinstcleanup) - Unknown owner - C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

--
End of file - 25164 bytes

[zpev]

Tak jsem to zkoušel odinstalovat a nainstalovat znovu skype a nejede jeste posilam vypis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:24:13, on 6.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mira\Plocha\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Bleskově - {141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz (file missing)
O9 - Extra button: Centrum.cz - {2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz (file missing)
O9 - Extra button: Xchat - {2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz (file missing)
O9 - Extra button: Aktuálně - {2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Slovníky - {2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz (file missing)
O9 - Extra button: Supermapy - {309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz (file missing)
O9 - Extra button: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra 'Tools' menuitem: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra button: mp3.centrum.cz - {49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/ (file missing)
O9 - Extra button: Žena - {8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz (file missing)
O9 - Extra button: Fotoalba - {8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Počasí - {A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz (file missing)
O9 - Extra button: Sportplus - {BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz (file missing)
O9 - Extra button: Digitálně - {DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/ (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Stahuj.cz - {FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/ (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6027693703
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79C51EA5-57DF-4E3A-9B81-69C930530217}: NameServer = 192.168.10.1
O18 - Protocol: bw+0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: McAfee Application Installer Cleanup (0108381200634640) (0108381200634640mcinstcleanup) - Unknown owner - C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

--
End of file - 25112 bytes

[Baron Prášil]

já nevím,jestli si myslíš,že snad vtipkuju. měl si všechno v nouzáku odinstalovat a nainstalovat Eset Smart Security. nestalo se z toho nic. takže kde je problém?

[zpev]

Zdravicko,

ne ja si nemyslim ,ze vtipkujes. Si vazim tve pomoci ale ten spyware uz zmizel jen mne nejde nahodit skype a IE5 se
mne nezobrazuje ikona a to same i u skype. Vim, ze mas toho dost tak se nezlob

[Baron Prášil]

já se nezlobím. ale ty šmejdi sou v Combofixu pořád. byla velká šance,kdyby jsi postupoval podle návodu,že by to bylo již vyřešeno. skype prostě přeinstaluj a ie5 je trochu starej ne?

[zpev]

Tak ja to udelam presne dle navodu a jestli jeste muzu poslu ti vypis

[Baron Prášil]

jo-udělej to stejně

[zpev]

Zdravicko,

tak tady to je

ComboFix 08-04-04.1 - mira 2008-04-06 21:46:36.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1520 [GMT 2:00]
Running from: C:\Documents and Settings\mira\Plocha\ComboFix.exe
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-03-06 to 2008-04-06 )))))))))))))))))))))))))))))))
.

2008-04-06 21:45 . 2008-04-06 21:45 <DIR> d-------- C:\WINDOWS\LastGood
2008-04-06 21:44 . 2008-04-06 21:44 <DIR> d-------- C:\Program Files\ESET
2008-04-06 18:16 . 2008-04-06 21:22 241 --a------ C:\Documents and Settings\mira\SR.vbs
2008-04-06 17:31 . 2008-04-06 17:31 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Avg7
2008-04-06 17:08 . 2008-04-06 21:30 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-06 14:20 . 2008-04-06 14:20 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-06 14:13 . 2008-04-06 14:13 <DIR> d-------- C:\Program Files\Sysmnt
2008-04-06 14:13 . 2008-04-06 14:13 <DIR> d-------- C:\Program Files\stc
2008-04-06 14:13 . 2008-04-06 14:13 11,008 --a------ C:\WINDOWS\winsb.dll
2008-04-06 11:16 . 2008-04-06 11:16 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-06 02:31 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-04-06 01:32 . 2008-04-06 01:32 30,720 --a------ C:\WINDOWS\system32\SIPSPI32.dll
2008-04-05 22:37 . 2008-04-05 22:37 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-04-04 19:24 . 2008-04-04 19:24 <DIR> d-------- C:\WINDOWS\wb
2008-04-02 08:43 . 2008-04-02 08:43 <DIR> d-------- C:\Program Files\directx
2008-04-02 07:48 . 2006-01-10 10:50 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll
2008-04-02 07:48 . 2005-12-22 04:22 5,685 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys
2008-04-02 07:48 . 2005-07-05 10:43 5,120 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2008-04-02 07:48 . 2005-07-05 10:43 3,328 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2008-04-02 04:19 . 2008-04-02 00:19 <DIR> d-------- C:\WINDOWS\NV10241392(2).TMP
2008-04-02 00:23 . 2008-04-02 00:26 <DIR> d-------- C:\WINDOWS\NV10201392.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-06 19:42 --------- d-----w C:\Program Files\SpeedFan
2008-04-06 19:31 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-06 19:31 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-06 19:31 --------- d-----w C:\Documents and Settings\mira\Data aplikací\SUPERAntiSpyware.com
2008-04-06 19:30 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-04-06 19:13 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Skype
2008-04-06 15:31 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Grisoft
2008-04-06 15:26 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\TomTom
2008-04-06 15:11 --------- d-----w C:\Documents and Settings\mira\Data aplikací\skypePM
2008-04-06 12:20 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2008-04-06 11:17 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-04-05 22:07 --------- d-----w C:\Program Files\Lavasoft
2008-04-04 15:02 --------- d-----w C:\Program Files\Common Files\Logitech
2008-04-04 05:23 --------- d-----w C:\Program Files\Java
2008-04-03 19:21 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-02 05:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-02 05:52 --------- d-----w C:\Program Files\Asus
2008-04-01 22:19 --------- d-----w C:\Program Files\Analog Devices
2008-03-08 04:21 --------- d-----w C:\Program Files\Resco
2008-03-02 02:26 --------- d-----w C:\Program Files\Netgate
2008-03-02 02:22 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\NETGATE
2008-03-02 02:05 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Lavasoft
2008-03-02 01:54 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-02-27 07:02 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-02-26 17:04 --------- d-----w C:\Program Files\Google
2008-02-26 17:02 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Styler
2008-02-25 20:45 --------- d-s---w C:\Documents and Settings\All Users\Data aplikací\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Western Digital
2008-02-25 20:45 --------- d-----w C:\Program Files\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\eSellerate
2008-02-25 20:45 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\InstallShield
2008-02-20 09:11 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2008-02-20 09:02 29,704 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2008-02-20 09:01 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2008-02-20 06:55 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\TERMINAL Studio
2008-02-16 01:57 --------- d-----w C:\Program Files\Britanik
2008-02-16 01:12 --------- d-----w C:\Program Files\Microsoft Games
2008-02-15 22:18 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-02-15 19:46 --------- d-----w C:\Program Files\Winamp
2008-02-13 20:10 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Sierra
2008-02-13 17:01 --------- d-----w C:\Program Files\Sierra
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB32.tmp
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB30.tmp
2008-01-18 08:46 37,376 ----a-w C:\WINDOWS\Internet Logs\xDB2E.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB33.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB31.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB2F.tmp
2008-01-18 08:46 1,288,192 ----a-w C:\WINDOWS\Internet Logs\xDB2D.tmp
2008-01-17 20:10 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-01-17 20:10 434,252 ----a-w C:\WINDOWS\system32\MSVCRTD.DLL
2008-01-17 20:10 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-01-17 20:10 216,576 ----a-w C:\WINDOWS\system32\monln.dll
2008-01-17 20:10 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll
2008-01-13 17:14 30,240 ----a-w C:\WINDOWS\system32\VRVD302.dll
2008-01-07 18:23 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-24 18:10 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2007-07-10 17:21 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IE Privacy Keeper"="C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" [2005-12-03 14:52 1015808]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 13:32 81920]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"speedfan"="C:\Program Files\SpeedFan\speedfan.exe" [2007-09-17 19:04 2902528]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 17:50 1289000]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-04-04 17:05 36864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 18:14 8491008]
"nwiz"="nwiz.exe" [2007-10-04 18:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 04:07 843776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 18:14 81920]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 12:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Logitech Hardware Abstraction Layer"="C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2006-07-19 12:03 94208]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-08-03 09:44 529968]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-08-03 13:29 244520]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 20:29 39264]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IETI"="C:\Program Files\Skype\Phone\IEPlugin\unins000.exe" [ ]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-04-04 17:05:08 196608]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-04-04 17:02:49 671744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo8"= VfWWDM32.dll
"msacm.lameacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm
"msacm.CoreFLAC_ACM"= C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"msacm.divxa32"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"msacm.l3acm"= l3codeca.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Microsoft Office Outlook"=C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE /recycle
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 RC 16.1\RivaTuner.exe" /S
"WD Button Manager"=WDBtnMgr.exe
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
"ASM"="C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe"
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"Ai Nap"="C:\Program Files\ASUS\AI Nap\AiNap.exe"
"Ai Gear Help"="C:\Program Files\ASUS\AI Gear\GearHelp.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Dc Strong\\StrongDC.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\mira\\Plocha\\Dc Strong\\StrongDC.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Documents and Settings\\mira\\Plocha\\My Mobile\\MyMobiler\\MyMobiler.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]
R1 OxFWLF;OxFWLF;C:\WINDOWS\system32\drivers\OxFWLF.sys [2007-05-25 10:17]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-01-04 15:13]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2008-01-04 15:13]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2008-01-04 15:13]
R1 VRVD302;VRVD302;C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-01-13 19:14]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2006-03-02 14:00]
R3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);C:\WINDOWS\system32\drivers\averhbtv.sys [2007-09-07 05:36]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2006-03-02 14:00]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 23:08]
R3 usbhub;Ovladač standardního rozbočovače USB;C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 23:08]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 14:00]
S0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys []
S2 0108381200634640mcinstcleanup;McAfee Application Installer Cleanup (0108381200634640);C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini []
S2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2002-11-18 17:05]
S2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2002-11-18 17:05]
S2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
S3 autorun;autorun;C:\huadio.tmp []
S3 FWL;Fwl Packet Filter;C:\Program files\Software602\602LAN SUITE\fwl.sys []
S3 OXUDIDRV;OXUDIDRV;C:\WINDOWS\system32\Drivers\OXUDIDRV_X32.sys [2007-05-25 10:17]
S3 SeNpf;SeNpf;C:\WINDOWS\system32\drivers\SeNpf.sys [2007-05-03 14:17]
S3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 TVICHW32;TVICHW32;C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [2007-01-18 14:38]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 AutoSyncService;Memeo AutoSync ;"C:\Program Files\Memeo\AutoSync\MemeoService.exe" [2007-07-06 18:28]
S4 hpdj00;hpdj00;C:\DOCUME~1\mira\LOCALS~1\Temp\hpdj00.exe []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f3a42284-69bf-11dc-a1ad-0018f3b14476}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe

*Newly Created Service* - EKRN
.
Contents of the 'Scheduled Tasks' folder
"2008-04-04 15:16:26 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2008-04-06 18:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"2008-04-04 15:16:03 C:\WINDOWS\Tasks\Úklid 1 kliknutím.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-06 21:49:41
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\autorun]
"ImagePath"="\??\C:\huadio.tmp"
.
Completion time: 2008-04-06 21:50:19
ComboFix-quarantined-files.txt 2008-04-06 19:50:16
Adresářů: 12, Volných bajtů: 69,109,022,720
Adresářů: 14, Volných bajtů: 69,089,472,512
.
2008-04-04 08:12:36 --- E O F ---


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:12, on 6.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mira\Plocha\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Bleskově - {141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz (file missing)
O9 - Extra button: Centrum.cz - {2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz (file missing)
O9 - Extra button: Xchat - {2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz (file missing)
O9 - Extra button: Aktuálně - {2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Slovníky - {2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz (file missing)
O9 - Extra button: Supermapy - {309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz (file missing)
O9 - Extra button: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra 'Tools' menuitem: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra button: mp3.centrum.cz - {49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/ (file missing)
O9 - Extra button: Žena - {8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz (file missing)
O9 - Extra button: Fotoalba - {8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Počasí - {A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz (file missing)
O9 - Extra button: Sportplus - {BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz (file missing)
O9 - Extra button: Digitálně - {DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/ (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Stahuj.cz - {FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/ (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6027693703
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79C51EA5-57DF-4E3A-9B81-69C930530217}: NameServer = 192.168.10.1
O18 - Protocol: bw+0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: McAfee Application Installer Cleanup (0108381200634640) (0108381200634640mcinstcleanup) - Unknown owner - C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

--
End of file - 24192 bytes

[Baron Prášil]

pořád ještě nejsem naštvanej
ale toto je stále v logu z hijackthis
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing) -ZoneAlarm

takže pověz,co není jasné na větě-
"odinstaluj všechny bezpečnostní softy a nainstaluj trial Eset Smart Security"?

[zpev]

jo tak to uz je jasne zitra to udelam dle tvych instrukci

a ted je mne vse jasne zatim dekuji za pevne nervy.


vzhuru do nebes