prosím o kontrolu

[Damned]

Vypni vytváření Bodu Obnovení!

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně

c:\windows\S468BFF56.tmp

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[Reklama]

[Hady]

ComboFix 09-05-13.04 - Martin 14.05.2009 22:33.3 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.360 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martin\Plocha\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-04-14 do 2009-05-14 )))))))))))))))))))))))))))))))
.

2009-05-14 18:04 . 2009-05-14 18:04 -------- d-----w c:\program files\Trend Micro
2009-05-14 17:06 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-14 17:06 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-14 17:06 . 2009-05-14 17:06 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-11 18:18 . 2005-05-31 12:10 17516 ----a-w c:\windows\system32\drivers\frmupgr.sys
2009-05-11 18:18 . 2005-05-31 12:06 44163 ----a-w c:\windows\system32\drivers\btwhid.sys
2009-04-27 11:55 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-27 11:55 . 2009-03-06 14:23 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-27 11:55 . 2009-02-09 11:25 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-27 11:55 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-27 11:55 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-27 11:55 . 2009-02-09 10:56 684032 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-27 11:55 . 2009-02-09 10:56 728064 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-27 11:55 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-27 11:55 . 2009-02-09 10:56 709632 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-27 11:40 . 2008-04-21 21:15 216576 -c----w c:\windows\system32\dllcache\wordpad.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-14 19:47 . 2006-01-19 08:26 -------- d-----w c:\program files\Symantec AntiVirus
2009-05-12 18:37 . 2007-08-23 17:02 -------- d-----w c:\program files\AnyDATA
2009-05-12 18:37 . 2006-01-19 08:21 -------- d-----w c:\program files\CyberLink
2009-05-12 18:37 . 2006-01-18 14:51 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-12 18:35 . 2008-10-19 23:32 -------- d-----w c:\program files\Oberon Media
2009-05-08 09:12 . 2009-03-23 13:54 -------- d-----w c:\program files\SUPERAntiSpyware
2009-05-04 19:22 . 2006-01-18 16:18 -------- d-----w c:\program files\Codec Pack - All In 1
2009-05-04 19:22 . 2006-01-18 16:18 737280 -c--a-w c:\windows\iun6002.exe
2009-05-02 07:59 . 2001-10-25 14:00 92114 ----a-w c:\windows\system32\perfc005.dat
2009-05-02 07:59 . 2001-10-25 14:00 462136 ----a-w c:\windows\system32\perfh005.dat
2009-03-31 13:05 . 2009-03-31 13:05 -------- d-----w c:\program files\Windows Defender
2009-03-31 08:10 . 2006-01-19 08:26 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-03-31 08:09 . 2006-01-19 08:26 -------- d-----w c:\program files\Symantec
2009-03-25 15:46 . 2009-03-25 15:46 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-25 15:35 . 2009-03-25 15:35 -------- d-----w c:\program files\MSBuild
2009-03-25 15:35 . 2009-03-25 15:35 -------- d-----w c:\program files\Reference Assemblies
2009-03-25 15:28 . 2009-03-25 15:28 -------- d-----w c:\program files\Microsoft
2009-03-25 15:21 . 2009-03-25 15:21 -------- d-----w c:\program files\Windows Desktop Search
2009-03-25 09:12 . 2006-01-19 09:15 -------- d-----w c:\program files\Microsoft Works
2009-03-25 08:32 . 2009-03-25 08:32 -------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-03-24 13:20 . 2008-01-10 16:51 -------- d-----w c:\program files\ICQ6
2009-03-24 08:09 . 2009-03-24 08:09 -------- d-----w c:\program files\AVG
2009-03-24 07:55 . 2007-03-28 18:14 -------- d-----w c:\program files\ESET
2009-03-23 13:54 . 2009-03-23 13:54 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-23 13:48 . 2009-03-23 13:48 15781 ----a-w c:\windows\system32\drivers\mdc8021x.sys
2009-03-23 13:48 . 2009-03-22 10:23 -------- d-----w c:\program files\NETGEAR
2009-03-06 14:23 . 2004-08-17 13:49 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:14 . 2004-08-17 13:49 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 17:13 . 2004-08-17 13:49 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-19 09:40 . 2007-03-30 16:46 1386 -c--a-w c:\windows\mozver.dat
2008-10-19 23:26 . 2008-10-19 23:24 39 -c--a-w c:\program files\mjf_drm1.txt
2006-09-22 21:06 . 2006-09-22 21:06 27977025 -c--a-w c:\program files\Pack_Vista_Inspirat_1.1.exe
2006-09-22 20:33 . 2006-09-22 20:32 472042 -c--a-w c:\program files\xp-icons.zip
2006-09-22 20:23 . 2006-09-22 20:23 12119320 -c--a-w c:\program files\iconpackager_public.exe
2006-02-01 16:03 . 2006-02-01 16:02 92 -c--a-w c:\program files\prefs.ini
2006-02-01 16:02 . 2006-02-01 16:02 10849 -c-ha-w c:\program files\fotbal.GID
2006-02-01 16:02 . 2006-02-01 16:02 409 -c--a-w c:\program files\errlog.txt
2006-02-01 16:01 . 2006-02-01 16:01 355 -c--a-w c:\program files\_DEISREG.ISR
2008-07-21 21:40 . 2008-07-21 21:40 0 -csh--w c:\windows\S468BFF56.tmp
.

((((((((((((((((((((((((((((( SnapShot@2009-05-14_17.31.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-01-19 09:17 . 2009-05-14 18:02 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-03-22 18:05 . 2007-03-22 18:05 97632 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\PP7X32.DLL
+ 2006-01-19 09:17 . 2009-05-14 18:02 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2006-01-18 18:25 . 2009-05-07 07:16 24699336 c:\windows\system32\MRT.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-27 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-27 532480]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 83608]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-12-05 125536]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-07-12 14679552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
NETGEAR WG511U Smart Wizard.lnk - c:\program files\NETGEAR\WG511U Configuration Utility\wlancfgu.exe [2009-3-23 503870]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Fujitsu\\Plugfree\\PfChat.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\OpenVPN\\bin\\openvpn.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Ares Ultra\\Ares Ultra.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.2.2009 12:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.2.2009 12:43 55024]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [22.3.2009 15:04 17149]
R3 EKBfltr;ENE Keyboard Controller;c:\windows\system32\drivers\EKBfltr.sys [14.1.2005 11:22 5504]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [31.3.2009 10:12 101936]
R3 FUJ02E1;%FUJ02E1.DeviceDesc%;c:\windows\system32\drivers\FUJ02E1.sys [18.10.2004 16:08 5632]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [17.1.2004 1:00 4864]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [3.8.2004 23:04 69120]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.2.2009 12:43 7408]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [1.10.2006 14:37 26624]
R3 wg51und5;NETGEAR WG511U Wireless Network Adapter Service;c:\windows\system32\drivers\wg51und5.sys [23.3.2009 15:48 397152]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [23.8.2007 19:30 93440]
S3 elSerial;elSerial Filter driver;c:\windows\system32\DRIVERS\elserial.sys --> c:\windows\system32\DRIVERS\elserial.sys [?]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [24.1.2006 18:33 6656]
S3 OIIBTUSB;Bluetooth USB Driver;c:\windows\system32\drivers\OIIBTUSB.sys [13.10.2005 14:45 511418]
S3 OiiNd2kU;Bluetooth Ndis Driver;c:\windows\system32\drivers\oiind2ku.sys [13.10.2005 14:45 8864]
S3 Oiivcomu;Bluetooth Virtual COM Port;c:\windows\system32\drivers\oiivcomu.sys [13.10.2005 14:45 14970]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [5.12.2006 16:32 119392]
S3 ubi_bus;Ubiquam CDMA2000 Composite Device driver (WDM);c:\windows\system32\drivers\ubi_bus.sys [2.11.2005 18:34 58352]
S3 ubi_mdfl;Ubiquam CDMA2000 Filter;c:\windows\system32\drivers\ubi_mdfl.sys [2.11.2005 18:34 8336]
S3 ubi_mdm;Ubiquam CDMA2000 Drivers;c:\windows\system32\drivers\ubi_mdm.sys [2.11.2005 18:34 93872]
S3 VmbInfce;VmbInfce;c:\windows\system32\drivers\vmbinfce.sys --> c:\windows\system32\drivers\vmbinfce.sys [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - NMSCFG

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc6eb2e8-f6db-11dd-be46-000b5d954468}]
\Shell\AutoRun\command - E:\setupSNK.exe
.
Obsah adresáře 'Naplánované úlohy'

2008-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]

2009-05-14 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\www
DPF: {50E43D86-A74D-11D0-98CE-004005249458} - hxxps://www.mojebanka.cz/jars/confwiz/MVSGif.cab
DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} - hxxp://asp04.photoprintit.de/microsite/ ... loader.cab
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\im89bvd0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-14 22:35
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1085031214-220523388-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1085031214-220523388-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1052)
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(3428)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-05-14 22:37
ComboFix-quarantined-files.txt 2009-05-14 20:37
ComboFix2.txt 2009-05-14 19:31
ComboFix3.txt 2009-05-14 17:33

Před spuštěním: Volných bajtů: 19 866 021 888
Po spuštění: Volných bajtů: 19 849 326 592

233 --- E O F --- 2009-05-14 18:02

[Hady]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:39:09, on 14.5.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\NMSSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\NETGEAR\WG511U Configuration Utility\wlancfgu.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WG511U Smart Wizard.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7967006937
O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate - Activex Control) - http://support.fujitsu-siemens.de/DeskU ... ctivex.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp04.photoprintit.de/microsite/ ... loader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 9220 bytes

[Damned]

Ještě jednou :

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:


File::
c:\windows\S468BFF56.tmp

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[Hady]

ComboFix 09-05-13.04 - Martin 14.05.2009 22:59.4 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.365 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martin\Plocha\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}

FILE ::
c:\windows\S468BFF56.tmp
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\S468BFF56.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-04-14 do 2009-05-14 )))))))))))))))))))))))))))))))
.

2009-05-14 18:04 . 2009-05-14 18:04 -------- d-----w c:\program files\Trend Micro
2009-05-14 17:06 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-14 17:06 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-14 17:06 . 2009-05-14 17:06 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-11 18:18 . 2005-05-31 12:10 17516 ----a-w c:\windows\system32\drivers\frmupgr.sys
2009-05-11 18:18 . 2005-05-31 12:06 44163 ----a-w c:\windows\system32\drivers\btwhid.sys
2009-04-27 11:55 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-27 11:55 . 2009-03-06 14:23 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-27 11:55 . 2009-02-09 11:25 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-27 11:55 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-27 11:55 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-27 11:55 . 2009-02-09 10:56 684032 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-27 11:55 . 2009-02-09 10:56 728064 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-27 11:55 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-27 11:55 . 2009-02-09 10:56 709632 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-27 11:40 . 2008-04-21 21:15 216576 -c----w c:\windows\system32\dllcache\wordpad.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-14 20:57 . 2006-01-19 08:26 -------- d-----w c:\program files\Symantec AntiVirus
2009-05-12 18:37 . 2007-08-23 17:02 -------- d-----w c:\program files\AnyDATA
2009-05-12 18:37 . 2006-01-19 08:21 -------- d-----w c:\program files\CyberLink
2009-05-12 18:37 . 2006-01-18 14:51 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-12 18:35 . 2008-10-19 23:32 -------- d-----w c:\program files\Oberon Media
2009-05-08 09:12 . 2009-03-23 13:54 -------- d-----w c:\program files\SUPERAntiSpyware
2009-05-04 19:22 . 2006-01-18 16:18 -------- d-----w c:\program files\Codec Pack - All In 1
2009-05-04 19:22 . 2006-01-18 16:18 737280 -c--a-w c:\windows\iun6002.exe
2009-05-02 07:59 . 2001-10-25 14:00 92114 ----a-w c:\windows\system32\perfc005.dat
2009-05-02 07:59 . 2001-10-25 14:00 462136 ----a-w c:\windows\system32\perfh005.dat
2009-03-31 13:05 . 2009-03-31 13:05 -------- d-----w c:\program files\Windows Defender
2009-03-31 08:10 . 2006-01-19 08:26 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-03-31 08:09 . 2006-01-19 08:26 -------- d-----w c:\program files\Symantec
2009-03-25 15:46 . 2009-03-25 15:46 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-25 15:35 . 2009-03-25 15:35 -------- d-----w c:\program files\MSBuild
2009-03-25 15:35 . 2009-03-25 15:35 -------- d-----w c:\program files\Reference Assemblies
2009-03-25 15:28 . 2009-03-25 15:28 -------- d-----w c:\program files\Microsoft
2009-03-25 15:21 . 2009-03-25 15:21 -------- d-----w c:\program files\Windows Desktop Search
2009-03-25 09:12 . 2006-01-19 09:15 -------- d-----w c:\program files\Microsoft Works
2009-03-25 08:32 . 2009-03-25 08:32 -------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-03-24 13:20 . 2008-01-10 16:51 -------- d-----w c:\program files\ICQ6
2009-03-24 08:09 . 2009-03-24 08:09 -------- d-----w c:\program files\AVG
2009-03-24 07:55 . 2007-03-28 18:14 -------- d-----w c:\program files\ESET
2009-03-23 13:54 . 2009-03-23 13:54 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-23 13:48 . 2009-03-23 13:48 15781 ----a-w c:\windows\system32\drivers\mdc8021x.sys
2009-03-23 13:48 . 2009-03-22 10:23 -------- d-----w c:\program files\NETGEAR
2009-03-06 14:23 . 2004-08-17 13:49 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:14 . 2004-08-17 13:49 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 17:13 . 2004-08-17 13:49 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-19 09:40 . 2007-03-30 16:46 1386 -c--a-w c:\windows\mozver.dat
2008-10-19 23:26 . 2008-10-19 23:24 39 -c--a-w c:\program files\mjf_drm1.txt
2006-09-22 21:06 . 2006-09-22 21:06 27977025 -c--a-w c:\program files\Pack_Vista_Inspirat_1.1.exe
2006-09-22 20:33 . 2006-09-22 20:32 472042 -c--a-w c:\program files\xp-icons.zip
2006-09-22 20:23 . 2006-09-22 20:23 12119320 -c--a-w c:\program files\iconpackager_public.exe
2006-02-01 16:03 . 2006-02-01 16:02 92 -c--a-w c:\program files\prefs.ini
2006-02-01 16:02 . 2006-02-01 16:02 10849 -c-ha-w c:\program files\fotbal.GID
2006-02-01 16:02 . 2006-02-01 16:02 409 -c--a-w c:\program files\errlog.txt
2006-02-01 16:01 . 2006-02-01 16:01 355 -c--a-w c:\program files\_DEISREG.ISR
.

((((((((((((((((((((((((((((( SnapShot@2009-05-14_17.31.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-01-19 09:17 . 2009-05-14 18:02 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-03-22 18:05 . 2007-03-22 18:05 97632 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\PP7X32.DLL
+ 2006-01-19 09:17 . 2009-05-14 18:02 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-01-19 09:17 . 2009-05-14 18:02 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2006-01-19 09:17 . 2009-05-05 18:01 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2006-01-18 18:25 . 2009-05-07 07:16 24699336 c:\windows\system32\MRT.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-27 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-27 532480]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 83608]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-12-05 125536]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-07-12 14679552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
NETGEAR WG511U Smart Wizard.lnk - c:\program files\NETGEAR\WG511U Configuration Utility\wlancfgu.exe [2009-3-23 503870]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Fujitsu\\Plugfree\\PfChat.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\OpenVPN\\bin\\openvpn.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Ares Ultra\\Ares Ultra.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.2.2009 12:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.2.2009 12:43 55024]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [22.3.2009 15:04 17149]
R3 EKBfltr;ENE Keyboard Controller;c:\windows\system32\drivers\EKBfltr.sys [14.1.2005 11:22 5504]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [31.3.2009 10:12 101936]
R3 FUJ02E1;%FUJ02E1.DeviceDesc%;c:\windows\system32\drivers\FUJ02E1.sys [18.10.2004 16:08 5632]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [17.1.2004 1:00 4864]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [3.8.2004 23:04 69120]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.2.2009 12:43 7408]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [1.10.2006 14:37 26624]
R3 wg51und5;NETGEAR WG511U Wireless Network Adapter Service;c:\windows\system32\drivers\wg51und5.sys [23.3.2009 15:48 397152]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [23.8.2007 19:30 93440]
S3 elSerial;elSerial Filter driver;c:\windows\system32\DRIVERS\elserial.sys --> c:\windows\system32\DRIVERS\elserial.sys [?]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [24.1.2006 18:33 6656]
S3 OIIBTUSB;Bluetooth USB Driver;c:\windows\system32\drivers\OIIBTUSB.sys [13.10.2005 14:45 511418]
S3 OiiNd2kU;Bluetooth Ndis Driver;c:\windows\system32\drivers\oiind2ku.sys [13.10.2005 14:45 8864]
S3 Oiivcomu;Bluetooth Virtual COM Port;c:\windows\system32\drivers\oiivcomu.sys [13.10.2005 14:45 14970]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [5.12.2006 16:32 119392]
S3 ubi_bus;Ubiquam CDMA2000 Composite Device driver (WDM);c:\windows\system32\drivers\ubi_bus.sys [2.11.2005 18:34 58352]
S3 ubi_mdfl;Ubiquam CDMA2000 Filter;c:\windows\system32\drivers\ubi_mdfl.sys [2.11.2005 18:34 8336]
S3 ubi_mdm;Ubiquam CDMA2000 Drivers;c:\windows\system32\drivers\ubi_mdm.sys [2.11.2005 18:34 93872]
S3 VmbInfce;VmbInfce;c:\windows\system32\drivers\vmbinfce.sys --> c:\windows\system32\drivers\vmbinfce.sys [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - NMSCFG

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc6eb2e8-f6db-11dd-be46-000b5d954468}]
\Shell\AutoRun\command - E:\setupSNK.exe
.
Obsah adresáře 'Naplánované úlohy'

2008-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]

2009-05-14 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\www
DPF: {50E43D86-A74D-11D0-98CE-004005249458} - hxxps://www.mojebanka.cz/jars/confwiz/MVSGif.cab
DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} - hxxp://asp04.photoprintit.de/microsite/ ... loader.cab
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\im89bvd0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-14 23:00
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1085031214-220523388-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1085031214-220523388-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1052)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Celkový čas: 2009-05-14 23:02
ComboFix-quarantined-files.txt 2009-05-14 21:02
ComboFix2.txt 2009-05-14 20:37
ComboFix3.txt 2009-05-14 19:31
ComboFix4.txt 2009-05-14 17:33

Před spuštěním: Volných bajtů: 19 860 500 480
Po spuštění: Volných bajtů: 19 840 122 880

234 --- E O F --- 2009-05-14 18:02

[Hady]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:07:26, on 14.5.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\NMSSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\NETGEAR\WG511U Configuration Utility\wlancfgu.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WG511U Smart Wizard.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7967006937
O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate - Activex Control) - http://support.fujitsu-siemens.de/DeskU ... ctivex.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp04.photoprintit.de/microsite/ ... loader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 9231 bytes

[Hady]

doufám že je to správně. Napiště klidně další postup, dodělám zítra. Tovíte práce volá :-). Zatím díky

[Damned]

Pokud PC nedělá stojku, tak je to již OK.

Nic špatné tam již nevidím, jen aktualizovat javu.