hijackThis v2.0.2 - prosím o kontrolu výpisu Vyřešeno

[maxxell]

Dobrý den. Mám pocit, že je počítač pomalejší a někdy se chová divně. Proto prosím o kontrolu Hijakck This. Děkuji

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:23, on 13.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [{7FDDA133-D598-434B-9C4F-35BB909D2623}] C:\DOCUME~1\JA5B1C~1\LOCALS~1\Temp\GLB7F.tmp C:\DOCUME~1\JA5B1C~1\LOCALS~1\Temp\GLF84.tmp\settings.ini
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-be ... canner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C54A5A-2553-43DD-BEDF-A0806C989A84}: NameServer = 10.18.219.1,10.138.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)

--
End of file - 10101 bytes

[Reklama]

[jaro3]

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[maxxell]

Dobrý den. Ještě před Vaší radou jsem stáhla Ad-Aware. Program našel trojského koně a ještě myslím spyware. Ale raději vkládám ještě výpis z Anti- Malware.Děkuji


Malwarebytes' Anti-Malware 1.36
Verze databáze: 1945
Windows 5.1.2600 Service Pack 2

16.5.2009 22:26:41
mbam-log-2009-05-16 (22-26-41).txt

Typ skenu: Rychlý sken
Objektu skenováno: 89514
Uplynulý cas: 16 minute(s), 49 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)

[jaro3]

Vož sem ještě nový log z HJT+info o chování compu.

[maxxell]

Dobrý den. Počítač byl nezvykle pomalý a dokonce se jednou sám resetoval. Také se se mi stalo, že po otevření některé internetové stránky se mi začala ta samá okna otvírat na plochu třeba 30x za sebou a nešlo to zastavit. Musela jsem odpojit internet a zakázat veškerou činnost.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49:34, on 19.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [{7FDDA133-D598-434B-9C4F-35BB909D2623}] C:\DOCUME~1\JA5B1C~1\LOCALS~1\Temp\GLB7F.tmp C:\DOCUME~1\JA5B1C~1\LOCALS~1\Temp\GLF84.tmp\settings.ini
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C54A5A-2553-43DD-BEDF-A0806C989A84}: NameServer = 10.18.219.1,10.138.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)

--
End of file - 10257 bytes

[jaro3]

Vypni rez. ochranu u Avastu.

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[maxxell]

ComboFix 09-05-21.08 - Ája 22.05.2009 18:21.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.447.208 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ája\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090521-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
Tyto soubory byly během aplikování deaktivovány:
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\IE4 Error Log.txt

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-04-22 do 2009-05-22 )))))))))))))))))))))))))))))))
.

2009-05-21 22:24 . 2009-05-21 22:58 -------- d-----w c:\windows\BDOSCAN8
2009-05-21 14:26 . 2009-05-21 14:27 -------- d-----w c:\program files\QuickMediaConverter
2009-05-21 14:05 . 2007-02-26 14:13 2392064 ----a-w c:\windows\system32\videotrans.dll
2009-05-21 14:05 . 2005-01-09 10:41 245760 ----a-w c:\windows\system32\writelib.dll
2009-05-21 14:05 . 2009-05-21 14:05 -------- d-----w c:\program files\Zealot Software
2009-05-16 20:00 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-16 20:00 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 20:00 . 2009-05-16 20:00 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-16 10:23 . 2009-01-18 21:35 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-16 10:21 . 2009-05-16 10:21 -------- d-----w c:\documents and settings\LocalService\Plocha
2009-05-16 10:11 . 2009-01-18 21:30 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-16 10:09 . 2009-05-16 10:09 -------- d-----w c:\program files\Lavasoft
2009-05-13 17:54 . 2009-05-13 17:54 -------- d-----w c:\program files\Trend Micro
2009-05-12 11:53 . 2009-05-21 08:15 -------- d-----w c:\program files\DivX
2009-05-10 09:41 . 2009-05-11 04:56 -------- dc----w c:\program files\WinAce
2009-05-07 06:06 . 2009-05-07 06:06 -------- d-----w c:\program files\SMPlayer
2009-05-06 09:43 . 2009-05-06 09:43 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-05-04 19:20 . 2009-05-04 19:20 -------- d-----w C:\temp
2009-05-04 18:59 . 2001-08-18 04:36 8704 -c--a-w c:\windows\system32\dllcache\kbdjpn.dll
2009-05-04 18:59 . 2001-08-18 04:36 8704 ----a-w c:\windows\system32\kbdjpn.dll
2009-05-04 18:59 . 2001-08-18 04:36 8192 -c--a-w c:\windows\system32\dllcache\kbdkor.dll
2009-05-04 18:59 . 2001-08-18 04:36 8192 ----a-w c:\windows\system32\kbdkor.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd106.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd106.dll
2009-05-04 18:59 . 2001-08-17 20:55 5632 -c--a-w c:\windows\system32\dllcache\kbd103.dll
2009-05-04 18:59 . 2001-08-17 20:55 5632 ----a-w c:\windows\system32\kbd103.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101c.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101b.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd101c.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd101b.dll
2009-05-04 18:55 . 2009-05-16 11:56 -------- d-----w c:\windows\Replay Converter 3
2009-05-04 18:54 . 2009-05-04 18:54 737280 ----a-w c:\windows\iun6002.exe
2009-05-03 19:09 . 2009-05-04 18:38 -------- d-----w c:\program files\Free Screen Recorder
2009-04-22 20:18 . 2005-12-06 02:27 2112 ----a-r c:\windows\system32\Repository.reg
2009-04-22 20:18 . 2005-12-06 03:26 380928 ----a-r c:\windows\system32\LVUI2RC.dll
2009-04-22 20:18 . 2005-12-06 03:26 39424 ----a-r c:\windows\system32\drivers\LVUSBSta.sys
2009-04-22 20:18 . 2005-12-06 03:22 110592 ----a-r c:\windows\system32\lvcoinst.dll
2009-04-22 20:18 . 2005-12-06 03:27 287360 ----a-r c:\windows\system32\drivers\LV561AV.SYS
2009-04-22 20:18 . 2005-12-06 03:25 217088 ----a-r c:\windows\system32\LVUI2.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-06 11:00 . 2008-11-22 18:46 -------- d-----w c:\program files\Common Files\Adobe
2009-05-04 19:41 . 2006-11-25 11:29 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-04 19:12 . 2006-11-25 11:44 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-04-22 20:14 . 2007-10-08 16:36 -------- d-----w c:\program files\Common Files\Logitech
2009-04-22 07:49 . 2009-04-22 07:49 -------- d-----w c:\program files\InCode Solutions
2009-04-14 08:46 . 2008-10-18 20:29 253688 ----a-w c:\windows\system32\cssdll32.dll
2009-03-29 09:22 . 2003-04-16 12:00 70376 ----a-w c:\windows\system32\perfc005.dat
2009-03-29 09:22 . 2003-04-16 12:00 394788 ----a-w c:\windows\system32\perfh005.dat
2009-03-26 10:07 . 2009-03-26 10:07 59904 ----a-w c:\windows\system32\zlib1.dll
2009-03-26 10:03 . 2009-03-26 10:03 286720 ----a-w c:\windows\system32\libcurl.dll
2009-03-26 10:03 . 2009-03-26 10:03 196608 ----a-w c:\windows\system32\ssleay32.dll
2009-03-26 10:03 . 2009-03-26 10:03 1028096 ----a-w c:\windows\system32\libeay32.dll
2009-03-26 10:03 . 2009-03-26 10:03 143360 ----a-w c:\windows\system32\libexpatw.dll
2009-03-13 21:41 . 2009-03-13 21:42 410984 ----a-w c:\windows\system32\deploytk.dll
2009-02-27 18:21 . 2008-10-18 20:26 80400 ----a-w c:\windows\system32\drivers\inspect.sys
2009-02-27 18:21 . 2008-10-18 20:26 155384 ----a-w c:\windows\system32\guard32.dll
2009-02-27 18:21 . 2008-10-18 20:26 110992 ----a-w c:\windows\system32\drivers\cmdguard.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-10-18 20:29 66912 ----a-w c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-28 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2003-12-13 33792]
"AudioDeck"="c:\program files\VIAudioi\SBADeck\ADeck.exe" [2005-09-06 450560]
"NeroFilterCheck"="c:\windows\System32\NeroCheck.exe" [2001-07-09 155648]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"LogitechCameraAssistant"="c:\program files\Logitech\Video\CameraAssistant.exe" [2005-12-07 489472]
"LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2005-12-07 08:33 73728]
"LogitechCameraService(E)"="c:\windows\System32\ElkCtrl.exe" [2004-11-01 262144]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2009-04-14 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2009-02-27 1851128]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2009-02-27 1851128]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-22 516440]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-08 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2006-03-23 176128]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-7-14 1183744]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\cssdll32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16.5.2009 12:11 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.12.2008 23:44 114768]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [18.10.2008 22:26 110992]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [18.10.2008 22:26 24336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.12.2008 23:44 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [21.11.2008 19:43 222456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 23:34 953168]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [16.4.2003 14:00 69120]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.1.2007 19:31 42000]
.
Obsah adresáře 'Naplánované úlohy'

2009-05-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 10:14]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-NWEReboot - (no file)


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {73C54A5A-2553-43DD-BEDF-A0806C989A84} = 10.18.219.1,10.138.0.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-22 18:27
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\cssdll32.dll
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(832)
c:\windows\system32\cssdll32.dll
c:\windows\system32\guard32.dll
.
Celkový čas: 2009-05-22 18:30
ComboFix-quarantined-files.txt 2009-05-22 16:30

Před spuštěním: Volných bajtů: 115 438 903 296
Po spuštění: Volných bajtů: 117 678 747 648

188 --- E O F --- 2008-06-20 17:57

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\iun6002.exe

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[maxxell]

ComboFix 09-05-23.04 - Ája 24.05.2009 14:47.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.447.137 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ája\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Ája\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090523-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
c:\windows\iun6002.exe
.
Tyto soubory byly během aplikování deaktivovány:
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\iun6002.exe
.
---- Předchozí spuštění -------
.
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2009-04-24 do 2009-05-24 )))))))))))))))))))))))))))))))
.

2009-05-22 16:36 . 2009-05-23 22:01 -------- d-sh--w C:\RECYCLER(2)
2009-05-21 22:24 . 2009-05-23 22:01 -------- d-----w c:\windows\BDOSCAN8
2009-05-21 14:26 . 2009-05-23 22:01 -------- d-----w c:\program files\QuickMediaConverter
2009-05-16 20:00 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-16 20:00 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 20:00 . 2009-05-16 20:00 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-16 10:23 . 2009-01-18 21:35 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-16 10:21 . 2009-05-16 10:21 -------- d-----w c:\documents and settings\LocalService\Plocha
2009-05-16 10:11 . 2009-01-18 21:30 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-16 10:09 . 2009-05-16 10:09 -------- d-----w c:\program files\Lavasoft
2009-05-13 17:54 . 2009-05-13 17:54 -------- d-----w c:\program files\Trend Micro
2009-05-12 11:53 . 2009-05-21 08:15 -------- d-----w c:\program files\DivX
2009-05-10 09:41 . 2009-05-11 04:56 -------- dc----w c:\program files\WinAce
2009-05-07 06:06 . 2009-05-07 06:06 -------- d-----w c:\program files\SMPlayer
2009-05-06 09:43 . 2009-05-06 09:43 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-05-04 19:20 . 2009-05-04 19:20 -------- d-----w C:\temp
2009-05-04 18:59 . 2001-08-18 04:36 8704 -c--a-w c:\windows\system32\dllcache\kbdjpn.dll
2009-05-04 18:59 . 2001-08-18 04:36 8704 ----a-w c:\windows\system32\kbdjpn.dll
2009-05-04 18:59 . 2001-08-18 04:36 8192 -c--a-w c:\windows\system32\dllcache\kbdkor.dll
2009-05-04 18:59 . 2001-08-18 04:36 8192 ----a-w c:\windows\system32\kbdkor.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd106.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd106.dll
2009-05-04 18:59 . 2001-08-17 20:55 5632 -c--a-w c:\windows\system32\dllcache\kbd103.dll
2009-05-04 18:59 . 2001-08-17 20:55 5632 ----a-w c:\windows\system32\kbd103.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101c.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101b.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd101c.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd101b.dll
2009-05-04 18:55 . 2009-05-16 11:56 -------- d-----w c:\windows\Replay Converter 3
2009-05-03 19:09 . 2009-05-04 18:38 -------- d-----w c:\program files\Free Screen Recorder

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-23 22:12 . 2008-10-18 20:26 168208 ----a-w c:\windows\system32\guard32.dll
2009-05-23 22:12 . 2008-10-18 20:26 82080 ----a-w c:\windows\system32\drivers\inspect.sys
2009-05-23 22:12 . 2008-10-18 20:26 24096 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-05-23 22:12 . 2008-10-18 20:26 132640 ----a-w c:\windows\system32\drivers\cmdguard.sys
2009-05-23 22:00 . 2008-10-18 20:26 -------- d-----w c:\program files\COMODO
2009-05-13 17:48 . 2009-05-23 21:58 261246 ----a-w c:\windows\PCHealth\HelpCtr\Config\Cache\Professional_32_1029.dat
2009-05-06 11:00 . 2008-11-22 18:46 -------- d-----w c:\program files\Common Files\Adobe
2009-05-04 19:41 . 2006-11-25 11:29 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-04 19:12 . 2006-11-25 11:44 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-04-22 20:14 . 2007-10-08 16:36 -------- d-----w c:\program files\Common Files\Logitech
2009-04-22 07:49 . 2009-04-22 07:49 -------- d-----w c:\program files\InCode Solutions
2009-04-14 08:46 . 2008-10-18 20:29 253688 ----a-w c:\windows\system32\cssdll32.dll
2009-03-29 09:22 . 2003-04-16 12:00 70376 ----a-w c:\windows\system32\perfc005.dat
2009-03-29 09:22 . 2003-04-16 12:00 394788 ----a-w c:\windows\system32\perfh005.dat
2009-03-26 10:07 . 2009-03-26 10:07 59904 ----a-w c:\windows\system32\zlib1.dll
2009-03-26 10:03 . 2009-03-26 10:03 286720 ----a-w c:\windows\system32\libcurl.dll
2009-03-26 10:03 . 2009-03-26 10:03 196608 ----a-w c:\windows\system32\ssleay32.dll
2009-03-26 10:03 . 2009-03-26 10:03 1028096 ----a-w c:\windows\system32\libeay32.dll
2009-03-26 10:03 . 2009-03-26 10:03 143360 ----a-w c:\windows\system32\libexpatw.dll
2009-03-13 21:41 . 2009-03-13 21:42 410984 ----a-w c:\windows\system32\deploytk.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-10-18 20:29 66912 ----a-w c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-28 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2003-12-13 33792]
"AudioDeck"="c:\program files\VIAudioi\SBADeck\ADeck.exe" [2005-09-06 450560]
"NeroFilterCheck"="c:\windows\System32\NeroCheck.exe" [2001-07-09 155648]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"LogitechCameraAssistant"="c:\program files\Logitech\Video\CameraAssistant.exe" [2005-12-07 489472]
"LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2005-12-07 08:33 73728]
"LogitechCameraService(E)"="c:\windows\System32\ElkCtrl.exe" [2004-11-01 262144]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2009-04-14 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2009-05-23 1794320]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2009-05-23 1794320]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-08 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2006-03-23 176128]
"NWEReboot"="" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-7-14 1183744]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\cssdll32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16.5.2009 12:11 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.12.2008 23:44 114768]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [18.10.2008 22:26 132640]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [18.10.2008 22:26 24096]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.12.2008 23:44 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [21.11.2008 19:43 222456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 23:34 921936]
.
Obsah adresáře 'Naplánované úlohy'

2009-05-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-procexp90.Sys


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {73C54A5A-2553-43DD-BEDF-A0806C989A84} = 10.18.219.1,10.138.0.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-24 14:49
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(820)
c:\windows\system32\guard32.dll
.
Celkový čas: 2009-05-24 14:51
ComboFix-quarantined-files.txt 2009-05-24 12:51
ComboFix2.txt 2009-05-22 16:30

Před spuštěním: Volných bajtů: 117 029 539 840
Po spuštění: Volných bajtů: 117 017 825 280

192 --- E O F --- 2008-06-20 17:57
******************************************************************************
******************************************************************************
*******************************************************************************
******************************************************************************
****************************************************************************

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:53:15, on 24.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C54A5A-2553-43DD-BEDF-A0806C989A84}: NameServer = 10.18.219.1,10.138.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)

--
End of file - 10012 bytes

[jaro3]

Koukni sem:
C:\RECYCLER
C:\RECYCLER(2)
máš to tam takhle? ( povolit zobrazování skrytých souborů a složek( nástroje-možnosti složky-zobrazení.)

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

Folder::
c:\program files\AskSBar
c:\windows\BDOSCAN8

DirLook::
C:\RECYCLER(2)

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu .
*****************************************************************************************************************************************
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab

vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Aktualizuj javu:
Java SE Runtime Environment 6u13
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u13-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Pak ještě vlož nový log z HJT.

[maxxell]

Omlouvám se, že odpovídám až dnes. Jelikož nejsem odborník, doufám, že je kontrola provedena podle Vašeho návodu dobře...
ComboFix 09-05-23.04 - Ája 29.05.2009 22:39.3 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.447.206 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ája\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Ája\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090529-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
.
Tyto soubory byly během aplikování deaktivovány:
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskSBar
c:\program files\AskSBar\bar\1.bin\A2FFXTBR.JAR
c:\program files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
c:\program files\AskSBar\bar\1.bin\A2HIGHIN.EXE
c:\program files\AskSBar\bar\1.bin\A2NTSTBR.JAR
c:\program files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
c:\program files\AskSBar\bar\1.bin\A2PLUGIN.DLL
c:\program files\AskSBar\bar\1.bin\ASKSBAR.DLL
c:\program files\AskSBar\bar\1.bin\NPASKSBR.DLL
c:\program files\AskSBar\bar\Cache\000384C1
c:\program files\AskSBar\bar\Cache\00038946
c:\program files\AskSBar\bar\Cache\00038AEB.bin
c:\program files\AskSBar\bar\Cache\00038F8F.bin
c:\program files\AskSBar\bar\Cache\0003928D.bin
c:\program files\AskSBar\bar\Cache\00039413.bin
c:\program files\AskSBar\bar\Cache\000395C9.bin
c:\program files\AskSBar\bar\Cache\00039740.bin
c:\program files\AskSBar\bar\Cache\000398B7.bin
c:\program files\AskSBar\bar\Cache\000399EF.bin
c:\program files\AskSBar\bar\Cache\files.ini
c:\program files\AskSBar\bar\History\search2
c:\program files\AskSBar\bar\Settings\prevcfg2.htm
c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
c:\windows\BDOSCAN8
c:\windows\BDOSCAN8\avxdisk.dll
c:\windows\BDOSCAN8\avxs.dll
c:\windows\BDOSCAN8\avxt.dll
c:\windows\BDOSCAN8\bdcore.dll
c:\windows\BDOSCAN8\bdoscan.ini
c:\windows\BDOSCAN8\bdoscan.log
c:\windows\BDOSCAN8\boot.xmd
c:\windows\BDOSCAN8\ipsupd.dll
c:\windows\BDOSCAN8\lang.ini
c:\windows\BDOSCAN8\libfn.dll
c:\windows\BDOSCAN8\librtvr.dll
c:\windows\BDOSCAN8\live.ini
c:\windows\BDOSCAN8\oscan82.ocx
c:\windows\BDOSCAN8\plugins.htm
c:\windows\BDOSCAN8\Plugins\7zip.xmd
c:\windows\BDOSCAN8\Plugins\access.xmd
c:\windows\BDOSCAN8\Plugins\ace.xmd
c:\windows\BDOSCAN8\Plugins\adsntfs.xmd
c:\windows\BDOSCAN8\Plugins\alz.xmd
c:\windows\BDOSCAN8\Plugins\arc.xmd
c:\windows\BDOSCAN8\Plugins\arj.xmd
c:\windows\BDOSCAN8\Plugins\aspy_emu.cvd
c:\windows\BDOSCAN8\Plugins\bach.xmd
c:\windows\BDOSCAN8\Plugins\boot.xmd
c:\windows\BDOSCAN8\Plugins\bzip2.xmd
c:\windows\BDOSCAN8\Plugins\cab.xmd
c:\windows\BDOSCAN8\Plugins\ceva_dll.cvd
c:\windows\BDOSCAN8\Plugins\ceva_emu.cvd
c:\windows\BDOSCAN8\Plugins\ceva_vfs.cvd
c:\windows\BDOSCAN8\Plugins\ceva_vfs.ivd
c:\windows\BDOSCAN8\Plugins\cevakrnl.cvd
c:\windows\BDOSCAN8\Plugins\cevakrnl.ivd
c:\windows\BDOSCAN8\Plugins\cevakrnl.rv0
c:\windows\BDOSCAN8\Plugins\cevakrnl.rvd
c:\windows\BDOSCAN8\Plugins\cevakrnl.xmd
c:\windows\BDOSCAN8\Plugins\cookie.cvd
c:\windows\BDOSCAN8\Plugins\cookie.xmd
c:\windows\BDOSCAN8\Plugins\cpio.xmd
c:\windows\BDOSCAN8\Plugins\cran.cvd
c:\windows\BDOSCAN8\Plugins\cran.ivd
c:\windows\BDOSCAN8\Plugins\cran.xmd
c:\windows\BDOSCAN8\Plugins\dbx.xmd
c:\windows\BDOSCAN8\Plugins\docfile.xmd
c:\windows\BDOSCAN8\Plugins\dummyarch.xmd
c:\windows\BDOSCAN8\Plugins\dummyscan.xmd
c:\windows\BDOSCAN8\Plugins\e_spyw.cvd
c:\windows\BDOSCAN8\Plugins\e_spyw.i01
c:\windows\BDOSCAN8\Plugins\e_spyw.i02
c:\windows\BDOSCAN8\Plugins\e_spyw.i03
c:\windows\BDOSCAN8\Plugins\e_spyw.i04
c:\windows\BDOSCAN8\Plugins\e_spyw.i05
c:\windows\BDOSCAN8\Plugins\e_spyw.i06
c:\windows\BDOSCAN8\Plugins\e_spyw.i07
c:\windows\BDOSCAN8\Plugins\e_spyw.i08
c:\windows\BDOSCAN8\Plugins\e_spyw.i09
c:\windows\BDOSCAN8\Plugins\e_spyw.i10
c:\windows\BDOSCAN8\Plugins\e_spyw.i11
c:\windows\BDOSCAN8\Plugins\e_spyw.i12
c:\windows\BDOSCAN8\Plugins\e_spyw.i13
c:\windows\BDOSCAN8\Plugins\e_spyw.i14
c:\windows\BDOSCAN8\Plugins\e_spyw.i15
c:\windows\BDOSCAN8\Plugins\e_spyw.i16
c:\windows\BDOSCAN8\Plugins\e_spyw.i17
c:\windows\BDOSCAN8\Plugins\e_spyw.i18
c:\windows\BDOSCAN8\Plugins\e_spyw.i19
c:\windows\BDOSCAN8\Plugins\e_spyw.i20
c:\windows\BDOSCAN8\Plugins\e_spyw.i21
c:\windows\BDOSCAN8\Plugins\e_spyw.i22
c:\windows\BDOSCAN8\Plugins\e_spyw.i23
c:\windows\BDOSCAN8\Plugins\e_spyw.i24
c:\windows\BDOSCAN8\Plugins\e_spyw.i25
c:\windows\BDOSCAN8\Plugins\e_spyw.i26
c:\windows\BDOSCAN8\Plugins\e_spyw.i27
c:\windows\BDOSCAN8\Plugins\e_spyw.i28
c:\windows\BDOSCAN8\Plugins\e_spyw.i29
c:\windows\BDOSCAN8\Plugins\e_spyw.i30
c:\windows\BDOSCAN8\Plugins\e_spyw.i31
c:\windows\BDOSCAN8\Plugins\e_spyw.i32
c:\windows\BDOSCAN8\Plugins\e_spyw.i33
c:\windows\BDOSCAN8\Plugins\e_spyw.i34
c:\windows\BDOSCAN8\Plugins\e_spyw.i35
c:\windows\BDOSCAN8\Plugins\e_spyw.i36
c:\windows\BDOSCAN8\Plugins\e_spyw.i37
c:\windows\BDOSCAN8\Plugins\e_spyw.i38
c:\windows\BDOSCAN8\Plugins\e_spyw.i39
c:\windows\BDOSCAN8\Plugins\e_spyw.i40
c:\windows\BDOSCAN8\Plugins\e_spyw.i41
c:\windows\BDOSCAN8\Plugins\e_spyw.i42
c:\windows\BDOSCAN8\Plugins\e_spyw.i43
c:\windows\BDOSCAN8\Plugins\e_spyw.i44
c:\windows\BDOSCAN8\Plugins\e_spyw.i45
c:\windows\BDOSCAN8\Plugins\e_spyw.i46
c:\windows\BDOSCAN8\Plugins\e_spyw.i47
c:\windows\BDOSCAN8\Plugins\e_spyw.i48
c:\windows\BDOSCAN8\Plugins\e_spyw.i49
c:\windows\BDOSCAN8\Plugins\e_spyw.ivd
c:\windows\BDOSCAN8\Plugins\emalware.001
c:\windows\BDOSCAN8\Plugins\emalware.002
c:\windows\BDOSCAN8\Plugins\emalware.003
c:\windows\BDOSCAN8\Plugins\emalware.004
c:\windows\BDOSCAN8\Plugins\emalware.005
c:\windows\BDOSCAN8\Plugins\emalware.006
c:\windows\BDOSCAN8\Plugins\emalware.007
c:\windows\BDOSCAN8\Plugins\emalware.008
c:\windows\BDOSCAN8\Plugins\emalware.009
c:\windows\BDOSCAN8\Plugins\emalware.010
c:\windows\BDOSCAN8\Plugins\emalware.011
c:\windows\BDOSCAN8\Plugins\emalware.012
c:\windows\BDOSCAN8\Plugins\emalware.013
c:\windows\BDOSCAN8\Plugins\emalware.014
c:\windows\BDOSCAN8\Plugins\emalware.015
c:\windows\BDOSCAN8\Plugins\emalware.016
c:\windows\BDOSCAN8\Plugins\emalware.017
c:\windows\BDOSCAN8\Plugins\emalware.018
c:\windows\BDOSCAN8\Plugins\emalware.019
c:\windows\BDOSCAN8\Plugins\emalware.020
c:\windows\BDOSCAN8\Plugins\emalware.021
c:\windows\BDOSCAN8\Plugins\emalware.022
c:\windows\BDOSCAN8\Plugins\emalware.023
c:\windows\BDOSCAN8\Plugins\emalware.024
c:\windows\BDOSCAN8\Plugins\emalware.025
c:\windows\BDOSCAN8\Plugins\emalware.026
c:\windows\BDOSCAN8\Plugins\emalware.027
c:\windows\BDOSCAN8\Plugins\emalware.028
c:\windows\BDOSCAN8\Plugins\emalware.029
c:\windows\BDOSCAN8\Plugins\emalware.030
c:\windows\BDOSCAN8\Plugins\emalware.031
c:\windows\BDOSCAN8\Plugins\emalware.032
c:\windows\BDOSCAN8\Plugins\emalware.033
c:\windows\BDOSCAN8\Plugins\emalware.034
c:\windows\BDOSCAN8\Plugins\emalware.035
c:\windows\BDOSCAN8\Plugins\emalware.036
c:\windows\BDOSCAN8\Plugins\emalware.037
c:\windows\BDOSCAN8\Plugins\emalware.038
c:\windows\BDOSCAN8\Plugins\emalware.039
c:\windows\BDOSCAN8\Plugins\emalware.040
c:\windows\BDOSCAN8\Plugins\emalware.041
c:\windows\BDOSCAN8\Plugins\emalware.042
c:\windows\BDOSCAN8\Plugins\emalware.043
c:\windows\BDOSCAN8\Plugins\emalware.044
c:\windows\BDOSCAN8\Plugins\emalware.045
c:\windows\BDOSCAN8\Plugins\emalware.046
c:\windows\BDOSCAN8\Plugins\emalware.047
c:\windows\BDOSCAN8\Plugins\emalware.048
c:\windows\BDOSCAN8\Plugins\emalware.049
c:\windows\BDOSCAN8\Plugins\emalware.050
c:\windows\BDOSCAN8\Plugins\emalware.051
c:\windows\BDOSCAN8\Plugins\emalware.052
c:\windows\BDOSCAN8\Plugins\emalware.053
c:\windows\BDOSCAN8\Plugins\emalware.054
c:\windows\BDOSCAN8\Plugins\emalware.055
c:\windows\BDOSCAN8\Plugins\emalware.056
c:\windows\BDOSCAN8\Plugins\emalware.057
c:\windows\BDOSCAN8\Plugins\emalware.058
c:\windows\BDOSCAN8\Plugins\emalware.059
c:\windows\BDOSCAN8\Plugins\emalware.060
c:\windows\BDOSCAN8\Plugins\emalware.061
c:\windows\BDOSCAN8\Plugins\emalware.062
c:\windows\BDOSCAN8\Plugins\emalware.063
c:\windows\BDOSCAN8\Plugins\emalware.064
c:\windows\BDOSCAN8\Plugins\emalware.065
c:\windows\BDOSCAN8\Plugins\emalware.066
c:\windows\BDOSCAN8\Plugins\emalware.067
c:\windows\BDOSCAN8\Plugins\emalware.068
c:\windows\BDOSCAN8\Plugins\emalware.069
c:\windows\BDOSCAN8\Plugins\emalware.070
c:\windows\BDOSCAN8\Plugins\emalware.071
c:\windows\BDOSCAN8\Plugins\emalware.072
c:\windows\BDOSCAN8\Plugins\emalware.073
c:\windows\BDOSCAN8\Plugins\emalware.074
c:\windows\BDOSCAN8\Plugins\emalware.075
c:\windows\BDOSCAN8\Plugins\emalware.076
c:\windows\BDOSCAN8\Plugins\emalware.077
c:\windows\BDOSCAN8\Plugins\emalware.078
c:\windows\BDOSCAN8\Plugins\emalware.079
c:\windows\BDOSCAN8\Plugins\emalware.080
c:\windows\BDOSCAN8\Plugins\emalware.081
c:\windows\BDOSCAN8\Plugins\emalware.082
c:\windows\BDOSCAN8\Plugins\emalware.083
c:\windows\BDOSCAN8\Plugins\emalware.084
c:\windows\BDOSCAN8\Plugins\emalware.085
c:\windows\BDOSCAN8\Plugins\emalware.086
c:\windows\BDOSCAN8\Plugins\emalware.087
c:\windows\BDOSCAN8\Plugins\emalware.088
c:\windows\BDOSCAN8\Plugins\emalware.089
c:\windows\BDOSCAN8\Plugins\emalware.090
c:\windows\BDOSCAN8\Plugins\emalware.091
c:\windows\BDOSCAN8\Plugins\emalware.092
c:\windows\BDOSCAN8\Plugins\emalware.093
c:\windows\BDOSCAN8\Plugins\emalware.094
c:\windows\BDOSCAN8\Plugins\emalware.095
c:\windows\BDOSCAN8\Plugins\emalware.096
c:\windows\BDOSCAN8\Plugins\emalware.097
c:\windows\BDOSCAN8\Plugins\emalware.098
c:\windows\BDOSCAN8\Plugins\emalware.099
c:\windows\BDOSCAN8\Plugins\emalware.100
c:\windows\BDOSCAN8\Plugins\emalware.101
c:\windows\BDOSCAN8\Plugins\emalware.102
c:\windows\BDOSCAN8\Plugins\emalware.103
c:\windows\BDOSCAN8\Plugins\emalware.104
c:\windows\BDOSCAN8\Plugins\emalware.105
c:\windows\BDOSCAN8\Plugins\emalware.106
c:\windows\BDOSCAN8\Plugins\emalware.107
c:\windows\BDOSCAN8\Plugins\emalware.108
c:\windows\BDOSCAN8\Plugins\emalware.109
c:\windows\BDOSCAN8\Plugins\emalware.110
c:\windows\BDOSCAN8\Plugins\emalware.111
c:\windows\BDOSCAN8\Plugins\emalware.112
c:\windows\BDOSCAN8\Plugins\emalware.113
c:\windows\BDOSCAN8\Plugins\emalware.114
c:\windows\BDOSCAN8\Plugins\emalware.115
c:\windows\BDOSCAN8\Plugins\emalware.116
c:\windows\BDOSCAN8\Plugins\emalware.117
c:\windows\BDOSCAN8\Plugins\emalware.118
c:\windows\BDOSCAN8\Plugins\emalware.119
c:\windows\BDOSCAN8\Plugins\emalware.120
c:\windows\BDOSCAN8\Plugins\emalware.121
c:\windows\BDOSCAN8\Plugins\emalware.122
c:\windows\BDOSCAN8\Plugins\emalware.123
c:\windows\BDOSCAN8\Plugins\emalware.124
c:\windows\BDOSCAN8\Plugins\emalware.125
c:\windows\BDOSCAN8\Plugins\emalware.126
c:\windows\BDOSCAN8\Plugins\emalware.127
c:\windows\BDOSCAN8\Plugins\emalware.128
c:\windows\BDOSCAN8\Plugins\emalware.129
c:\windows\BDOSCAN8\Plugins\emalware.130
c:\windows\BDOSCAN8\Plugins\emalware.131
c:\windows\BDOSCAN8\Plugins\emalware.132
c:\windows\BDOSCAN8\Plugins\emalware.133
c:\windows\BDOSCAN8\Plugins\emalware.134
c:\windows\BDOSCAN8\Plugins\emalware.135
c:\windows\BDOSCAN8\Plugins\emalware.136
c:\windows\BDOSCAN8\Plugins\emalware.137
c:\windows\BDOSCAN8\Plugins\emalware.138
c:\windows\BDOSCAN8\Plugins\emalware.139
c:\windows\BDOSCAN8\Plugins\emalware.140
c:\windows\BDOSCAN8\Plugins\emalware.141
c:\windows\BDOSCAN8\Plugins\emalware.142
c:\windows\BDOSCAN8\Plugins\emalware.143
c:\windows\BDOSCAN8\Plugins\emalware.144
c:\windows\BDOSCAN8\Plugins\emalware.145
c:\windows\BDOSCAN8\Plugins\emalware.146
c:\windows\BDOSCAN8\Plugins\emalware.147
c:\windows\BDOSCAN8\Plugins\emalware.148
c:\windows\BDOSCAN8\Plugins\emalware.149
c:\windows\BDOSCAN8\Plugins\emalware.150
c:\windows\BDOSCAN8\Plugins\emalware.151
c:\windows\BDOSCAN8\Plugins\emalware.152
c:\windows\BDOSCAN8\Plugins\emalware.153
c:\windows\BDOSCAN8\Plugins\emalware.154
c:\windows\BDOSCAN8\Plugins\emalware.155
c:\windows\BDOSCAN8\Plugins\emalware.156
c:\windows\BDOSCAN8\Plugins\emalware.157
c:\windows\BDOSCAN8\Plugins\emalware.158
c:\windows\BDOSCAN8\Plugins\emalware.159
c:\windows\BDOSCAN8\Plugins\emalware.160
c:\windows\BDOSCAN8\Plugins\emalware.161
c:\windows\BDOSCAN8\Plugins\emalware.162
c:\windows\BDOSCAN8\Plugins\emalware.163
c:\windows\BDOSCAN8\Plugins\emalware.164
c:\windows\BDOSCAN8\Plugins\emalware.165
c:\windows\BDOSCAN8\Plugins\emalware.166
c:\windows\BDOSCAN8\Plugins\emalware.167
c:\windows\BDOSCAN8\Plugins\emalware.168
c:\windows\BDOSCAN8\Plugins\emalware.169
c:\windows\BDOSCAN8\Plugins\emalware.170
c:\windows\BDOSCAN8\Plugins\emalware.171
c:\windows\BDOSCAN8\Plugins\emalware.172
c:\windows\BDOSCAN8\Plugins\emalware.173
c:\windows\BDOSCAN8\Plugins\emalware.174
c:\windows\BDOSCAN8\Plugins\emalware.175
c:\windows\BDOSCAN8\Plugins\emalware.176
c:\windows\BDOSCAN8\Plugins\emalware.177
c:\windows\BDOSCAN8\Plugins\emalware.178
c:\windows\BDOSCAN8\Plugins\emalware.179
c:\windows\BDOSCAN8\Plugins\emalware.180
c:\windows\BDOSCAN8\Plugins\emalware.181
c:\windows\BDOSCAN8\Plugins\emalware.182
c:\windows\BDOSCAN8\Plugins\emalware.183
c:\windows\BDOSCAN8\Plugins\emalware.184
c:\windows\BDOSCAN8\Plugins\emalware.185
c:\windows\BDOSCAN8\Plugins\emalware.186
c:\windows\BDOSCAN8\Plugins\emalware.187
c:\windows\BDOSCAN8\Plugins\emalware.188
c:\windows\BDOSCAN8\Plugins\emalware.189
c:\windows\BDOSCAN8\Plugins\emalware.190
c:\windows\BDOSCAN8\Plugins\emalware.191
c:\windows\BDOSCAN8\Plugins\emalware.192
c:\windows\BDOSCAN8\Plugins\emalware.193
c:\windows\BDOSCAN8\Plugins\emalware.194
c:\windows\BDOSCAN8\Plugins\emalware.195
c:\windows\BDOSCAN8\Plugins\emalware.196
c:\windows\BDOSCAN8\Plugins\emalware.197
c:\windows\BDOSCAN8\Plugins\emalware.198
c:\windows\BDOSCAN8\Plugins\emalware.199
c:\windows\BDOSCAN8\Plugins\emalware.200
c:\windows\BDOSCAN8\Plugins\emalware.201
c:\windows\BDOSCAN8\Plugins\emalware.202
c:\windows\BDOSCAN8\Plugins\emalware.203
c:\windows\BDOSCAN8\Plugins\emalware.204
c:\windows\BDOSCAN8\Plugins\emalware.205
c:\windows\BDOSCAN8\Plugins\emalware.206
c:\windows\BDOSCAN8\Plugins\emalware.207
c:\windows\BDOSCAN8\Plugins\emalware.208
c:\windows\BDOSCAN8\Plugins\emalware.209
c:\windows\BDOSCAN8\Plugins\emalware.210
c:\windows\BDOSCAN8\Plugins\emalware.211
c:\windows\BDOSCAN8\Plugins\emalware.212
c:\windows\BDOSCAN8\Plugins\emalware.213
c:\windows\BDOSCAN8\Plugins\emalware.214
c:\windows\BDOSCAN8\Plugins\emalware.215
c:\windows\BDOSCAN8\Plugins\emalware.216
c:\windows\BDOSCAN8\Plugins\emalware.217
c:\windows\BDOSCAN8\Plugins\emalware.218
c:\windows\BDOSCAN8\Plugins\emalware.219
c:\windows\BDOSCAN8\Plugins\emalware.220
c:\windows\BDOSCAN8\Plugins\emalware.221
c:\windows\BDOSCAN8\Plugins\emalware.222
c:\windows\BDOSCAN8\Plugins\emalware.223
c:\windows\BDOSCAN8\Plugins\emalware.224
c:\windows\BDOSCAN8\Plugins\emalware.225
c:\windows\BDOSCAN8\Plugins\emalware.226
c:\windows\BDOSCAN8\Plugins\emalware.227
c:\windows\BDOSCAN8\Plugins\emalware.228
c:\windows\BDOSCAN8\Plugins\emalware.229
c:\windows\BDOSCAN8\Plugins\emalware.230
c:\windows\BDOSCAN8\Plugins\emalware.231
c:\windows\BDOSCAN8\Plugins\emalware.232
c:\windows\BDOSCAN8\Plugins\emalware.233
c:\windows\BDOSCAN8\Plugins\emalware.234
c:\windows\BDOSCAN8\Plugins\emalware.235
c:\windows\BDOSCAN8\Plugins\emalware.236
c:\windows\BDOSCAN8\Plugins\emalware.237
c:\windows\BDOSCAN8\Plugins\emalware.238
c:\windows\BDOSCAN8\Plugins\emalware.239
c:\windows\BDOSCAN8\Plugins\emalware.240
c:\windows\BDOSCAN8\Plugins\emalware.241
c:\windows\BDOSCAN8\Plugins\emalware.242
c:\windows\BDOSCAN8\Plugins\emalware.243
c:\windows\BDOSCAN8\Plugins\emalware.244
c:\windows\BDOSCAN8\Plugins\emalware.245
c:\windows\BDOSCAN8\Plugins\emalware.246
c:\windows\BDOSCAN8\Plugins\emalware.247
c:\windows\BDOSCAN8\Plugins\emalware.248
c:\windows\BDOSCAN8\Plugins\emalware.249
c:\windows\BDOSCAN8\Plugins\emalware.250
c:\windows\BDOSCAN8\Plugins\emalware.251
c:\windows\BDOSCAN8\Plugins\emalware.252
c:\windows\BDOSCAN8\Plugins\emalware.253
c:\windows\BDOSCAN8\Plugins\emalware.254
c:\windows\BDOSCAN8\Plugins\emalware.255
c:\windows\BDOSCAN8\Plugins\emalware.256
c:\windows\BDOSCAN8\Plugins\emalware.257
c:\windows\BDOSCAN8\Plugins\emalware.258
c:\windows\BDOSCAN8\Plugins\emalware.259
c:\windows\BDOSCAN8\Plugins\emalware.260
c:\windows\BDOSCAN8\Plugins\emalware.261
c:\windows\BDOSCAN8\Plugins\emalware.262
c:\windows\BDOSCAN8\Plugins\emalware.263
c:\windows\BDOSCAN8\Plugins\emalware.264
c:\windows\BDOSCAN8\Plugins\emalware.265
c:\windows\BDOSCAN8\Plugins\emalware.266
c:\windows\BDOSCAN8\Plugins\emalware.267
c:\windows\BDOSCAN8\Plugins\emalware.268
c:\windows\BDOSCAN8\Plugins\emalware.269
c:\windows\BDOSCAN8\Plugins\emalware.270
c:\windows\BDOSCAN8\Plugins\emalware.271
c:\windows\BDOSCAN8\Plugins\emalware.272
c:\windows\BDOSCAN8\Plugins\emalware.273
c:\windows\BDOSCAN8\Plugins\emalware.274
c:\windows\BDOSCAN8\Plugins\emalware.275
c:\windows\BDOSCAN8\Plugins\emalware.276
c:\windows\BDOSCAN8\Plugins\emalware.277
c:\windows\BDOSCAN8\Plugins\emalware.278
c:\windows\BDOSCAN8\Plugins\emalware.279
c:\windows\BDOSCAN8\Plugins\emalware.280
c:\windows\BDOSCAN8\Plugins\emalware.281
c:\windows\BDOSCAN8\Plugins\emalware.282
c:\windows\BDOSCAN8\Plugins\emalware.283
c:\windows\BDOSCAN8\Plugins\emalware.284
c:\windows\BDOSCAN8\Plugins\emalware.285
c:\windows\BDOSCAN8\Plugins\emalware.286
c:\windows\BDOSCAN8\Plugins\emalware.287
c:\windows\BDOSCAN8\Plugins\emalware.288
c:\windows\BDOSCAN8\Plugins\emalware.289
c:\windows\BDOSCAN8\Plugins\emalware.290
c:\windows\BDOSCAN8\Plugins\emalware.291
c:\windows\BDOSCAN8\Plugins\emalware.292
c:\windows\BDOSCAN8\Plugins\emalware.293
c:\windows\BDOSCAN8\Plugins\emalware.294
c:\windows\BDOSCAN8\Plugins\emalware.295
c:\windows\BDOSCAN8\Plugins\emalware.296
c:\windows\BDOSCAN8\Plugins\emalware.297
c:\windows\BDOSCAN8\Plugins\emalware.298
c:\windows\BDOSCAN8\Plugins\emalware.299
c:\windows\BDOSCAN8\Plugins\emalware.300
c:\windows\BDOSCAN8\Plugins\emalware.301
c:\windows\BDOSCAN8\Plugins\emalware.302
c:\windows\BDOSCAN8\Plugins\emalware.303
c:\windows\BDOSCAN8\Plugins\emalware.304
c:\windows\BDOSCAN8\Plugins\emalware.305
c:\windows\BDOSCAN8\Plugins\emalware.306
c:\windows\BDOSCAN8\Plugins\emalware.307
c:\windows\BDOSCAN8\Plugins\emalware.308
c:\windows\BDOSCAN8\Plugins\emalware.309
c:\windows\BDOSCAN8\Plugins\emalware.310
c:\windows\BDOSCAN8\Plugins\emalware.311
c:\windows\BDOSCAN8\Plugins\emalware.312
c:\windows\BDOSCAN8\Plugins\emalware.313
c:\windows\BDOSCAN8\Plugins\emalware.314
c:\windows\BDOSCAN8\Plugins\emalware.315
c:\windows\BDOSCAN8\Plugins\emalware.316
c:\windows\BDOSCAN8\Plugins\emalware.317
c:\windows\BDOSCAN8\Plugins\emalware.318
c:\windows\BDOSCAN8\Plugins\emalware.319
c:\windows\BDOSCAN8\Plugins\emalware.320
c:\windows\BDOSCAN8\Plugins\emalware.321
c:\windows\BDOSCAN8\Plugins\emalware.322
c:\windows\BDOSCAN8\Plugins\emalware.323
c:\windows\BDOSCAN8\Plugins\emalware.324
c:\windows\BDOSCAN8\Plugins\emalware.325
c:\windows\BDOSCAN8\Plugins\emalware.326
c:\windows\BDOSCAN8\Plugins\emalware.327
c:\windows\BDOSCAN8\Plugins\emalware.328
c:\windows\BDOSCAN8\Plugins\emalware.329
c:\windows\BDOSCAN8\Plugins\emalware.330
c:\windows\BDOSCAN8\Plugins\emalware.331
c:\windows\BDOSCAN8\Plugins\emalware.332
c:\windows\BDOSCAN8\Plugins\emalware.333
c:\windows\BDOSCAN8\Plugins\emalware.334
c:\windows\BDOSCAN8\Plugins\emalware.335
c:\windows\BDOSCAN8\Plugins\emalware.336
c:\windows\BDOSCAN8\Plugins\emalware.337
c:\windows\BDOSCAN8\Plugins\emalware.338
c:\windows\BDOSCAN8\Plugins\emalware.339
c:\windows\BDOSCAN8\Plugins\emalware.340
c:\windows\BDOSCAN8\Plugins\emalware.341
c:\windows\BDOSCAN8\Plugins\emalware.342
c:\windows\BDOSCAN8\Plugins\emalware.343
c:\windows\BDOSCAN8\Plugins\emalware.344
c:\windows\BDOSCAN8\Plugins\emalware.345
c:\windows\BDOSCAN8\Plugins\emalware.346
c:\windows\BDOSCAN8\Plugins\emalware.347
c:\windows\BDOSCAN8\Plugins\emalware.348
c:\windows\BDOSCAN8\Plugins\emalware.349
c:\windows\BDOSCAN8\Plugins\emalware.350
c:\windows\BDOSCAN8\Plugins\emalware.351
c:\windows\BDOSCAN8\Plugins\emalware.352
c:\windows\BDOSCAN8\Plugins\emalware.353
c:\windows\BDOSCAN8\Plugins\emalware.354
c:\windows\BDOSCAN8\Plugins\emalware.355
c:\windows\BDOSCAN8\Plugins\emalware.356
c:\windows\BDOSCAN8\Plugins\emalware.357
c:\windows\BDOSCAN8\Plugins\emalware.358
c:\windows\BDOSCAN8\Plugins\emalware.359
c:\windows\BDOSCAN8\Plugins\emalware.360
c:\windows\BDOSCAN8\Plugins\emalware.361
c:\windows\BDOSCAN8\Plugins\emalware.362
c:\windows\BDOSCAN8\Plugins\emalware.363
c:\windows\BDOSCAN8\Plugins\emalware.364
c:\windows\BDOSCAN8\Plugins\emalware.365
c:\windows\BDOSCAN8\Plugins\emalware.366
c:\windows\BDOSCAN8\Plugins\emalware.367
c:\windows\BDOSCAN8\Plugins\emalware.368
c:\windows\BDOSCAN8\Plugins\emalware.369
c:\windows\BDOSCAN8\Plugins\emalware.c00
c:\windows\BDOSCAN8\Plugins\emalware.c01
c:\windows\BDOSCAN8\Plugins\emalware.c02
c:\windows\BDOSCAN8\Plugins\emalware.c03
c:\windows\BDOSCAN8\Plugins\emalware.c04
c:\windows\BDOSCAN8\Plugins\emalware.c05
c:\windows\BDOSCAN8\Plugins\emalware.c06
c:\windows\BDOSCAN8\Plugins\emalware.c07
c:\windows\BDOSCAN8\Plugins\emalware.c08
c:\windows\BDOSCAN8\Plugins\emalware.c09
c:\windows\BDOSCAN8\Plugins\emalware.c10
c:\windows\BDOSCAN8\Plugins\emalware.cvd
c:\windows\BDOSCAN8\Plugins\emalware.i01
c:\windows\BDOSCAN8\Plugins\emalware.i02
c:\windows\BDOSCAN8\Plugins\emalware.i03
c:\windows\BDOSCAN8\Plugins\emalware.i04
c:\windows\BDOSCAN8\Plugins\emalware.i05
c:\windows\BDOSCAN8\Plugins\emalware.i06
c:\windows\BDOSCAN8\Plugins\emalware.i07
c:\windows\BDOSCAN8\Plugins\emalware.i08
c:\windows\BDOSCAN8\Plugins\emalware.i09
c:\windows\BDOSCAN8\Plugins\emalware.i10
c:\windows\BDOSCAN8\Plugins\emalware.i11
c:\windows\BDOSCAN8\Plugins\emalware.i12
c:\windows\BDOSCAN8\Plugins\emalware.i13
c:\windows\BDOSCAN8\Plugins\emalware.i14
c:\windows\BDOSCAN8\Plugins\emalware.i15
c:\windows\BDOSCAN8\Plugins\emalware.i16
c:\windows\BDOSCAN8\Plugins\emalware.i17
c:\windows\BDOSCAN8\Plugins\emalware.i18
c:\windows\BDOSCAN8\Plugins\emalware.i19
c:\windows\BDOSCAN8\Plugins\emalware.i20
c:\windows\BDOSCAN8\Plugins\emalware.i21
c:\windows\BDOSCAN8\Plugins\emalware.i22
c:\windows\BDOSCAN8\Plugins\emalware.i23
c:\windows\BDOSCAN8\Plugins\emalware.i24
c:\windows\BDOSCAN8\Plugins\emalware.i25
c:\windows\BDOSCAN8\Plugins\emalware.i26
c:\windows\BDOSCAN8\Plugins\emalware.i27
c:\windows\BDOSCAN8\Plugins\emalware.i28
c:\windows\BDOSCAN8\Plugins\emalware.i29
c:\windows\BDOSCAN8\Plugins\emalware.i30
c:\windows\BDOSCAN8\Plugins\emalware.i31
c:\windows\BDOSCAN8\Plugins\emalware.i32
c:\windows\BDOSCAN8\Plugins\emalware.i33
c:\windows\BDOSCAN8\Plugins\emalware.i34
c:\windows\BDOSCAN8\Plugins\emalware.i35
c:\windows\BDOSCAN8\Plugins\emalware.i36
c:\windows\BDOSCAN8\Plugins\emalware.i37
c:\windows\BDOSCAN8\Plugins\emalware.i38
c:\windows\BDOSCAN8\Plugins\emalware.i39
c:\windows\BDOSCAN8\Plugins\emalware.i40
c:\windows\BDOSCAN8\Plugins\emalware.i41
c:\windows\BDOSCAN8\Plugins\emalware.i42
c:\windows\BDOSCAN8\Plugins\emalware.i43
c:\windows\BDOSCAN8\Plugins\emalware.i44
c:\windows\BDOSCAN8\Plugins\emalware.i45
c:\windows\BDOSCAN8\Plugins\emalware.i46
c:\windows\BDOSCAN8\Plugins\emalware.i47
c:\windows\BDOSCAN8\Plugins\emalware.i48
c:\windows\BDOSCAN8\Plugins\emalware.i49
c:\windows\BDOSCAN8\Plugins\emalware.i50
c:\windows\BDOSCAN8\Plugins\emalware.i51
c:\windows\BDOSCAN8\Plugins\emalware.i52
c:\windows\BDOSCAN8\Plugins\emalware.i53
c:\windows\BDOSCAN8\Plugins\emalware.i54
c:\windows\BDOSCAN8\Plugins\emalware.i55
c:\windows\BDOSCAN8\Plugins\emalware.i56
c:\windows\BDOSCAN8\Plugins\emalware.i57
c:\windows\BDOSCAN8\Plugins\emalware.i58
c:\windows\BDOSCAN8\Plugins\emalware.i59
c:\windows\BDOSCAN8\Plugins\emalware.i60
c:\windows\BDOSCAN8\Plugins\emalware.i61
c:\windows\BDOSCAN8\Plugins\emalware.i62
c:\windows\BDOSCAN8\Plugins\emalware.i63
c:\windows\BDOSCAN8\Plugins\emalware.i64
c:\windows\BDOSCAN8\Plugins\emalware.i65
c:\windows\BDOSCAN8\Plugins\emalware.i66
c:\windows\BDOSCAN8\Plugins\emalware.i67
c:\windows\BDOSCAN8\Plugins\emalware.i68
c:\windows\BDOSCAN8\Plugins\emalware.i69
c:\windows\BDOSCAN8\Plugins\emalware.i70
c:\windows\BDOSCAN8\Plugins\emalware.i71
c:\windows\BDOSCAN8\Plugins\emalware.i72
c:\windows\BDOSCAN8\Plugins\emalware.i73
c:\windows\BDOSCAN8\Plugins\emalware.i74
c:\windows\BDOSCAN8\Plugins\emalware.i75
c:\windows\BDOSCAN8\Plugins\emalware.i76
c:\windows\BDOSCAN8\Plugins\emalware.i77
c:\windows\BDOSCAN8\Plugins\emalware.i78
c:\windows\BDOSCAN8\Plugins\emalware.i79
c:\windows\BDOSCAN8\Plugins\emalware.i80
c:\windows\BDOSCAN8\Plugins\emalware.i81
c:\windows\BDOSCAN8\Plugins\emalware.i82
c:\windows\BDOSCAN8\Plugins\emalware.i83
c:\windows\BDOSCAN8\Plugins\emalware.i84
c:\windows\BDOSCAN8\Plugins\emalware.i85
c:\windows\BDOSCAN8\Plugins\emalware.i86
c:\windows\BDOSCAN8\Plugins\emalware.i87
c:\windows\BDOSCAN8\Plugins\emalware.i88
c:\windows\BDOSCAN8\Plugins\emalware.i89
c:\windows\BDOSCAN8\Plugins\emalware.i90
c:\windows\BDOSCAN8\Plugins\emalware.i91
c:\windows\BDOSCAN8\Plugins\emalware.i92
c:\windows\BDOSCAN8\Plugins\emalware.i93
c:\windows\BDOSCAN8\Plugins\emalware.i94
c:\windows\BDOSCAN8\Plugins\emalware.i95
c:\windows\BDOSCAN8\Plugins\emalware.i96
c:\windows\BDOSCAN8\Plugins\emalware.i97
c:\windows\BDOSCAN8\Plugins\emalware.i98
c:\windows\BDOSCAN8\Plugins\emalware.i99
c:\windows\BDOSCAN8\Plugins\emalware.ivd
c:\windows\BDOSCAN8\Plugins\emalware.xmd
c:\windows\BDOSCAN8\Plugins\epoc.xmd
c:\windows\BDOSCAN8\Plugins\gvmscripts.cvd
c:\windows\BDOSCAN8\Plugins\gzip.xmd
c:\windows\BDOSCAN8\Plugins\ha.xmd
c:\windows\BDOSCAN8\Plugins\hlp.xmd
c:\windows\BDOSCAN8\Plugins\hpe.cvd
c:\windows\BDOSCAN8\Plugins\hpe.xmd
c:\windows\BDOSCAN8\Plugins\hqx.xmd
c:\windows\BDOSCAN8\Plugins\html.xmd
c:\windows\BDOSCAN8\Plugins\chm.xmd
c:\windows\BDOSCAN8\Plugins\imp.xmd
c:\windows\BDOSCAN8\Plugins\inno.xmd
c:\windows\BDOSCAN8\Plugins\instyler.xmd
c:\windows\BDOSCAN8\Plugins\iso.xmd
c:\windows\BDOSCAN8\Plugins\java.cvd
c:\windows\BDOSCAN8\Plugins\java.xmd
c:\windows\BDOSCAN8\Plugins\jpeg.xmd
c:\windows\BDOSCAN8\Plugins\lha.xmd
c:\windows\BDOSCAN8\Plugins\lnk.xmd
c:\windows\BDOSCAN8\Plugins\mbox.xmd
c:\windows\BDOSCAN8\Plugins\mbx.xmd
c:\windows\BDOSCAN8\Plugins\mdx.xmd
c:\windows\BDOSCAN8\Plugins\mdx_97.cvd
c:\windows\BDOSCAN8\Plugins\mdx_97.ivd
c:\windows\BDOSCAN8\Plugins\mdx_w95.cvd
c:\windows\BDOSCAN8\Plugins\mdx_x95.cvd
c:\windows\BDOSCAN8\Plugins\mdx_xf.cvd
c:\windows\BDOSCAN8\Plugins\mime.xmd
c:\windows\BDOSCAN8\Plugins\mobmalware.cvd
c:\windows\BDOSCAN8\Plugins\mobmalware.xmd
c:\windows\BDOSCAN8\Plugins\mso.xmd
c:\windows\BDOSCAN8\Plugins\na.cvd
c:\windows\BDOSCAN8\Plugins\na.xmd
c:\windows\BDOSCAN8\Plugins\nelf.cvd
c:\windows\BDOSCAN8\Plugins\nelf.xmd
c:\windows\BDOSCAN8\Plugins\nsis.xmd
c:\windows\BDOSCAN8\Plugins\objd.xmd
c:\windows\BDOSCAN8\Plugins\orice.rvd
c:\windows\BDOSCAN8\Plugins\pdf.xmd
c:\windows\BDOSCAN8\Plugins\proc.xmd
c:\windows\BDOSCAN8\Plugins\pst.xmd
c:\windows\BDOSCAN8\Plugins\rar.xmd
c:\windows\BDOSCAN8\Plugins\regarch.cvd
c:\windows\BDOSCAN8\Plugins\regarch.xmd
c:\windows\BDOSCAN8\Plugins\regscan.cvd
c:\windows\BDOSCAN8\Plugins\regscan.xmd
c:\windows\BDOSCAN8\Plugins\rpm.xmd
c:\windows\BDOSCAN8\Plugins\rtf.xmd
c:\windows\BDOSCAN8\Plugins\rup.cvd
c:\windows\BDOSCAN8\Plugins\rup.xmd
c:\windows\BDOSCAN8\Plugins\sdx.cvd
c:\windows\BDOSCAN8\Plugins\sdx.ivd
c:\windows\BDOSCAN8\Plugins\sdx.xmd
c:\windows\BDOSCAN8\Plugins\sfx.xmd
c:\windows\BDOSCAN8\Plugins\swf.xmd
c:\windows\BDOSCAN8\Plugins\tar.xmd
c:\windows\BDOSCAN8\Plugins\td0.xmd
c:\windows\BDOSCAN8\Plugins\thebat.xmd
c:\windows\BDOSCAN8\Plugins\tnef.xmd
c:\windows\BDOSCAN8\Plugins\uif.xmd
c:\windows\BDOSCAN8\Plugins\unpack.cvd
c:\windows\BDOSCAN8\Plugins\unpack.ivd
c:\windows\BDOSCAN8\Plugins\unpack.xmd
c:\windows\BDOSCAN8\Plugins\update.txt
c:\windows\BDOSCAN8\Plugins\uudecode.xmd
c:\windows\BDOSCAN8\Plugins\ve.cvd
c:\windows\BDOSCAN8\Plugins\ve.ivd
c:\windows\BDOSCAN8\Plugins\ve.xmd
c:\windows\BDOSCAN8\Plugins\vedata.cvd
c:\windows\BDOSCAN8\Plugins\viza.xmd
c:\windows\BDOSCAN8\Plugins\wise.xmd
c:\windows\BDOSCAN8\Plugins\xar.xmd
c:\windows\BDOSCAN8\Plugins\xcookies.xmd
c:\windows\BDOSCAN8\Plugins\xishield.xmd
c:\windows\BDOSCAN8\Plugins\xlmrd.cvd
c:\windows\BDOSCAN8\Plugins\xlmrd.ivd
c:\windows\BDOSCAN8\Plugins\z.xmd
c:\windows\BDOSCAN8\Plugins\zip.xmd
c:\windows\BDOSCAN8\Plugins\zoo.xmd
c:\windows\BDOSCAN8\rtvr.html
c:\windows\BDOSCAN8\rtvr_rep.html
c:\windows\BDOSCAN8\rtvr2.html
c:\windows\BDOSCAN8\scanoptions.tsi
c:\windows\BDOSCAN8\scanoptions.tsk
c:\windows\BDOSCAN8\scanrep.html
c:\windows\BDOSCAN8\scanres.html
c:\windows\BDOSCAN8\scanres2.html
c:\windows\BDOSCAN8\versions.dat.E1C5D885B85ECDBC2003620A013AC736
c:\windows\BDOSCAN8\versions.dat.E658AEFE91DB8F659AA487CA0F96AD22

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-04-28 do 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-27 21:02 . 2009-05-27 21:02 -------- d-----w c:\program files\Java
2009-05-27 11:50 . 2009-05-27 11:50 82080 ----a-w c:\windows\system32\drivers\inspect.sys
2009-05-27 11:50 . 2009-05-27 11:50 24096 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-05-27 11:50 . 2009-05-27 11:50 168208 ----a-w c:\windows\system32\guard32.dll
2009-05-27 11:50 . 2009-05-27 11:50 132640 ----a-w c:\windows\system32\drivers\cmdguard.sys
2009-05-25 13:26 . 2009-05-28 18:30 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-24 22:48 . 2009-05-25 08:59 -------- d-----w c:\documents and settings\mami
2009-05-22 16:36 . 2009-05-23 22:01 -------- d-sh--w C:\RECYCLER(2)
2009-05-21 14:26 . 2009-05-23 22:01 -------- d-----w c:\program files\QuickMediaConverter
2009-05-16 20:00 . 2009-05-26 11:19 19096 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-16 20:00 . 2009-05-26 11:20 40160 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 20:00 . 2009-05-27 20:47 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-16 10:21 . 2009-05-16 10:21 -------- d-----w c:\documents and settings\LocalService\Plocha
2009-05-16 10:11 . 2009-05-24 15:35 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-16 10:09 . 2009-05-24 15:27 -------- d-----w c:\program files\Lavasoft
2009-05-13 17:54 . 2009-05-13 17:54 -------- d-----w c:\program files\Trend Micro
2009-05-12 11:53 . 2009-05-21 08:15 -------- d-----w c:\program files\DivX
2009-05-10 09:41 . 2009-05-11 04:56 -------- dc----w c:\program files\WinAce
2009-05-07 06:06 . 2009-05-07 06:06 -------- d-----w c:\program files\SMPlayer
2009-05-06 09:43 . 2009-05-06 09:43 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-05-04 19:20 . 2009-05-04 19:20 -------- d-----w C:\temp
2009-05-04 18:59 . 2001-08-18 04:36 8704 -c--a-w c:\windows\system32\dllcache\kbdjpn.dll
2009-05-04 18:59 . 2001-08-18 04:36 8704 ----a-w c:\windows\system32\kbdjpn.dll
2009-05-04 18:59 . 2001-08-18 04:36 8192 -c--a-w c:\windows\system32\dllcache\kbdkor.dll
2009-05-04 18:59 . 2001-08-18 04:36 8192 ----a-w c:\windows\system32\kbdkor.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd106.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd106.dll
2009-05-04 18:59 . 2001-08-17 20:55 5632 -c--a-w c:\windows\system32\dllcache\kbd103.dll
2009-05-04 18:59 . 2001-08-17 20:55 5632 ----a-w c:\windows\system32\kbd103.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101c.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101b.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd101c.dll
2009-05-04 18:59 . 2001-08-17 20:55 6144 ----a-w c:\windows\system32\kbd101b.dll
2009-05-04 18:55 . 2009-05-16 11:56 -------- d-----w c:\windows\Replay Converter 3
2009-05-03 19:09 . 2009-05-04 18:38 -------- d-----w c:\program files\Free Screen Recorder

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-27 21:02 . 2009-03-13 21:42 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-27 11:50 . 2008-10-18 20:26 -------- d-----w c:\program files\COMODO
2009-05-13 17:48 . 2009-05-23 21:58 261246 ----a-w c:\windows\PCHealth\HelpCtr\Config\Cache\Professional_32_1029.dat
2009-05-06 11:00 . 2008-11-22 18:46 -------- d-----w c:\program files\Common Files\Adobe
2009-05-04 19:41 . 2006-11-25 11:29 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-04 19:12 . 2006-11-25 11:44 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-04-22 20:14 . 2007-10-08 16:36 -------- d-----w c:\program files\Common Files\Logitech
2009-04-22 07:49 . 2009-04-22 07:49 -------- d-----w c:\program files\InCode Solutions
2009-04-14 08:46 . 2008-10-18 20:29 253688 ----a-w c:\windows\system32\cssdll32.dll
2009-03-29 09:22 . 2003-04-16 12:00 70376 ----a-w c:\windows\system32\perfc005.dat
2009-03-29 09:22 . 2003-04-16 12:00 394788 ----a-w c:\windows\system32\perfh005.dat
2009-03-26 10:07 . 2009-03-26 10:07 59904 ----a-w c:\windows\system32\zlib1.dll
2009-03-26 10:03 . 2009-03-26 10:03 286720 ----a-w c:\windows\system32\libcurl.dll
2009-03-26 10:03 . 2009-03-26 10:03 196608 ----a-w c:\windows\system32\ssleay32.dll
2009-03-26 10:03 . 2009-03-26 10:03 1028096 ----a-w c:\windows\system32\libeay32.dll
2009-03-26 10:03 . 2009-03-26 10:03 143360 ----a-w c:\windows\system32\libexpatw.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\RECYCLER(2) ----

2009-05-22 16:36 . 2009-05-22 16:54 20 ---ha-w c:\recycler(2)\S-1-5-21-57989841-823518204-839522115-1003(2)\INFO2


((((((((((((((((((((((((((((( SnapShot@2009-05-24_12.49.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-29 05:30 . 2009-05-29 05:30 16384 c:\windows\Temp\Perflib_Perfdata_614.dat
+ 2009-05-29 20:23 . 2009-05-29 20:23 16384 c:\windows\Temp\Perflib_Perfdata_2bc.dat
+ 2009-05-24 22:44 . 2009-05-24 15:35 64160 c:\windows\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.sys
+ 2009-05-24 15:28 . 2009-03-09 19:06 64160 c:\windows\system32\DRVSTORE\lbd_1D149FE61E2CD0936E43877117FE3EF0674B9944\Lbd.sys
+ 2006-11-25 11:00 . 2009-05-24 15:33 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-11-25 11:00 . 2009-05-22 15:55 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-11-25 11:00 . 2009-05-22 15:55 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-11-25 11:00 . 2009-05-24 15:33 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-01-05 13:44 . 2009-01-05 13:44 53248 c:\windows\bdoscandel.exe
+ 2009-05-27 21:03 . 2009-05-27 21:02 148888 c:\windows\system32\javaws.exe
+ 2009-05-27 21:03 . 2009-05-27 21:02 144792 c:\windows\system32\javaw.exe
+ 2009-05-27 21:03 . 2009-05-27 21:02 144792 c:\windows\system32\java.exe
- 2009-04-22 20:01 . 2009-04-22 20:01 364726 c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe
+ 2009-05-25 08:02 . 2009-05-25 08:02 364726 c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe
+ 2009-01-05 13:44 . 2009-01-05 13:44 741376 c:\windows\Downloaded Program Files\CONFLICT.1\ipsupd.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-28 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2003-12-13 33792]
"AudioDeck"="c:\program files\VIAudioi\SBADeck\ADeck.exe" [2005-09-06 450560]
"NeroFilterCheck"="c:\windows\System32\NeroCheck.exe" [2001-07-09 155648]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"LogitechCameraAssistant"="c:\program files\Logitech\Video\CameraAssistant.exe" [2005-12-07 489472]
"LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2005-12-07 08:33 73728]
"LogitechCameraService(E)"="c:\windows\System32\ElkCtrl.exe" [2004-11-01 262144]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-28 518488]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-27 148888]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-05-27 1794320]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-08 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2006-03-23 176128]
"NWEReboot"="" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-7-14 1183744]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16.5.2009 12:11 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.12.2008 23:44 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [27.5.2009 13:50 132640]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [27.5.2009 13:50 24096]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.12.2008 23:44 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [21.11.2008 19:43 222456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1005904]
.
Obsah adresáře 'Naplánované úlohy'

2009-05-24 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 18:30]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-COMODO Firewall Pro - c:\program files\COMODO\Firewall\cfp.exe


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {73C54A5A-2553-43DD-BEDF-A0806C989A84} = 10.18.219.1,10.138.0.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-29 22:48
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(824)
c:\windows\system32\guard32.dll
.
Celkový čas: 2009-05-29 22:51
ComboFix-quarantined-files.txt 2009-05-29 20:50
ComboFix2.txt 2009-05-24 12:51
ComboFix3.txt 2009-05-22 16:30

Před spuštěním: Volných bajtů: 110 460 940 288
Po spuštění: Volných bajtů: 113 055 170 560

890 --- E O F --- 2008-06-20 17:57
********************************************************************************
********************************************************************************
********************************************************************************

[maxxell]

Výpisy z HJC

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:08:02, on 29.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/ ... leId=29223
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C54A5A-2553-43DD-BEDF-A0806C989A84}: NameServer = 10.18.219.1,10.138.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)

--
End of file - 10776 bytes
*********************************************************************
***********************************************************************
********************************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:32, on 29.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/ ... leId=29223
O17 - HKLM\System\CCS\Services\Tcpip\..\{73C54A5A-2553-43DD-BEDF-A0806C989A84}: NameServer = 10.18.219.1,10.138.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)

--
End of file - 10306 bytes