Při surfování vyskakují okna s reklamou Vyřešeno

[jaro3]

Vypni zase rez. ochranu antiviru +štít u ST.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT dávat nemusíš..

[Reklama]

[samanxxl]

toto mi vzdy vypisuje combofix tak čo s tym???


DISCLAIMER OF WARRANTY ON SOFTWARE.
---------------------------
The following websites are not in any way affiliated to ComboFix:



http://www.combofix.org/

http://www.combofixdownload.com/



If you have purchased anything from them, I suggest you instruct your

financiers to cancel the transaction.



----------------------- -----------------------



A guide on proper ComboFix usage may be found at:

http://www.bleepingcomputer.com/combofi ... e-combofix



ComboFix is meant for private use. It should never be used in an

unsupervised environment. If infections are found, it will automatically

reboot the machine to complete the removal process. Please ensure all

opened windows are closed before proceeding.



This software is provided 'as is', without warranty of any kind. All

implied warranties are expressly disclaimed. If you do not agree to the

above terms, please click No to exit
---------------------------
Áno Nie
---------------------------

[jaro3]

Dej ano , je to upozornění že program je bez záruky..
A upozornění že následující stránky , nemají s Combofixem nic společného atd.
Normálně proveď ten script.

[samanxxl]

ComboFix 09-07-25.06 - martin . 07. 2009 17:52.4.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.2047.944 [GMT 2:00]
Running from: c:\users\martin\Desktop\Downloads\ComboFix.exe
Command switches used :: c:\users\martin\Desktop\CFScript.txt
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-06-26 to 2009-07-26 )))))))))))))))))))))))))))))))
.

2009-07-26 07:52 . 2009-07-26 07:52 -------- d-----w- c:\users\martin\AppData\Roaming\Malwarebytes
2009-07-26 07:52 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-26 07:52 . 2009-07-26 07:52 -------- d-----w- c:\programdata\Malwarebytes
2009-07-26 07:52 . 2009-07-26 07:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-26 07:52 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-26 06:13 . 2009-07-26 06:13 -------- d-----w- c:\program files\Trend Micro
2009-07-25 03:52 . 2009-07-25 03:52 -------- d-----w- c:\program files\Crawler
2009-07-25 03:52 . 2009-07-25 03:52 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2009-07-25 03:52 . 2009-07-25 03:52 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2009-07-25 03:52 . 2009-07-25 03:52 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-07-25 03:52 . 2009-07-26 15:41 -------- d-----w- c:\users\martin\AppData\Roaming\Spyware Terminator
2009-07-25 03:52 . 2009-07-25 05:43 -------- d-----w- c:\programdata\Spyware Terminator
2009-07-25 03:52 . 2009-07-26 06:05 -------- d-----w- c:\program files\Spyware Terminator
2009-07-24 19:40 . 2009-07-24 19:40 -------- d-----w- c:\users\martin\AppData\Roaming\Uniblue
2009-07-24 19:33 . 2009-07-24 19:37 -------- d-----w- c:\programdata\PrevxCSI
2009-07-17 20:53 . 2009-07-26 09:04 -------- d-----w- c:\users\martin\Tracing
2009-07-17 20:53 . 2009-07-17 20:53 592947 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\HJSetup.exe
2009-07-17 20:53 . 2009-07-17 20:53 595765 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\AdwareSetup.exe
2009-07-17 20:53 . 2009-07-13 10:01 3004139 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\Setup.exe
2009-07-17 20:53 . 2009-07-17 20:53 -------- dc-h--w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}
2009-07-17 17:27 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-17 17:27 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 17:27 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-17 17:27 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-17 17:27 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\ca-ES
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\eu-ES
2009-07-07 23:59 . 2009-07-08 00:00 -------- d-----w- c:\windows\system32\vi-VN
2009-07-07 22:06 . 2009-07-07 22:06 -------- d-----w- c:\windows\system32\EventProviders
2009-07-07 22:00 . 2009-04-11 06:28 670720 ----a-w- c:\windows\system32\mssvp.dll
2009-07-07 21:59 . 2009-04-11 06:28 152576 ----a-w- c:\windows\system32\wbem\wmiprov.dll
2009-07-07 21:58 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-07-07 21:58 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-07-07 21:58 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-07-07 21:58 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-07-07 21:58 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-07-07 21:58 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-07-07 21:58 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-07-07 21:58 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-07-07 21:58 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-07-07 21:58 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-07-07 21:58 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-07-07 05:31 . 2009-07-07 05:31 -------- d-----w- c:\program files\ESET
2009-07-02 12:09 . 2009-07-02 12:09 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-27 08:06 . 2009-06-27 08:06 -------- d-----w- c:\program files\Google
2009-06-27 07:19 . 2009-07-03 07:17 -------- d-----w- c:\users\martin\AppData\Roaming\DivX
2009-06-27 06:57 . 2009-07-02 12:10 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-06-27 06:56 . 2009-07-02 12:10 -------- d-----w- c:\program files\DivX

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-26 15:47 . 2008-05-16 10:17 -------- d-----w- c:\users\martin\AppData\Roaming\OpenOffice.org2
2009-07-26 13:35 . 2008-09-07 14:28 7930 ----a-w- c:\windows\system32\perfc01B.dat
2009-07-26 13:35 . 2008-09-07 14:28 28910 ----a-w- c:\windows\system32\perfh01B.dat
2009-07-26 09:01 . 2008-09-29 16:26 -------- d-----w- c:\program files\ICQToolbar
2009-07-24 08:23 . 2009-05-30 08:16 -------- d-----w- c:\program files\Windows Live
2009-07-22 17:45 . 2009-05-29 14:59 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-19 18:10 . 2008-05-19 14:01 27934 ----a-w- c:\users\martin\AppData\Roaming\nvModes.dat
2009-07-17 18:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-13 10:01 . 2009-07-17 20:52 262424 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\D5797E3B\3E688669\stbYahoo9.dll
2009-07-13 10:01 . 2009-07-17 20:52 254232 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\6216A4BD\3E688669\stbYahoo8.dll
2009-07-13 10:01 . 2009-07-17 20:52 872728 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\B75FA91E\3E688669\stbsvc.exe
2009-07-13 10:01 . 2009-07-17 20:52 205080 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\stbsh.dll
2009-07-13 10:01 . 2009-07-17 20:52 479512 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\stbpx.exe
2009-07-13 10:01 . 2009-07-17 20:52 229656 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\628759C1\3E688669\stbOLEX.dll
2009-07-13 10:01 . 2009-07-17 20:52 205080 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\A26F7F7\3E688669\stbOL.dll
2009-07-13 10:01 . 2009-07-17 20:52 323864 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\B3AC8875\3E688669\stbMsn.dll
2009-07-13 10:01 . 2009-07-17 20:52 229656 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\C3C6C2CD\3E688669\stbIE.dll
2009-07-13 10:01 . 2009-07-17 20:52 491800 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\BED3DEFB\3E688669\stbasst.exe
2009-07-13 10:01 . 2009-07-17 20:52 94488 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\15D3A7BB\3E688669\stbappHelper.exe
2009-07-13 09:21 . 2009-07-17 20:52 423528 -c--a-w- c:\programdata\{F444439B-B473-48E8-8DE5-4CB929C79A9F}\OFFLINE\mFileBagIDE.dll\bag\SSD.exe
2009-07-09 19:18 . 2008-01-15 14:16 -------- d-----w- c:\program files\Autodesk
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-07-08 00:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-07-07 23:59 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-07 22:20 . 2006-11-02 12:37 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.CompositeFont
2009-07-02 10:22 . 2008-09-09 06:11 -------- d-----w- c:\users\martin\AppData\Roaming\ICQ
2009-06-28 15:24 . 2008-10-15 20:09 -------- d-----w- c:\programdata\Lx_cats
2009-06-06 11:22 . 2008-05-27 19:12 -------- d-----w- c:\users\martin\AppData\Roaming\dvdcss
2009-06-04 07:06 . 2008-01-15 13:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-30 08:18 . 2009-05-30 08:18 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-30 08:18 . 2009-05-30 08:18 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-05-30 08:16 . 2009-05-30 08:16 -------- d-----w- c:\program files\Microsoft
2009-05-30 08:16 . 2009-05-30 08:16 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-05-30 08:05 . 2009-05-30 08:05 -------- d-----w- c:\program files\Common Files\Windows Live
2009-05-30 01:11 . 2008-01-15 13:33 133792 ----a-w- c:\users\martin\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-30 01:02 . 2009-02-23 08:40 -------- d-----w- c:\program files\Microsoft Works
2009-05-13 21:56 . 2008-05-19 19:21 120056 ------w- c:\windows\system32\PxCpyI64.exe
2009-05-13 21:56 . 2008-05-19 19:21 118520 ------w- c:\windows\system32\PxInsI64.exe
2009-05-09 05:50 . 2009-06-10 15:12 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 15:12 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-07-15 21:16 . 2009-07-25 04:07 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-26_09.26.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-15 13:43 . 2009-07-26 13:32 65776 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-01-15 13:35 . 2009-07-26 13:32 14930 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-376572297-1698153229-1159175207-1000_UserData.bin
- 2008-01-15 13:35 . 2009-07-26 09:05 14930 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-376572297-1698153229-1159175207-1000_UserData.bin
+ 2006-11-02 10:33 . 2009-07-26 13:35 97558 c:\windows\System32\perfc009.dat
+ 2006-11-02 13:02 . 2009-07-26 13:32 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2009-07-26 09:17 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-07-26 13:32 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2009-07-26 09:17 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-07-26 13:32 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2009-07-26 09:17 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-26 13:30 . 2009-07-26 13:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-07-26 09:03 . 2009-07-26 09:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-07-26 13:30 . 2009-07-26 13:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-26 09:03 . 2009-07-26 09:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-05-16 05:28 . 2009-07-26 14:25 257076 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 13:05 . 2009-07-26 13:32 102878 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2009-07-26 13:35 583486 c:\windows\System32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-27 39408]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-07-25 3055616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-01 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-01 8501792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-01 81920]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-01 111928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"lxdxmon.exe"="c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe" [2008-03-20 668328]
"lxdxamon"="c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe" [2008-03-20 16040]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-27 68592]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-06-15 1826816]

c:\users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2005-10-15 61440]
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-5-19 344064]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-18 2752512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):1f,24,8c,5b,a6,ff,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C3BD0920-C8C1-4CA8-B666-D4F42817C692}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{2B5ACBB4-6083-48F6-9FB5-11D4558F1100}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{16E75630-83CB-4254-87B3-A48693299CAD}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{3BE57484-51FC-46B7-A0B8-49E6ED361C41}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{6A4B307B-70B8-4FF3-BEE3-6F0536713EFB}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F884B328-8288-45DD-B9EC-9069CE376608}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{F2811459-4B64-44A8-8BC2-98D588DB717F}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{FA74535B-FDA5-4382-92D8-7EABE25F6468}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{28135AF5-7E48-4C54-8687-54A325D60E12}"= UDP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{93940113-BB1D-4453-8D42-E0D97819D3CF}"= TCP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{7F5EB104-C27F-45C2-B66E-E11DD905E4C3}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{B8FA7F16-C57D-4076-83EF-9583ACA223F6}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{6088AAB0-451C-449D-8F35-3DC90A83E2D8}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{1BFE01BB-3EA6-4749-A8DF-56341B63B434}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{4F5D4B75-EA99-491D-BB43-CBE0691FC7AE}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{1674EA1E-4C17-41A6-9DA6-42026039650F}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{BC2795F3-9CE1-4DA0-95EA-5C5966BB3F87}"= UDP:c:\users\martin\AppData\Local\Temp\lxdx\wireless\lxdxwpss.exe:
"{8C4B22D2-415E-4F15-A228-F129E2D3FEDA}"= TCP:c:\users\martin\AppData\Local\Temp\lxdx\wireless\lxdxwpss.exe:
"{744CF8AD-EFDD-4D3C-AF2C-A05ED2B0DC90}"= UDP:c:\windows\System32\lxdxcfg.exe:Printer Communication System
"{791F485B-E48E-4156-99A4-98A9874C98E3}"= TCP:c:\windows\System32\lxdxcfg.exe:Printer Communication System
"{26CD0AEF-5C82-4D3C-B460-D13497622915}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{96FB4766-0345-405E-821F-AEB58ABE19A2}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{F4FE5718-F06F-4A9F-B911-E14D190ED94D}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{CA05DCBD-2CB6-458C-8AEF-C2D7A2B17536}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{EC68F6FA-93B8-4863-9E4C-69F321301989}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxjswx.exe:Job Status Window Interface
"{8A9D22B7-A8AC-41AE-AF5C-3C7EC578C05C}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxjswx.exe:Job Status Window Interface
"{5DD681A9-B72E-4F14-9741-44FEDE3F4965}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{81B620F5-165E-4535-84CF-D7FD1413E3DD}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{D0272232-F126-4FEC-B0AE-B6D7900EBC26}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{5EBEA2EB-04EB-4455-A52E-5ACF875E0C08}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{CD49AF9B-94E5-44FC-B2F9-C84894F55EEE}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"{B7118F57-544D-4D90-B0ED-5144BD9BF298}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editor
"TCP Query User{E82A3B4B-AE4B-4ADA-A043-8E01F8B8C977}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{1C88FE5B-841A-4276-9412-216FED1D86D2}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"{F91BE8CF-AC1E-4B02-ABA1-35ED8B7393CC}"= UDP:c:\program files\Lexmark 3600-4600 Series\frun.exe:Lexmark Productivity Studio
"{0CE0E0AF-4CB9-4E81-8587-F76BB01BF669}"= TCP:c:\program files\Lexmark 3600-4600 Series\frun.exe:Lexmark Productivity Studio
"TCP Query User{3390716B-5571-4DEE-B92D-74B5228AA026}c:\\program files\\icq6.5\\icq.exe"= UDP:c:\program files\icq6.5\icq.exe:ICQ
"UDP Query User{31EE7B89-0275-4071-A846-42AADADF399B}c:\\program files\\icq6.5\\icq.exe"= TCP:c:\program files\icq6.5\icq.exe:ICQ
"{1507AD7F-4777-4921-9B71-77B4F7152EB1}"= UDP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{3B69E4F0-E764-4A76-B024-CB71F03C0C90}"= TCP:c:\windows\System32\lxdxcoms.exe:Lexmark Communications System
"{433A3F9A-BD20-4DDE-8DE9-BC5AC6F5958E}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"{943BAE19-B963-4D46-B18E-DFCD3DFC2662}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe:Lexmark Device Monitor
"TCP Query User{896CEE9E-0BB8-43B9-8280-4024ACDE76FE}c:\\program files\\lexmark 3600-4600 series\\frun.exe"= UDP:c:\program files\lexmark 3600-4600 series\frun.exe:Lexmark Productivity Studio
"UDP Query User{6D1A72D4-5779-473C-832E-B8704620F6E7}c:\\program files\\lexmark 3600-4600 series\\frun.exe"= TCP:c:\program files\lexmark 3600-4600 series\frun.exe:Lexmark Productivity Studio
"{2A3FE0AF-480C-4EDA-88C8-54FD367B4BD9}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{F4205E8B-5044-4E69-95CA-098F82C2D591}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{AA6CCCC0-41CD-4EF3-990D-8340FCCE7D3D}"= UDP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{4CEF68BE-0584-4AED-8079-AD4DD02DC52D}"= TCP:c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe:Printer Device Monitor
"{332C02E2-7AEB-49C0-8A17-1D757D562967}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{30F04D3D-0024-4F6E-B9CE-49C3C14E9A4B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxpswx.exe:Printer Status Window Interface
"{9922594C-45B9-4A68-AEF4-68BC7C137645}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{35BA3316-A273-4EB4-A290-538DCC5F7553}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxtime.exe:Lexmark Connect Time Executable
"{960C5491-AE01-4AEF-BF6C-EF98E7145D00}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdxwbgw.exe:Lexmark Web Gateway
"{6B48346F-6A38-4092-834D-78E137AD62D8}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdxwbgw.exe:Lexmark Web Gateway
"{A6AF2C41-D144-4538-82FE-007F156E6F2B}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{5C01BA4D-00F2-4CDF-8DF5-5063EAF75DFC}c:\\program files\\spyware terminator\\spywareterminatorupdate.exe"= UDP:c:\program files\spyware terminator\spywareterminatorupdate.exe:Crawler Spyware Terminator
"UDP Query User{7C72619A-034A-4693-83F3-F35E1529998A}c:\\program files\\spyware terminator\\spywareterminatorupdate.exe"= TCP:c:\program files\spyware terminator\spywareterminatorupdate.exe:Crawler Spyware Terminator

R0 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [3. 4. 2007 11:04 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [2. 4. 2007 17:11 35712]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6. 2. 2009 14:23 106208]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [25. 7. 2009 5:52 142592]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6. 2. 2009 14:23 727720]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [6. 2. 2009 14:24 92800]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29. 9. 2008 18:55 222456]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdxserv.exe [18. 5. 2009 7:59 98984]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Crawler Search - tbr:iemenu
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\59zw2mmu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.azet.sk/
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-26 17:55
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\users\martin\AppData\Local\Temp\catchme.dll 53248 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2009-07-26 17:57
ComboFix-quarantined-files.txt 2009-07-26 15:57
ComboFix2.txt 2009-07-26 13:42
ComboFix3.txt 2009-07-26 13:12
ComboFix4.txt 2009-07-26 09:28

Pre-Run: 25 269 456 896 bytes free
Post-Run: 25 122 430 976 bytes free

333 --- E O F --- 2009-07-23 17:13

[jaro3]

Stáhni si program OTM (by OldTimer)

a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE

Kód: Vybrat vše

:Processes
explorer.exe

:Services

:Reg

:Files
c:\users\martin\AppData\Roaming\nvModes.dat

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.

Pak ještě nový log z HJT.

[samanxxl]

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
c:\users\martin\AppData\Roaming\nvModes.dat moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: martin
->Temp folder emptied: 32179 bytes
->Temporary Internet Files folder emptied: 305539648 bytes
->FireFox cache emptied: 76702924 bytes
->Google Chrome cache emptied: 7997252 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 1248 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 372,19 mb


OTM by OldTimer - Version 3.0.0.5 log created on 07262009_180920

Files moved on Reboot...

Registry entries deleted on Reboot...

[samanxxl]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:19, on 26. 7. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8240 bytes

[jaro3]

Logy O.K.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš --pokud s ním budou ve vistě problémy , tak neaplikuj.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Nainstaluj javu:
Java SE Runtime Environment 6u14
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u14-windows-i586-p.exe

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , fajfku.

[samanxxl]

Problemy su vyriesene.Dakujem za pomoc