Pomalé PC + částečně fungující net

net.x · Příspěvekod **net.x** » 07 zář 2009 21:31

Zdravím,
zkoušel jsem najít řešení v už založených tématech, ale zdá se mi, že to tady ještě není, proto se omlouvám, jestli je to tady už někde řešeno.
Začalo to zpomalením nabíhání notebooku, ale to by mě tak nevadilo, jako to, že mi přestal fungovat net.
Nabíhají pouze vybrané stránky jako Centrum.cz (ale do mailu se nedostanu), Stahuj.cz (ale nejdou stahovat aplikace), PC-help.cz (to jste asi poznali), Google.cz (někdy) a to je skoro všechno. Vygooglim spoustu adres, ale na většinu se nedostanu.
ediné, co se mi zatím podařilo stáhnout, je DDS (log mám uložený), HJT zatím bohužel.
Pokud někdo ví, co bych mohl udělat kromě reinstalace PC, prosím o radu...

LOG z DDS:
DDS (Ver_09-07-30.01) - NTFSx86
Run by Olaf at 21:02:22,22 on po 07.09.2009
Internet Explorer: 7.0.6002.18005
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1789.880 [GMT 2:00]

AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\AcerOrbiCam.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\taskeng.exe
C:\Users\Olaf\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
C:\Windows\explorer.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Olaf\Desktop\dds.pif
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.centrum.cz/
uSEARCH PAGE = hxxp://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://cs.intl.acer.yahoo.com
mDefault_Page_URL = hxxp://cs.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No File
uRun: [<NO NAME>]
uRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [USDownloader] "c:\downloads\usdownloader\USDownloader.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PCMService] "c:\program files\acer\acer arcade\PCMService.exe"
mRun: [SetPanel]
mRun: [LManager] c:\progra~1\launch~1\QtZgAcer.EXE
mRun: [WarReg_PopUp] c:\acer\wr_popup\WarReg_PopUp.exe
mRun: [Acer OrbiCam] c:\windows\AcerOrbiCam.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: csob.cz\ib24
Trusted Zone: postovnisporitelna.cz\maxibps
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\olaf\appdata\roaming\mozilla\firefox\profiles\pduu2ic1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\olaf\appdata\roaming\mozilla\firefox\profiles\pduu2ic1.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\users\olaf\appdata\roaming\mozilla\firefox\profiles\pduu2ic1.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\olaf\appdata\roaming\mozilla\firefox\profiles\pduu2ic1.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\olaf\appdata\roaming\mozilla\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.SOAPEncoding.schemaCollection", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-6 64160]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-3-19 107256]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-3-19 731840]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1029456]
S2 gupdate1ca08b975decefe;Služba Google Update (gupdate1ca08b975decefe);c:\program files\google\update\GoogleUpdate.exe [2009-7-19 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-3-19 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-7-19 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-7-19 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-7-19 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-7-19 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-7-19 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-7-19 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-7-19 115752]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2007-5-18 80744]

=============== Created Last 30 ================

2009-09-07 20:17 <DIR> --d----- c:\users\olaf\appdata\roaming\Malwarebytes
2009-09-07 20:17 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-07 20:17 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-09-07 20:17 <DIR> --d----- c:\programdata\Malwarebytes
2009-09-07 20:17 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-07 20:17 <DIR> --d----- c:\progra~2\Malwarebytes
2009-09-03 10:42 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-09-03 10:42 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-27 00:30 2,048 a------- c:\windows\system32\tzres.dll
2009-08-16 15:56 <DIR> --d----- c:\programdata\TVU Networks
2009-08-16 15:56 <DIR> --d----- c:\progra~2\TVU Networks
2009-08-16 15:56 <DIR> --d----- c:\program files\TVUPlayer
2009-08-12 22:20 <DIR> --d----- c:\program files\NeroInstall.bak
2009-08-12 22:14 <DIR> --d----- c:\programdata\Nero
2009-08-12 22:14 <DIR> --d----- c:\progra~2\Nero
2009-08-12 20:31 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2009-08-12 20:31 452,440 a------- c:\windows\system32\d3dx10_40.dll
2009-08-12 20:31 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2009-08-11 23:33 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-08-11 23:33 7,680 a------- c:\windows\system32\spwmp.dll
2009-08-11 23:33 4,096 a------- c:\windows\system32\msdxm.ocx
2009-08-11 23:33 4,096 a------- c:\windows\system32\dxmasf.dll
2009-08-11 23:33 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-08-11 23:33 43,520 a------- c:\windows\system32\msdxm.tlb
2009-08-11 23:33 18,432 a------- c:\windows\system32\amcompat.tlb
2009-08-11 23:33 71,680 a------- c:\windows\system32\atl.dll
2009-08-11 23:32 91,136 a------- c:\windows\system32\avifil32.dll
2009-08-11 23:32 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-08-11 23:32 160,256 a------- c:\windows\system32\wkssvc.dll
2009-08-11 23:32 499,712 a------- c:\windows\system32\kerberos.dll
2009-08-11 23:32 218,624 a------- c:\windows\system32\msv1_0.dll
2009-08-11 23:32 175,104 a------- c:\windows\system32\wdigest.dll
2009-08-11 23:32 270,848 a------- c:\windows\system32\schannel.dll
2009-08-11 23:32 1,259,008 a------- c:\windows\system32\lsasrv.dll
2009-08-11 23:32 439,864 a------- c:\windows\system32\drivers\ksecdd.sys
2009-08-11 23:32 72,704 a------- c:\windows\system32\secur32.dll
2009-08-11 23:32 9,728 a------- c:\windows\system32\lsass.exe
2009-08-11 23:14 <DIR> --d----- c:\users\olaf\appdata\roaming\Bullzip
2009-08-11 23:10 227,840 a------- c:\windows\system32\bzFlRdr.dll
2009-08-11 23:10 126,976 a------- c:\windows\system32\bzpdfc.dll
2009-08-11 23:10 103,424 a------- c:\windows\system32\bzDCT.dll
2009-08-11 23:10 194,560 a------- c:\windows\system32\bzpdf.dll
2009-08-11 23:10 140,288 a------- c:\windows\system32\comdlg32.OCX
2009-08-11 23:10 <DIR> --d----- c:\program files\Bullzip
2009-08-11 22:47 <DIR> --d----- c:\windows\system32\eu-ES
2009-08-11 22:47 <DIR> --d----- c:\windows\system32\ca-ES
2009-08-11 22:47 <DIR> --d----- c:\windows\system32\vi-VN
2009-08-11 22:30 <DIR> --d----- c:\program files\MSECache
2009-08-11 22:16 <DIR> --d----- c:\windows\system32\EventProviders
2009-08-11 22:10 12,240,896 a------- c:\windows\system32\NlsLexicons0007.dll
2009-08-11 22:08 2,092,544 a------- c:\windows\system32\dfsr.exe
2009-08-11 22:07 592,896 a------- c:\windows\system32\netlogon.dll
2009-08-11 22:06 1,671,680 a------- c:\windows\system32\wlanpref.dll
2009-08-11 22:05 744,448 a------- c:\windows\system32\wbem\wbemcore.dll
2009-08-11 22:05 614,912 a------- c:\windows\system32\wbem\fastprox.dll
2009-08-11 22:05 265,728 a------- c:\windows\system32\wbem\repdrvfs.dll
2009-08-11 22:05 265,728 a------- c:\windows\system32\wbem\esscli.dll
2009-08-11 22:05 189,440 a------- c:\windows\system32\wbem\mofd.dll
2009-08-11 22:05 83,968 a------- c:\windows\system32\wbem\wmiutils.dll
2009-08-11 22:05 30,208 a------- c:\windows\system32\wbem\wbemprox.dll
2009-08-11 22:05 705,536 a------- c:\windows\system32\SmiEngine.dll
2009-08-11 22:05 218,624 a------- c:\windows\system32\wdscore.dll
2009-08-11 22:05 130,560 a------- c:\windows\system32\PkgMgr.exe
2009-08-11 22:04 247,808 a------- c:\windows\system32\drvstore.dll

==================== Find3M ====================

2009-09-07 20:18 636,000 a------- c:\windows\system32\perfh005.dat
2009-09-07 20:18 134,810 a------- c:\windows\system32\perfc005.dat
2009-09-07 19:03 86,016 a------- c:\windows\inf\infpub.dat
2009-09-07 19:03 143,360 a------- c:\windows\inf\infstrng.dat
2009-08-29 04:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-29 04:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-29 04:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-29 04:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-08-11 22:55 143,360 a------- c:\windows\inf\infstor.dat
2009-08-11 22:46 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-04 20:40 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-07-19 12:22 0 a---h--- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-07-19 12:22 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-18 18:01 78,336 a------- c:\windows\system32\ieencode.dll
2009-07-18 13:35 828,416 a------- c:\windows\system32\wininet.dll
2009-07-12 18:33 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-06-15 19:47 737,280 a------- c:\windows\iun6002.exe
2009-06-15 16:53 156,672 a------- c:\windows\system32\t2embed.dll
2009-06-15 16:53 270,848 a------- c:\windows\system32\schannel.dll
2009-06-15 16:52 23,552 a------- c:\windows\system32\lpk.dll
2009-06-15 16:52 72,704 a------- c:\windows\system32\fontsub.dll
2009-06-15 16:51 10,240 a------- c:\windows\system32\dciman32.dll
2009-06-15 14:42 289,792 a------- c:\windows\system32\atmfd.dll
2009-06-09 21:27 174 a--sh--- c:\program files\desktop.ini
2009-06-09 16:47 56 a---h--- c:\programdata\ezsidmv.dat
2009-06-09 16:47 56 a---h--- c:\progra~2\ezsidmv.dat
2007-01-08 23:07 286,912 a------- c:\windows\inf\perflib\0405\perfi.dat
2007-01-08 23:07 286,912 a------- c:\windows\inf\perflib\0405\perfh.dat
2007-01-08 23:07 34,724 a------- c:\windows\inf\perflib\0405\perfd.dat
2007-01-08 23:07 34,724 a------- c:\windows\inf\perflib\0405\perfc.dat
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 21:03:57,95 ===============

Reklama

Damned · Příspěvekod **Damned** » 07 zář 2009 21:47

Máš tam MbAM. Skus ho aktualizovat, a spustit úplný sken (i když aktualizace nepůjde) . Výsledný log sem vlož.

net.x · Příspěvekod **net.x** » 08 zář 2009 22:23

to bylo hodně dlouhé kafe... :smile:

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2753
Windows 6.0.6002 Service Pack 2

8.9.2009 22:20:54
mbam-log-2009-09-08 (22-20-54).txt

Typ skenu: Úplný sken (C:\|)
Objektu skenováno: 241940
Uplynulý cas: 2 hour(s), 16 minute(s), 4 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)

Damned · Příspěvekod **Damned** » 08 zář 2009 22:35

Stáhni si HijackThis z mého podpisu na Plochu. Před uložením ho přejmenuj na Tomáš.com. Ulož a spusť. Výsledný log mi sem vlož.
Pokud se na něj nedostaneš, zkus:
Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

net.x · Příspěvekod **net.x** » 08 zář 2009 23:10

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:36:20, on 8.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\AcerOrbiCam.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Users\Olaf\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Olaf\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer OrbiCam] C:\Windows\AcerOrbiCam.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [USDownloader] "C:\Downloads\USDownloader\USDownloader.exe"
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca08b975decefe) (gupdate1ca08b975decefe) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7188 bytes

net.x · Příspěvekod **net.x** » 08 zář 2009 23:11

ComboFix 09-09-07.03 - Olaf 08.09.2009 22:41.1.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1789.871 [GMT 2:00]
Spuštěný z: c:\users\Olaf\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\bcmwl6.inf
c:\windows\System32\Desktop_.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-08-08 do 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\users\Olaf\AppData\Roaming\Malwarebytes
2009-09-07 18:17 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\programdata\Malwarebytes
2009-09-07 18:17 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-03 08:42 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-03 08:42 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-26 22:30 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\users\Olaf\AppData\Local\TVU Networks
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\programdata\TVU Networks
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\program files\TVUPlayer
2009-08-12 20:20 . 2009-08-12 20:20 -------- d-----w- c:\users\Olaf\AppData\Local\Ahead
2009-08-12 20:20 . 2009-08-12 20:20 -------- d-----w- c:\program files\NeroInstall.bak
2009-08-12 20:18 . 2009-08-12 20:18 -------- d-----w- c:\users\Olaf\AppData\Roaming\Nero
2009-08-12 20:14 . 2009-08-12 20:17 -------- d-----w- c:\program files\Common Files\Nero
2009-08-12 20:14 . 2009-08-12 20:14 -------- d-----w- c:\programdata\Nero
2009-08-12 19:09 . 2009-08-21 19:17 -------- d-----w- c:\users\Olaf\AppData\Local\VirtuaTennis2009
2009-08-12 18:31 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-08-12 18:31 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-08-12 18:31 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-08-11 21:33 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-11 21:33 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-11 21:33 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-11 21:33 . 2009-07-15 12:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-11 21:33 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-11 21:32 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-11 21:32 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-11 21:32 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-11 21:32 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-11 21:32 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-11 21:32 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-11 21:32 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-11 21:32 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-11 21:32 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-11 21:32 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-11 21:32 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-11 21:14 . 2009-08-11 21:14 -------- d-----w- c:\users\Olaf\AppData\Roaming\Bullzip
2009-08-11 21:10 . 2008-10-30 21:15 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2009-08-11 21:10 . 2008-09-26 18:44 126976 ----a-w- c:\windows\system32\bzpdfc.dll
2009-08-11 21:10 . 2008-07-09 22:19 103424 ----a-w- c:\windows\system32\bzDCT.dll
2009-08-11 21:10 . 2009-04-22 17:53 194560 ----a-w- c:\windows\system32\bzpdf.dll
2009-08-11 21:10 . 2009-08-11 21:10 -------- d-----w- c:\program files\Bullzip
2009-08-11 20:47 . 2009-08-11 20:48 -------- d-----w- c:\windows\system32\ca-ES
2009-08-11 20:47 . 2009-08-11 20:48 -------- d-----w- c:\windows\system32\eu-ES
2009-08-11 20:47 . 2009-08-11 20:48 -------- d-----w- c:\windows\system32\vi-VN
2009-08-11 20:30 . 2009-08-11 20:36 -------- d-----w- c:\program files\MSECache
2009-08-11 20:16 . 2009-08-11 20:16 -------- d-----w- c:\windows\system32\EventProviders
2009-08-11 20:10 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-08-11 20:08 . 2009-04-11 06:28 203264 ----a-w- c:\windows\system32\uDWM.dll
2009-08-11 20:07 . 2009-04-11 06:28 592896 ----a-w- c:\windows\system32\netlogon.dll
2009-08-11 20:06 . 2009-04-11 06:28 1671680 ----a-w- c:\windows\system32\wlanpref.dll
2009-08-11 20:05 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-08-11 20:05 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-08-11 20:05 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-08-11 20:05 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-08-11 20:05 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-08-11 20:05 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-08-11 20:05 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-08-11 20:05 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-08-11 20:05 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-08-11 20:05 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-08-11 20:04 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-08 20:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-08 17:51 . 2007-01-08 21:10 636000 ----a-w- c:\windows\system32\perfh005.dat
2009-09-08 17:51 . 2007-01-08 21:10 134810 ----a-w- c:\windows\system32\perfc005.dat
2009-09-08 14:41 . 2009-08-04 18:37 12 ----a-w- c:\windows\bthservsdp.dat
2009-09-08 11:59 . 2009-06-05 19:07 -------- d-----w- c:\users\Olaf\AppData\Roaming\Skype
2009-09-08 11:00 . 2009-06-09 14:47 -------- d-----w- c:\users\Olaf\AppData\Roaming\skypePM
2009-09-07 17:22 . 2009-06-05 22:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-08-28 06:15 . 2007-05-18 12:21 227600 ----a-w- c:\users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-27 20:00 . 2009-06-05 21:33 -------- d-----w- c:\users\Olaf\AppData\Roaming\Miranda
2009-08-27 19:59 . 2009-06-05 21:33 -------- d-----w- c:\program files\Miranda IM
2009-08-27 17:47 . 2009-07-19 21:38 -------- d-----w- c:\program files\Google
2009-08-22 14:41 . 2009-06-05 22:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-22 08:05 . 2007-01-25 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-12 20:14 . 2009-06-06 15:01 -------- d-----w- c:\program files\Nero
2009-08-11 20:49 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-08-11 20:37 . 2009-06-05 16:38 -------- d-----w- c:\program files\Acro Software
2009-08-11 19:06 . 2009-06-06 19:25 -------- d-----w- c:\users\Olaf\AppData\Roaming\Azureus
2009-08-04 18:40 . 2009-08-04 18:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-07-26 16:39 . 2009-07-26 16:38 -------- d-----w- c:\program files\nLite
2009-07-19 10:25 . 2009-07-19 10:19 -------- d-----w- c:\users\Olaf\AppData\Roaming\Nokia
2009-07-19 10:22 . 2009-07-19 10:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-07-19 10:22 . 2009-07-19 10:19 -------- d-----w- c:\users\Olaf\AppData\Roaming\PC Suite
2009-07-19 10:22 . 2009-07-19 10:19 -------- d-----w- c:\programdata\PC Suite
2009-07-19 10:22 . 2009-07-19 10:22 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-19 10:19 . 2009-07-19 10:18 -------- d-----w- c:\program files\DIFX
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\Common Files\PCSuite
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\Common Files\Nokia
2009-07-19 10:18 . 2009-07-19 10:17 -------- d-----w- c:\program files\Nokia
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-19 10:17 . 2009-07-19 10:17 -------- d-----w- c:\programdata\Installations
2009-07-19 10:08 . 2009-07-19 10:08 -------- d-----w- c:\program files\Avanquest update
2009-07-19 10:08 . 2009-07-19 10:08 -------- d-----w- c:\programdata\BVRP Software
2009-07-19 10:06 . 2009-07-19 10:06 -------- d-----w- c:\programdata\Sony Ericsson
2009-07-19 10:06 . 2009-07-19 10:06 -------- d-----w- c:\program files\Sony Ericsson
2009-07-18 16:01 . 2009-08-01 13:34 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 11:35 . 2009-08-01 13:34 828416 ----a-w- c:\windows\system32\wininet.dll
2009-07-13 15:52 . 2009-07-13 15:52 92 ----a-w- c:\users\Olaf\AppData\Local\fusioncache.dat
2009-07-13 15:50 . 2009-06-05 16:25 -------- d-----w- c:\program files\ESET
2009-07-12 16:33 . 2009-07-12 16:33 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-07-11 10:22 . 2009-07-11 10:22 -------- d-----w- c:\programdata\The Humans
2009-07-11 10:15 . 2009-07-11 10:15 -------- d-----w- c:\users\Olaf\AppData\Roaming\InstallShield
2009-06-17 18:44 . 2009-06-17 18:44 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-06-17 18:44 . 2009-06-17 18:44 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-06-15 17:47 . 2009-06-15 17:48 737280 ----a-w- c:\windows\iun6002.exe
2009-06-15 14:53 . 2009-07-18 13:50 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 14:53 . 2009-08-11 21:32 270848 ----a-w- c:\windows\system32\schannel.dll
2009-06-15 14:52 . 2009-07-18 13:50 23552 ----a-w- c:\windows\system32\lpk.dll
2009-06-15 14:52 . 2009-07-18 13:50 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 14:51 . 2009-07-18 13:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:42 . 2009-07-18 13:50 289792 ----a-w- c:\windows\system32\atmfd.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"USDownloader"="c:\downloads\USDownloader\USDownloader.exe" [2009-04-03 530432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-01-08 151552]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2007-01-09 483328]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer OrbiCam"="c:\windows\AcerOrbiCam.exe" [2007-01-11 401408]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-05 520024]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-01 4186112]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-1-25 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b9,27,bb,20,c6,1a,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9CBB84EF-5461-419F-8556-95F7F4A66346}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{84CA710C-8355-4AD4-89D2-08D89F62AD65}c:\\program files\\miranda im\\miranda32.exe"= UDP:c:\program files\miranda im\miranda32.exe:Miranda IM
"UDP Query User{D2524866-EAA5-43C1-A1A5-DE4B50F314CD}c:\\program files\\miranda im\\miranda32.exe"= TCP:c:\program files\miranda im\miranda32.exe:Miranda IM
"{77EFC760-291C-468B-A746-D03A6CA13A65}"= UDP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{A156ECE4-5390-4FDA-8C0A-09DC10714C16}"= TCP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"TCP Query User{8E51AE3C-612F-4570-868F-8D7B5351AD07}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{0BC0B68B-84ED-4EE7-B217-4ACB9245239D}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{9BD7148F-D8A7-422D-8EE7-00344025813D}"= UDP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{0D426822-7D1D-4913-9A48-6973608F6F1A}"= TCP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{EE2D5ACC-FD6D-48F7-89C0-A786562EFA16}"= UDP:c:\games\Codename Panzers Cold War\Home\Game\CPCW.exe:Codename Panzers Cold War
"{70CC7C6C-6318-4813-8273-0691B81B8A28}"= TCP:c:\games\Codename Panzers Cold War\Home\Game\CPCW.exe:Codename Panzers Cold War
"TCP Query User{0203321A-312B-46A9-8A51-CD7067886E4B}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{1262029D-CCB6-46C1-A600-F727A08856D7}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [6.6.2009 0:55 64160]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [19.3.2009 11:44 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [19.3.2009 11:44 731840]
S2 gupdate1ca08b975decefe;Služba Google Update (gupdate1ca08b975decefe);c:\program files\Google\Update\GoogleUpdate.exe [19.7.2009 23:39 133104]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1029456]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 14:48 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [19.7.2009 12:06 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [19.7.2009 12:06 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [19.7.2009 12:06 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [19.7.2009 12:06 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [19.7.2009 12:06 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [19.7.2009 12:06 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [19.7.2009 12:06 115752]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [18.5.2007 14:50 80744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {12BC816B-8F68-CAB4-867E-FA0FEF15FB36} /qb
.
Obsah adresáře 'Naplánované úlohy'

2009-09-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 22:55]

2009-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 21:39]

2009-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 21:39]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-SetPanel - (no file)

.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://cs.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: csob.cz\ib24
Trusted Zone: postovnisporitelna.cz\maxibps
FF - ProfilePath - c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 22:49
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="REMOVED"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2009-09-08 22:52
ComboFix-quarantined-files.txt 2009-09-08 20:52

Před spuštěním: Volných bajtů: 69 242 019 840
Po spuštění: Volných bajtů: 69 176 381 440

285 --- E O F --- 2009-09-08 20:35

net.x · Příspěvekod **net.x** » 08 zář 2009 23:17

zapomněl jsem přejmenovat HJT na tomas.com...nevím, jestli to má nějaký význam, tak radši přiložím ještě LOG po změně názvu:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:15:49, on 8.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\AcerOrbiCam.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Users\Olaf\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Olaf\Desktop\tomas.com.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer OrbiCam] C:\Windows\AcerOrbiCam.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [USDownloader] "C:\Downloads\USDownloader\USDownloader.exe"
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca08b975decefe) (gupdate1ca08b975decefe) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6845 bytes

Damned · Příspěvekod **Damned** » 08 zář 2009 23:57

Přejmenování je vhodné, pokud nějaký vir brání spuštění HJT. U tebe jsem netušil o co jde.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
*****************************************************************************************************************************************
Potom:
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\users\Olaf\AppData\Local\fusioncache.dat

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

net.x · Příspěvekod **net.x** » 09 zář 2009 20:17

ComboFix 09-09-07.03 - Olaf 09.09.2009 19:36.3.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1789.927 [GMT 2:00]
Spuštěný z: c:\users\Olaf\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Olaf\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení

FILE ::
"c:\users\Olaf\AppData\Local\fusioncache.dat"
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-08-09 do 2009-09-09 )))))))))))))))))))))))))))))))
.

2009-09-09 17:42 . 2009-09-09 17:42 -------- d-----w- c:\users\Olaf\AppData\Local\temp
2009-09-09 17:42 . 2009-09-09 17:42 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-09 17:42 . 2009-09-09 17:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-09 17:42 . 2009-09-09 17:42 -------- d-----w- c:\users\Admin_netX\AppData\Local\temp
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\VDLL.DLL
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\system32\runouce.exe
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\rundll16.exe
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\logo1_.exe
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\logo_1.exe
2009-09-08 20:55 . 2009-09-08 20:55 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-09-08 20:55 . 2009-09-08 20:55 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-09-08 20:55 . 2009-09-08 20:55 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-09-08 20:55 . 2009-09-08 20:55 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-09-08 20:55 . 2009-09-08 20:55 -------- d-----w- c:\programdata\MicroWorld
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\users\Olaf\AppData\Roaming\Malwarebytes
2009-09-07 18:17 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\programdata\Malwarebytes
2009-09-07 18:17 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-03 08:42 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-03 08:42 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-26 22:30 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\users\Olaf\AppData\Local\TVU Networks
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\programdata\TVU Networks
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\program files\TVUPlayer
2009-08-12 20:20 . 2009-08-12 20:20 -------- d-----w- c:\users\Olaf\AppData\Local\Ahead
2009-08-12 20:20 . 2009-08-12 20:20 -------- d-----w- c:\program files\NeroInstall.bak
2009-08-12 20:18 . 2009-08-12 20:18 -------- d-----w- c:\users\Olaf\AppData\Roaming\Nero
2009-08-12 20:14 . 2009-08-12 20:17 -------- d-----w- c:\program files\Common Files\Nero
2009-08-12 20:14 . 2009-08-12 20:14 -------- d-----w- c:\programdata\Nero
2009-08-12 19:09 . 2009-08-21 19:17 -------- d-----w- c:\users\Olaf\AppData\Local\VirtuaTennis2009
2009-08-12 18:31 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-08-12 18:31 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-08-12 18:31 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-08-11 21:33 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-11 21:33 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-11 21:33 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-11 21:33 . 2009-07-15 12:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-11 21:33 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-11 21:32 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-11 21:32 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-11 21:32 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-11 21:32 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-11 21:32 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-11 21:32 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-11 21:32 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-11 21:32 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-11 21:32 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-11 21:32 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-11 21:32 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-11 21:14 . 2009-08-11 21:14 -------- d-----w- c:\users\Olaf\AppData\Roaming\Bullzip
2009-08-11 21:10 . 2008-10-30 21:15 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2009-08-11 21:10 . 2008-09-26 18:44 126976 ----a-w- c:\windows\system32\bzpdfc.dll
2009-08-11 21:10 . 2008-07-09 22:19 103424 ----a-w- c:\windows\system32\bzDCT.dll
2009-08-11 21:10 . 2009-04-22 17:53 194560 ----a-w- c:\windows\system32\bzpdf.dll
2009-08-11 21:10 . 2009-08-11 21:10 -------- d-----w- c:\program files\Bullzip
2009-08-11 20:47 . 2009-08-11 20:48 -------- d-----w- c:\windows\system32\ca-ES
2009-08-11 20:47 . 2009-08-11 20:48 -------- d-----w- c:\windows\system32\eu-ES
2009-08-11 20:47 . 2009-08-11 20:48 -------- d-----w- c:\windows\system32\vi-VN
2009-08-11 20:30 . 2009-08-11 20:36 -------- d-----w- c:\program files\MSECache
2009-08-11 20:16 . 2009-08-11 20:16 -------- d-----w- c:\windows\system32\EventProviders
2009-08-11 20:10 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-08-11 20:08 . 2009-04-11 06:28 203264 ----a-w- c:\windows\system32\uDWM.dll
2009-08-11 20:07 . 2009-04-11 06:28 592896 ----a-w- c:\windows\system32\netlogon.dll
2009-08-11 20:06 . 2009-04-11 06:28 1671680 ----a-w- c:\windows\system32\wlanpref.dll
2009-08-11 20:05 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-08-11 20:05 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-08-11 20:05 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-08-11 20:05 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-08-11 20:05 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-08-11 20:05 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-08-11 20:05 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-08-11 20:05 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-08-11 20:05 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-08-11 20:05 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-08-11 20:04 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-09 16:54 . 2007-01-08 21:10 636000 ----a-w- c:\windows\system32\perfh005.dat
2009-09-09 16:54 . 2007-01-08 21:10 134810 ----a-w- c:\windows\system32\perfc005.dat
2009-09-09 09:43 . 2009-08-04 18:37 12 ----a-w- c:\windows\bthservsdp.dat
2009-09-08 20:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-08 11:59 . 2009-06-05 19:07 -------- d-----w- c:\users\Olaf\AppData\Roaming\Skype
2009-09-08 11:00 . 2009-06-09 14:47 -------- d-----w- c:\users\Olaf\AppData\Roaming\skypePM
2009-09-07 17:22 . 2009-06-05 22:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-08-28 06:15 . 2007-05-18 12:21 227600 ----a-w- c:\users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-27 20:00 . 2009-06-05 21:33 -------- d-----w- c:\users\Olaf\AppData\Roaming\Miranda
2009-08-27 19:59 . 2009-06-05 21:33 -------- d-----w- c:\program files\Miranda IM
2009-08-27 17:47 . 2009-07-19 21:38 -------- d-----w- c:\program files\Google
2009-08-22 14:41 . 2009-06-05 22:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-22 08:05 . 2007-01-25 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-12 20:14 . 2009-06-06 15:01 -------- d-----w- c:\program files\Nero
2009-08-11 20:49 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-08-11 20:37 . 2009-06-05 16:38 -------- d-----w- c:\program files\Acro Software
2009-08-11 19:06 . 2009-06-06 19:25 -------- d-----w- c:\users\Olaf\AppData\Roaming\Azureus
2009-08-04 18:40 . 2009-08-04 18:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-07-26 16:39 . 2009-07-26 16:38 -------- d-----w- c:\program files\nLite
2009-07-19 10:25 . 2009-07-19 10:19 -------- d-----w- c:\users\Olaf\AppData\Roaming\Nokia
2009-07-19 10:22 . 2009-07-19 10:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-07-19 10:22 . 2009-07-19 10:19 -------- d-----w- c:\users\Olaf\AppData\Roaming\PC Suite
2009-07-19 10:22 . 2009-07-19 10:19 -------- d-----w- c:\programdata\PC Suite
2009-07-19 10:22 . 2009-07-19 10:22 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-19 10:19 . 2009-07-19 10:18 -------- d-----w- c:\program files\DIFX
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\Common Files\PCSuite
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\Common Files\Nokia
2009-07-19 10:18 . 2009-07-19 10:17 -------- d-----w- c:\program files\Nokia
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-19 10:17 . 2009-07-19 10:17 -------- d-----w- c:\programdata\Installations
2009-07-19 10:08 . 2009-07-19 10:08 -------- d-----w- c:\program files\Avanquest update
2009-07-19 10:08 . 2009-07-19 10:08 -------- d-----w- c:\programdata\BVRP Software
2009-07-19 10:06 . 2009-07-19 10:06 -------- d-----w- c:\programdata\Sony Ericsson
2009-07-19 10:06 . 2009-07-19 10:06 -------- d-----w- c:\program files\Sony Ericsson
2009-07-18 16:01 . 2009-08-01 13:34 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 11:35 . 2009-08-01 13:34 828416 ----a-w- c:\windows\system32\wininet.dll
2009-07-13 15:50 . 2009-06-05 16:25 -------- d-----w- c:\program files\ESET
2009-07-12 16:33 . 2009-07-12 16:33 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-06-17 18:44 . 2009-06-17 18:44 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-06-17 18:44 . 2009-06-17 18:44 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-06-15 17:47 . 2009-06-15 17:48 737280 ----a-w- c:\windows\iun6002.exe
2009-06-15 14:53 . 2009-07-18 13:50 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 14:53 . 2009-08-11 21:32 270848 ----a-w- c:\windows\system32\schannel.dll
2009-06-15 14:52 . 2009-07-18 13:50 23552 ----a-w- c:\windows\system32\lpk.dll
2009-06-15 14:52 . 2009-07-18 13:50 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 14:51 . 2009-07-18 13:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:42 . 2009-07-18 13:50 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-08_20.49.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-01-25 16:37 . 2009-09-09 16:50 39574 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-09-09 16:50 68954 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2007-05-18 12:16 . 2009-09-08 20:37 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-05-18 12:16 . 2009-09-09 17:01 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-05-18 12:16 . 2009-09-08 20:37 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-05-18 12:16 . 2009-09-09 17:01 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-05-18 12:16 . 2009-09-08 20:37 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-05-18 12:16 . 2009-09-09 17:01 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-05-18 12:41 . 2009-09-09 16:50 8084 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2494099604-4228954195-18612416-1000_UserData.bin
+ 2009-09-08 20:35 . 2009-09-09 17:40 1826 c:\windows\SoftwareDistribution\PostRebootEventCache\{42356F37-C30F-4DAD-9066-DA4527F4DC9A}.bin
- 2009-09-08 20:35 . 2009-09-08 20:35 1826 c:\windows\SoftwareDistribution\PostRebootEventCache\{42356F37-C30F-4DAD-9066-DA4527F4DC9A}.bin
- 2009-09-08 17:43 . 2009-09-08 17:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-09-09 16:48 . 2009-09-09 16:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-08 17:43 . 2009-09-08 17:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-09-09 16:48 . 2009-09-09 16:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2006-11-02 10:33 . 2009-09-08 17:51 625582 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-09-09 16:54 625582 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-09-08 17:51 117144 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-09-09 16:54 117144 c:\windows\System32\perfc009.dat
- 2006-11-02 10:22 . 2009-09-08 20:32 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2006-11-02 10:22 . 2009-09-09 16:51 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-09-08 20:40 . 2009-09-09 17:35 6156288 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
- 2009-09-08 20:40 . 2009-09-08 20:40 6156288 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"USDownloader"="c:\downloads\USDownloader\USDownloader.exe" [2009-04-03 530432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-01-08 151552]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2007-01-09 483328]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer OrbiCam"="c:\windows\AcerOrbiCam.exe" [2007-01-11 401408]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-05 520024]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-01 4186112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b9,27,bb,20,c6,1a,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9CBB84EF-5461-419F-8556-95F7F4A66346}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{84CA710C-8355-4AD4-89D2-08D89F62AD65}c:\\program files\\miranda im\\miranda32.exe"= UDP:c:\program files\miranda im\miranda32.exe:Miranda IM
"UDP Query User{D2524866-EAA5-43C1-A1A5-DE4B50F314CD}c:\\program files\\miranda im\\miranda32.exe"= TCP:c:\program files\miranda im\miranda32.exe:Miranda IM
"{77EFC760-291C-468B-A746-D03A6CA13A65}"= UDP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{A156ECE4-5390-4FDA-8C0A-09DC10714C16}"= TCP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"TCP Query User{8E51AE3C-612F-4570-868F-8D7B5351AD07}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{0BC0B68B-84ED-4EE7-B217-4ACB9245239D}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{9BD7148F-D8A7-422D-8EE7-00344025813D}"= UDP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{0D426822-7D1D-4913-9A48-6973608F6F1A}"= TCP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{EE2D5ACC-FD6D-48F7-89C0-A786562EFA16}"= UDP:c:\games\Codename Panzers Cold War\Home\Game\CPCW.exe:Codename Panzers Cold War
"{70CC7C6C-6318-4813-8273-0691B81B8A28}"= TCP:c:\games\Codename Panzers Cold War\Home\Game\CPCW.exe:Codename Panzers Cold War
"TCP Query User{0203321A-312B-46A9-8A51-CD7067886E4B}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{1262029D-CCB6-46C1-A600-F727A08856D7}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [6.6.2009 0:55 64160]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [19.3.2009 11:44 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [19.3.2009 11:44 731840]
S2 gupdate1ca08b975decefe;Služba Google Update (gupdate1ca08b975decefe);c:\program files\Google\Update\GoogleUpdate.exe [19.7.2009 23:39 133104]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1029456]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 14:48 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [19.7.2009 12:06 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [19.7.2009 12:06 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [19.7.2009 12:06 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [19.7.2009 12:06 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [19.7.2009 12:06 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [19.7.2009 12:06 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [19.7.2009 12:06 115752]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [18.5.2007 14:50 80744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {12BC816B-8F68-CAB4-867E-FA0FEF15FB36} /qb
.
Obsah adresáře 'Naplánované úlohy'

2009-09-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 22:55]

2009-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 21:39]

2009-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 21:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://cs.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: csob.cz\ib24
Trusted Zone: postovnisporitelna.cz\maxibps
FF - ProfilePath - c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-09 19:42
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="REMOVED"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2009-09-09 19:45
ComboFix-quarantined-files.txt 2009-09-09 17:45

Před spuštěním: Volných bajtů: 69 098 577 920
Po spuštění: Volných bajtů: 69 051 842 560

311 --- E O F --- 2009-09-08 20:35

net.x · Příspěvekod **net.x** » 09 zář 2009 20:17

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:28, on 9.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\AcerOrbiCam.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Users\Olaf\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Olaf\Desktop\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer OrbiCam] C:\Windows\AcerOrbiCam.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [USDownloader] "C:\Downloads\USDownloader\USDownloader.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca08b975decefe) (gupdate1ca08b975decefe) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6583 bytes

net.x · Příspěvekod **net.x** » 09 zář 2009 20:23

Momentálně stav celkem OK, stránky načítá bez větších problémů, celková rychlost pozitivní.
Jen po ComboFixu jsem musel pecko restarovat, při pokusu o zpuštění aplikací (HJT, NOD32) hlásilo chybu registru, ale po restartu v pořádku.

net.x · Příspěvekod **net.x** » 09 zář 2009 20:24

Tohle v HJT zůstalo, zkusil jsem to ještě jednou, ale pořád tam je:

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

Pomalé PC + částečně fungující net Vyřešeno

Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Re: Pomalé PC + částečně fungující net

Kdo je online