Pomalé PC + částečně fungující net Vyřešeno

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.)
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

sc config Symantec Lic NetConnect service (CLTNetCnService) start= disabled
sc config Symantec Lic NetConnect service start= disabled
sc config ccSvcHst start= disabled
sc stop Symantec Lic NetConnect service (CLTNetCnService)
sc stop Symantec Lic NetConnect service
sc stop ccSvcHst
sc delete Symantec Lic NetConnect service (CLTNetCnService)
sc delete Symantec Lic NetConnect service
sc delete ccSvcHst

ulož si ho na plochu jako-název remove.bat a ulož ho jako typ všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.
Otevře se Dosovské okno a zavře. Restartuj comp a vlož sem nový log z HJT:

[Reklama]

[net.x]

Tak je tam pořád.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:08, on 10.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\AcerOrbiCam.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Olaf\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Olaf\Desktop\HJT.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer OrbiCam] C:\Windows\AcerOrbiCam.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [USDownloader] "C:\Downloads\USDownloader\USDownloader.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca08b975decefe) (gupdate1ca08b975decefe) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6566 bytes

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

Folder::
C:\Program Files\Common Files\Symantec Shared

Driver::
CLTNetCnService
Symantec Lic NetConnect service (CLTNetCnService)
Symantec Lic NetConnect service
ccSvcHst




Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[net.x]

Taky nic, stále tam, je. Ale mám pocit, že mě to v práci neomezuje, tak to asi necháme být...?

ComboFix 09-09-07.03 - Olaf 13.09.2009 18:49.4.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1789.1170 [GMT 2:00]
Spuštěný z: c:\users\Olaf\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Olaf\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\CCPD-LC\ez_log.html
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-08-13 do 2009-09-13 )))))))))))))))))))))))))))))))
.

2009-09-13 16:52 . 2009-09-13 16:53 -------- d-----w- c:\users\Olaf\AppData\Local\temp
2009-09-13 16:52 . 2009-09-13 16:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-13 16:52 . 2009-09-13 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-13 16:52 . 2009-09-13 16:52 -------- d-----w- c:\users\Admin_netX\AppData\Local\temp
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\VDLL.DLL
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\system32\runouce.exe
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\rundll16.exe
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\logo1_.exe
2009-09-08 20:58 . 2009-09-08 20:58 -------- d---a-w- c:\windows\logo_1.exe
2009-09-08 20:55 . 2009-09-08 20:55 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-09-08 20:55 . 2009-09-08 20:55 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-09-08 20:55 . 2009-09-08 20:55 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-09-08 20:55 . 2009-09-08 20:55 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-09-08 20:55 . 2009-09-08 20:55 -------- d-----w- c:\programdata\MicroWorld
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\users\Olaf\AppData\Roaming\Malwarebytes
2009-09-07 18:17 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-07 18:17 . 2009-09-07 18:17 -------- d-----w- c:\programdata\Malwarebytes
2009-09-07 18:17 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-03 08:42 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-03 08:42 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-26 22:30 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\users\Olaf\AppData\Local\TVU Networks
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\programdata\TVU Networks
2009-08-16 13:56 . 2009-08-16 13:56 -------- d-----w- c:\program files\TVUPlayer

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-13 14:13 . 2007-01-08 21:10 636000 ----a-w- c:\windows\system32\perfh005.dat
2009-09-13 14:13 . 2007-01-08 21:10 134810 ----a-w- c:\windows\system32\perfc005.dat
2009-09-12 13:56 . 2009-08-04 18:37 12 ----a-w- c:\windows\bthservsdp.dat
2009-09-08 20:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-08 11:59 . 2009-06-05 19:07 -------- d-----w- c:\users\Olaf\AppData\Roaming\Skype
2009-09-08 11:00 . 2009-06-09 14:47 -------- d-----w- c:\users\Olaf\AppData\Roaming\skypePM
2009-09-07 17:22 . 2009-06-05 22:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-08-28 06:15 . 2007-05-18 12:21 227600 ----a-w- c:\users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-27 20:00 . 2009-06-05 21:33 -------- d-----w- c:\users\Olaf\AppData\Roaming\Miranda
2009-08-27 19:59 . 2009-06-05 21:33 -------- d-----w- c:\program files\Miranda IM
2009-08-27 17:47 . 2009-07-19 21:38 -------- d-----w- c:\program files\Google
2009-08-22 14:41 . 2009-06-05 22:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-22 08:05 . 2007-01-25 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-12 20:20 . 2009-08-12 20:20 -------- d-----w- c:\program files\NeroInstall.bak
2009-08-12 20:18 . 2009-08-12 20:18 -------- d-----w- c:\users\Olaf\AppData\Roaming\Nero
2009-08-12 20:17 . 2009-08-12 20:14 -------- d-----w- c:\program files\Common Files\Nero
2009-08-12 20:14 . 2009-08-12 20:14 -------- d-----w- c:\programdata\Nero
2009-08-12 20:14 . 2009-06-06 15:01 -------- d-----w- c:\program files\Nero
2009-08-11 21:14 . 2009-08-11 21:14 -------- d-----w- c:\users\Olaf\AppData\Roaming\Bullzip
2009-08-11 21:10 . 2009-08-11 21:10 -------- d-----w- c:\program files\Bullzip
2009-08-11 20:49 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-11 20:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-08-11 20:37 . 2009-06-05 16:38 -------- d-----w- c:\program files\Acro Software
2009-08-11 20:36 . 2009-08-11 20:30 -------- d-----w- c:\program files\MSECache
2009-08-11 19:06 . 2009-06-06 19:25 -------- d-----w- c:\users\Olaf\AppData\Roaming\Azureus
2009-08-04 18:40 . 2009-08-04 18:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-07-26 16:39 . 2009-07-26 16:38 -------- d-----w- c:\program files\nLite
2009-07-19 10:25 . 2009-07-19 10:19 -------- d-----w- c:\users\Olaf\AppData\Roaming\Nokia
2009-07-19 10:22 . 2009-07-19 10:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-07-19 10:22 . 2009-07-19 10:19 -------- d-----w- c:\users\Olaf\AppData\Roaming\PC Suite
2009-07-19 10:22 . 2009-07-19 10:19 -------- d-----w- c:\programdata\PC Suite
2009-07-19 10:22 . 2009-07-19 10:22 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-19 10:19 . 2009-07-19 10:18 -------- d-----w- c:\program files\DIFX
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\Common Files\PCSuite
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\Common Files\Nokia
2009-07-19 10:18 . 2009-07-19 10:17 -------- d-----w- c:\program files\Nokia
2009-07-19 10:18 . 2009-07-19 10:18 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-19 10:17 . 2009-07-19 10:17 -------- d-----w- c:\programdata\Installations
2009-07-19 10:08 . 2009-07-19 10:08 -------- d-----w- c:\program files\Avanquest update
2009-07-19 10:08 . 2009-07-19 10:08 -------- d-----w- c:\programdata\BVRP Software
2009-07-19 10:06 . 2009-07-19 10:06 -------- d-----w- c:\programdata\Sony Ericsson
2009-07-19 10:06 . 2009-07-19 10:06 -------- d-----w- c:\program files\Sony Ericsson
2009-07-18 16:01 . 2009-08-01 13:34 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 11:35 . 2009-08-01 13:34 828416 ----a-w- c:\windows\system32\wininet.dll
2009-07-17 13:54 . 2009-08-11 21:33 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-11 21:33 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-11 21:33 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-11 21:33 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-11 21:33 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-06-17 18:44 . 2009-06-17 18:44 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-06-17 18:44 . 2009-06-17 18:44 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-06-15 23:15 . 2009-08-11 21:32 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 17:47 . 2009-06-15 17:48 737280 ----a-w- c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-09-08_20.49.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-01-25 16:37 . 2009-09-13 14:08 39702 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-09-13 14:09 69472 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2007-05-18 12:16 . 2009-09-13 16:46 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-05-18 12:16 . 2009-09-08 20:37 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-05-18 12:16 . 2009-09-08 20:37 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-05-18 12:16 . 2009-09-13 16:46 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-05-18 12:16 . 2009-09-13 16:46 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-05-18 12:16 . 2009-09-08 20:37 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 10:25 . 2009-09-07 17:03 86016 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-09-11 11:23 86016 c:\windows\inf\infpub.dat
+ 2007-05-18 12:41 . 2009-09-13 14:09 8100 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2494099604-4228954195-18612416-1000_UserData.bin
+ 2009-09-13 14:06 . 2009-09-13 14:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-08 17:43 . 2009-09-08 17:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-09-13 14:06 . 2009-09-13 14:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-09-08 17:43 . 2009-09-08 17:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-06-12 19:36 . 2009-09-11 11:20 196772 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 10:33 . 2009-09-13 14:13 625582 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-09-08 17:51 625582 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-09-08 17:51 117144 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-09-13 14:13 117144 c:\windows\System32\perfc009.dat
- 2006-11-02 10:25 . 2009-09-07 17:03 143360 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-09-11 11:23 143360 c:\windows\inf\infstrng.dat
- 2006-11-02 10:22 . 2009-09-08 20:32 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2006-11-02 10:22 . 2009-09-13 14:08 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2009-09-08 20:40 . 2009-09-08 20:40 6156288 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
+ 2009-09-08 20:40 . 2009-09-13 16:49 6156288 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-01-08 151552]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2007-01-09 483328]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer OrbiCam"="c:\windows\AcerOrbiCam.exe" [2007-01-11 401408]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-05 520024]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-01 4186112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b9,27,bb,20,c6,1a,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9CBB84EF-5461-419F-8556-95F7F4A66346}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{84CA710C-8355-4AD4-89D2-08D89F62AD65}c:\\program files\\miranda im\\miranda32.exe"= UDP:c:\program files\miranda im\miranda32.exe:Miranda IM
"UDP Query User{D2524866-EAA5-43C1-A1A5-DE4B50F314CD}c:\\program files\\miranda im\\miranda32.exe"= TCP:c:\program files\miranda im\miranda32.exe:Miranda IM
"{77EFC760-291C-468B-A746-D03A6CA13A65}"= UDP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{A156ECE4-5390-4FDA-8C0A-09DC10714C16}"= TCP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"TCP Query User{8E51AE3C-612F-4570-868F-8D7B5351AD07}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{0BC0B68B-84ED-4EE7-B217-4ACB9245239D}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{9BD7148F-D8A7-422D-8EE7-00344025813D}"= UDP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{0D426822-7D1D-4913-9A48-6973608F6F1A}"= TCP:c:\games\Football Manager 2009\fm.exe:Football Manager 2009
"{EE2D5ACC-FD6D-48F7-89C0-A786562EFA16}"= UDP:c:\games\Codename Panzers Cold War\Home\Game\CPCW.exe:Codename Panzers Cold War
"{70CC7C6C-6318-4813-8273-0691B81B8A28}"= TCP:c:\games\Codename Panzers Cold War\Home\Game\CPCW.exe:Codename Panzers Cold War
"TCP Query User{0203321A-312B-46A9-8A51-CD7067886E4B}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{1262029D-CCB6-46C1-A600-F727A08856D7}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [6.6.2009 0:55 64160]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [19.3.2009 11:44 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [19.3.2009 11:44 731840]
S2 gupdate1ca08b975decefe;Služba Google Update (gupdate1ca08b975decefe);c:\program files\Google\Update\GoogleUpdate.exe [19.7.2009 23:39 133104]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1029456]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 14:48 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [19.7.2009 12:06 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [19.7.2009 12:06 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [19.7.2009 12:06 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [19.7.2009 12:06 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [19.7.2009 12:06 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [19.7.2009 12:06 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [19.7.2009 12:06 115752]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [18.5.2007 14:50 80744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {12BC816B-8F68-CAB4-867E-FA0FEF15FB36} /qb
.
Obsah adresáře 'Naplánované úlohy'

2009-09-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 22:55]

2009-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 21:39]

2009-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 21:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://cs.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: csob.cz\ib24
Trusted Zone: postovnisporitelna.cz\maxibps
FF - ProfilePath - c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\pduu2ic1.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\Olaf\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-13 18:52
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="REMOVED"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2009-09-13 18:58
ComboFix-quarantined-files.txt 2009-09-13 16:58

Před spuštěním: Volných bajtů: 65 419 968 512
Po spuštění: Volných bajtů: 65 387 794 432

273 --- E O F --- 2009-09-10 15:24

[net.x]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:16, on 13.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\AcerOrbiCam.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\Explorer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Olaf\Desktop\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer OrbiCam] C:\Windows\AcerOrbiCam.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca08b975decefe) (gupdate1ca08b975decefe) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6480 bytes

[Damned]

Jak chceš. Logy jsou čisté - bez šmejdů.

V XP to lze najít a zakázat ve Službách, jak je to ve Vistách nevím.

Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.

ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.

[net.x]

Ok, velice děkuju za veškerou pomoc a hlavně za výdrž!!!