Ententyk: prosím o kontrolu logu

[jaro3]

START-spustit-napiš= cmd.exe -dej OK- v dosovém okně vlož myší toto:
sc stop ndisprot
sc delete ndisprot
sc ekrn.exe
sc ekrn.exe
exit

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
c:\windows\74224F8D4A1748169EDB7BB854DE532C.TMP

File::
c:\windows\unins000.exe
c:\windows\unins000.dat
c:\windows\system32\drivers\ndisprot.sys
c:\windows\UN32.EXE
c:\windows\system32\6FDE1B9CF5.dll

Driver::
ndisprot

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[Reklama]

[Ententyk]

OK,jdu nas to dík

[Ententyk]

.......tak jsem to snad zvládnul podle návodu

log z Combo:
ComboFix 09-01-19.05 - olda 2009-01-20 16:42:33.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2046.1530 [GMT 1:00]
Spuštěný z: c:\documents and settings\olda\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\olda\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090119-0] *On-access scanning enabled* (Updated)
FW: ActiveArmor Firewall *disabled*
* Vytvořen nový Bod Obnovení

FILE ::
c:\windows\system32\6FDE1B9CF5.dll
c:\windows\system32\drivers\ndisprot.sys
c:\windows\UN32.EXE
c:\windows\unins000.dat
c:\windows\unins000.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\74224F8D4A1748169EDB7BB854DE532C.TMP
c:\windows\74224F8D4A1748169EDB7BB854DE532C.TMP\WiseCustomCalla.dll
c:\windows\system32\6FDE1B9CF5.dll
c:\windows\system32\drivers\ndisprot.sys
c:\windows\UN32.EXE
c:\windows\unins000.dat
c:\windows\unins000.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NDISPROT


((((((((((((((((((((((((( Soubory vytvořené od 2008-12-20 do 2009-01-20 )))))))))))))))))))))))))))))))
.

2009-01-20 12:40 . 2009-01-20 16:39 <DIR> d-------- c:\program files\Unlocker
2009-01-20 12:40 . 2009-01-20 12:40 <DIR> d-------- c:\documents and settings\olda\Data aplikací\Desktopicon
2009-01-20 12:40 . 2009-01-20 12:40 <DIR> d-------- c:\documents and settings\olda\Data aplikací\Desktopicon
2009-01-20 12:40 . 2009-01-20 12:40 <DIR> d-------- c:\documents and settings\olda\Data aplikací\Desktopicon
2009-01-20 12:19 . 2009-01-20 12:19 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-20 12:19 . 2009-01-20 12:19 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-20 09:45 . 2009-01-20 09:45 <DIR> d-------- c:\program files\Trend Micro
2009-01-19 09:11 . 2009-01-19 09:11 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-19 09:11 . 2009-01-19 09:11 <DIR> d-------- c:\documents and settings\olda\Data aplikací\Malwarebytes
2009-01-19 09:11 . 2009-01-19 09:11 <DIR> d-------- c:\documents and settings\olda\Data aplikací\Malwarebytes
2009-01-19 09:11 . 2009-01-19 09:11 <DIR> d-------- c:\documents and settings\olda\Data aplikací\Malwarebytes
2009-01-19 09:11 . 2009-01-19 09:11 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-01-19 09:11 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-19 09:11 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-13 22:03 . 2009-01-13 22:03 <DIR> d-------- c:\program files\Bonjour
2009-01-10 20:27 . 2009-01-10 20:27 <DIR> d-------- c:\program files\Mozilla Backup 1.2.2
2009-01-10 20:27 . 2009-01-10 20:27 <DIR> d-------- c:\program files\Common Files\mozilla.org
2009-01-10 19:15 . 2009-01-10 20:27 <DIR> d-------- c:\program files\mozilla.org
2009-01-10 19:15 . 2009-01-10 20:28 99,024 --a------ c:\windows\MozillaUninstall.exe
2009-01-10 19:15 . 2009-01-10 20:27 99,024 --a------ c:\windows\GREUninstall.exe
2009-01-08 18:13 . 2009-01-09 13:03 <DIR> d-------- c:\documents and settings\olda\Data aplikací\LangSoft
2009-01-08 18:13 . 2009-01-09 13:03 <DIR> d-------- c:\documents and settings\olda\Data aplikací\LangSoft
2009-01-08 18:13 . 2009-01-09 13:03 <DIR> d-------- c:\documents and settings\olda\Data aplikací\LangSoft
2009-01-08 18:13 . 2009-01-09 13:03 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\LangSoft
2009-01-08 18:13 . 2009-01-08 18:13 <DIR> d-------- C:\ctemp
2009-01-08 17:28 . 2009-01-09 13:03 2,686 --a------ c:\windows\TRNCOM.INI
2009-01-04 21:58 . 2009-01-04 21:58 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\ESET
2009-01-04 17:28 . 2009-01-04 17:28 230 --a------ c:\windows\system32\spupdsvc.inf
2009-01-04 15:21 . 2001-09-10 14:18 100,352 --a------ c:\windows\system32\CCCHNG32.DLL
2009-01-04 15:21 . 1997-01-16 00:00 29,696 --a------ c:\windows\system32\VB5STKIT.DLL
2009-01-04 15:20 . 2009-01-08 18:12 <DIR> d-------- C:\cm70f
2008-12-30 23:16 . 2008-12-30 23:16 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-12-30 23:16 . 2008-04-07 05:38 45,392 -ra------ c:\windows\system32\AdobePDF.dll
2008-12-30 23:16 . 2008-04-07 05:38 22,872 -ra------ c:\windows\system32\AdobePDFUI.dll
2008-12-24 12:45 . 2008-12-25 10:03 <DIR> d-------- c:\program files\Any Audio Converter
2008-12-24 12:35 . 2008-12-24 12:35 0 --a------ C:\pat a mat special.3g2
2008-12-24 12:32 . 2008-12-24 12:35 <DIR> d-------- c:\program files\Konvertor
2008-12-24 12:30 . 2008-12-25 10:03 <DIR> d-------- c:\program files\MediaCoder
2008-12-24 12:28 . 2008-12-25 10:03 <DIR> d-------- c:\program files\WM Converter
2008-12-24 12:14 . 2008-12-24 12:14 <DIR> d-------- c:\program files\MP3 Player Utilities 4.00
2008-12-22 17:13 . 2008-12-22 17:13 <DIR> d-------- c:\program files\ImTOO
2008-12-20 14:37 . 2008-12-06 23:42 687,104 --a------ c:\windows\Matrix Screensaver.scr
2008-12-20 14:37 . 2008-12-02 16:53 4,150 --a------ c:\windows\Matrix Screensaver.ico

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-20 11:38 --------- d-----w c:\program files\PowerArchiver
2009-01-20 11:20 --------- d-----w c:\program files\Java
2009-01-20 11:03 --------- d-----w c:\program files\DAEMON Tools Toolbar
2009-01-13 21:04 --------- d-----w c:\program files\Common Files\Adobe
2009-01-10 13:25 --------- d-----w c:\program files\FlashGet
2009-01-10 13:20 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-10 12:32 --------- d-----w c:\program files\MozBackup
2009-01-08 17:12 --------- d-----w c:\program files\OpenAL
2009-01-08 17:08 --------- d-----w c:\program files\Windows Desktop Search
2009-01-07 19:53 --------- d-----w c:\program files\BitComet
2009-01-05 20:47 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-01-03 12:22 --------- d---a-w c:\documents and settings\All Users\Data aplikací\TEMP
2009-01-02 13:03 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-25 09:03 --------- d-----w c:\documents and settings\olda\Data aplikací\Any Video Converter
2008-12-25 09:03 --------- d-----w c:\documents and settings\olda\Data aplikací\Any Video Converter
2008-12-25 09:03 --------- d-----w c:\documents and settings\olda\Data aplikací\Any Video Converter
2008-12-09 00:31 --------- d-----w c:\documents and settings\All Users\Data aplikací\FLEXnet
2008-12-05 20:30 --------- d-----w c:\documents and settings\All Users\Data aplikací\DVD Shrink
2008-12-05 18:07 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-03 19:42 --------- d-----w c:\program files\NVIDIA Corporation
2008-12-03 19:42 --------- d-----w c:\program files\Common Files\NVIDIA Shared
2008-12-01 21:24 --------- d-----w c:\program files\AGEIA Technologies
2008-12-01 20:45 --------- d-----w c:\documents and settings\All Users\Data aplikací\DriverScanner
2008-12-01 20:43 --------- dc-h--w c:\documents and settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2008-12-01 20:43 --------- d-----w c:\program files\Uniblue
2008-12-01 20:43 --------- d-----w c:\documents and settings\olda\Data aplikací\Uniblue
2008-12-01 20:43 --------- d-----w c:\documents and settings\olda\Data aplikací\Uniblue
2008-12-01 20:43 --------- d-----w c:\documents and settings\olda\Data aplikací\Uniblue
2008-12-01 16:26 --------- d-----w c:\program files\Webteh
2008-11-29 20:26 --------- d-----w c:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters
2008-11-24 22:32 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-11-11 19:15 22,328 ----a-w c:\documents and settings\olda\Data aplikací\PnkBstrK.sys
2008-11-11 19:15 22,328 ----a-w c:\documents and settings\olda\Data aplikací\PnkBstrK.sys
2008-11-11 19:15 22,328 ----a-w c:\documents and settings\olda\Data aplikací\PnkBstrK.sys
2006-06-15 18:33 233,472 ----a-w c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-25 16:43 204,895 ----a-w c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 12:41 77,824 ----a-w c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-06-19 11:10 426,081 ----a-w c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 10:19 458,752 ----a-w c:\program files\mozilla firefox\plugins\imagickrt.dll
2006-04-10 16:35 139,264 ----a-w c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 09:10 204,800 ----a-w c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 09:42 106,496 ----a-w c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 09:22 212,992 ----a-w c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 09:21 167,936 ----a-w c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2008-05-27 16:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008052720080528\index.dat
.

((((((((((((((((((((((((((((( snapshot@2009-01-20_12.53.48.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-01-20 15:47:35 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_448.dat
+ 2009-01-20 15:47:15 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_5c8.dat
- 2009-01-20 11:49:14 1,500 ----a-w c:\windows\UI\BIOSCTL.DAT
+ 2009-01-20 15:47:34 1,500 ----a-w c:\windows\UI\BIOSCTL.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-03-19 1739712]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-10-05 868352]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448]
"Gainward"="c:\windows\TBPanel.exe" [2008-01-09 2189864]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"Nero MediaHome 4"="c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2008-08-29 3622184]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-20 136600]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\olda\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-05-20 557568]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
Rychlě zaź tek s aplikacˇ HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Nero\\Nero MediaHome 4\\NMMediaServerService.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8738:TCP"= 8738:TCP:BitComet 8738 TCP
"8738:UDP"= 8738:UDP:BitComet 8738 UDP
"21701:TCP"= 21701:TCP:BitComet 21701 TCP
"21701:UDP"= 21701:UDP:BitComet 21701 UDP
"20156:TCP"= 20156:TCP:BitComet 20156 TCP
"20156:UDP"= 20156:UDP:BitComet 20156 UDP
"7322:TCP"= 7322:TCP:BitComet 7322 TCP
"7322:UDP"= 7322:UDP:BitComet 7322 UDP
"25602:TCP"= 25602:TCP:BitComet 25602 TCP
"25602:UDP"= 25602:UDP:BitComet 25602 UDP
"13258:TCP"= 13258:TCP:BitComet 13258 TCP
"13258:UDP"= 13258:UDP:BitComet 13258 UDP
"13991:TCP"= 13991:TCP:BitComet 13991 TCP
"13991:UDP"= 13991:UDP:BitComet 13991 UDP
"13352:TCP"= 13352:TCP:BitComet 13352 TCP
"13352:UDP"= 13352:UDP:BitComet 13352 UDP
"21911:TCP"= 21911:TCP:BitComet 21911 TCP
"21911:UDP"= 21911:UDP:BitComet 21911 UDP
"13715:TCP"= 13715:TCP:BitComet 13715 TCP
"13715:UDP"= 13715:UDP:BitComet 13715 UDP
"17877:TCP"= 17877:TCP:BitComet 17877 TCP
"17877:UDP"= 17877:UDP:BitComet 17877 UDP
"24541:TCP"= 24541:TCP:BitComet 24541 TCP
"24541:UDP"= 24541:UDP:BitComet 24541 UDP
"22625:TCP"= 22625:TCP:BitComet 22625 TCP
"22625:UDP"= 22625:UDP:BitComet 22625 UDP
"22349:TCP"= 22349:TCP:BitComet 22349 TCP
"22349:UDP"= 22349:UDP:BitComet 22349 UDP
"24667:TCP"= 24667:TCP:BitComet 24667 TCP
"24667:UDP"= 24667:UDP:BitComet 24667 UDP
"27117:TCP"= 27117:TCP:BitComet 27117 TCP
"27117:UDP"= 27117:UDP:BitComet 27117 UDP
"7125:TCP"= 7125:TCP:BitComet 7125 TCP
"7125:UDP"= 7125:UDP:BitComet 7125 UDP
"26617:TCP"= 26617:TCP:BitComet 26617 TCP
"26617:UDP"= 26617:UDP:BitComet 26617 UDP
"24450:TCP"= 24450:TCP:BitComet 24450 TCP
"24450:UDP"= 24450:UDP:BitComet 24450 UDP
"11234:TCP"= 11234:TCP:BitComet 11234 TCP
"11234:UDP"= 11234:UDP:BitComet 11234 UDP
"23006:TCP"= 23006:TCP:BitComet 23006 TCP
"23006:UDP"= 23006:UDP:BitComet 23006 UDP
"25642:TCP"= 25642:TCP:BitComet 25642 TCP
"25642:UDP"= 25642:UDP:BitComet 25642 UDP
"27463:TCP"= 27463:TCP:BitComet 27463 TCP
"27463:UDP"= 27463:UDP:BitComet 27463 UDP
"23819:TCP"= 23819:TCP:BitComet 23819 TCP
"23819:UDP"= 23819:UDP:BitComet 23819 UDP
"21535:TCP"= 21535:TCP:BitComet 21535 TCP
"21535:UDP"= 21535:UDP:BitComet 21535 UDP
"26666:TCP"= 26666:TCP:BitComet 26666 TCP
"26666:UDP"= 26666:UDP:BitComet 26666 UDP
"25934:TCP"= 25934:TCP:BitComet 25934 TCP
"25934:UDP"= 25934:UDP:BitComet 25934 UDP
"22512:TCP"= 22512:TCP:BitComet 22512 TCP
"22512:UDP"= 22512:UDP:BitComet 22512 UDP
"7161:TCP"= 7161:TCP:BitComet 7161 TCP
"7161:UDP"= 7161:UDP:BitComet 7161 UDP
"23963:TCP"= 23963:TCP:BitComet 23963 TCP
"23963:UDP"= 23963:UDP:BitComet 23963 UDP
"21143:TCP"= 21143:TCP:BitComet 21143 TCP
"21143:UDP"= 21143:UDP:BitComet 21143 UDP
"25331:TCP"= 25331:TCP:BitComet 25331 TCP
"25331:UDP"= 25331:UDP:BitComet 25331 UDP
"27521:TCP"= 27521:TCP:BitComet 27521 TCP
"27521:UDP"= 27521:UDP:BitComet 27521 UDP
"7504:TCP"= 7504:TCP:BitComet 7504 TCP
"7504:UDP"= 7504:UDP:BitComet 7504 UDP
"21320:TCP"= 21320:TCP:BitComet 21320 TCP
"21320:UDP"= 21320:UDP:BitComet 21320 UDP
"21514:TCP"= 21514:TCP:BitComet 21514 TCP
"21514:UDP"= 21514:UDP:BitComet 21514 UDP
"7314:TCP"= 7314:TCP:BitComet 7314 TCP
"7314:UDP"= 7314:UDP:BitComet 7314 UDP
"21467:TCP"= 21467:TCP:BitComet 21467 TCP
"21467:UDP"= 21467:UDP:BitComet 21467 UDP
"7087:TCP"= 7087:TCP:BitComet 7087 TCP
"7087:UDP"= 7087:UDP:BitComet 7087 UDP
"13893:TCP"= 13893:TCP:BitComet 13893 TCP
"13893:UDP"= 13893:UDP:BitComet 13893 UDP
"17634:TCP"= 17634:TCP:BitComet 17634 TCP
"17634:UDP"= 17634:UDP:BitComet 17634 UDP
"12273:TCP"= 12273:TCP:BitComet 12273 TCP
"12273:UDP"= 12273:UDP:BitComet 12273 UDP
"8037:TCP"= 8037:TCP:BitComet 8037 TCP
"8037:UDP"= 8037:UDP:BitComet 8037 UDP
"7204:TCP"= 7204:TCP:BitComet 7204 TCP
"7204:UDP"= 7204:UDP:BitComet 7204 UDP
"8168:TCP"= 8168:TCP:BitComet 8168 TCP
"8168:UDP"= 8168:UDP:BitComet 8168 UDP
"21665:TCP"= 21665:TCP:BitComet 21665 TCP
"21665:UDP"= 21665:UDP:BitComet 21665 UDP
"7108:TCP"= 7108:TCP:BitComet 7108 TCP
"7108:UDP"= 7108:UDP:BitComet 7108 UDP
"8006:TCP"= 8006:TCP:BitComet 8006 TCP
"8006:UDP"= 8006:UDP:BitComet 8006 UDP
"23057:TCP"= 23057:TCP:BitComet 23057 TCP
"23057:UDP"= 23057:UDP:BitComet 23057 UDP
"7665:TCP"= 7665:TCP:BitComet 7665 TCP
"7665:UDP"= 7665:UDP:BitComet 7665 UDP
"27178:TCP"= 27178:TCP:BitComet 27178 TCP
"27178:UDP"= 27178:UDP:BitComet 27178 UDP
"13922:TCP"= 13922:TCP:BitComet 13922 TCP
"13922:UDP"= 13922:UDP:BitComet 13922 UDP
"21756:TCP"= 21756:TCP:BitComet 21756 TCP
"21756:UDP"= 21756:UDP:BitComet 21756 UDP
"7219:TCP"= 7219:TCP:BitComet 7219 TCP
"7219:UDP"= 7219:UDP:BitComet 7219 UDP
"23991:TCP"= 23991:TCP:BitComet 23991 TCP
"23991:UDP"= 23991:UDP:BitComet 23991 UDP
"27195:TCP"= 27195:TCP:BitComet 27195 TCP
"27195:UDP"= 27195:UDP:BitComet 27195 UDP
"7245:TCP"= 7245:TCP:BitComet 7245 TCP
"7245:UDP"= 7245:UDP:BitComet 7245 UDP
"23206:TCP"= 23206:TCP:BitComet 23206 TCP
"23206:UDP"= 23206:UDP:BitComet 23206 UDP
"27737:TCP"= 27737:TCP:BitComet 27737 TCP
"27737:UDP"= 27737:UDP:BitComet 27737 UDP
"21705:TCP"= 21705:TCP:BitComet 21705 TCP
"21705:UDP"= 21705:UDP:BitComet 21705 UDP
"13001:TCP"= 13001:TCP:BitComet 13001 TCP
"13001:UDP"= 13001:UDP:BitComet 13001 UDP
"21376:TCP"= 21376:TCP:BitComet 21376 TCP
"21376:UDP"= 21376:UDP:BitComet 21376 UDP
"24340:TCP"= 24340:TCP:BitComet 24340 TCP
"24340:UDP"= 24340:UDP:BitComet 24340 UDP
"13732:TCP"= 13732:TCP:BitComet 13732 TCP
"13732:UDP"= 13732:UDP:BitComet 13732 UDP
"7620:TCP"= 7620:TCP:BitComet 7620 TCP
"7620:UDP"= 7620:UDP:BitComet 7620 UDP
"24598:TCP"= 24598:TCP:BitComet 24598 TCP
"24598:UDP"= 24598:UDP:BitComet 24598 UDP
"9255:TCP"= 9255:TCP:BitComet 9255 TCP
"9255:UDP"= 9255:UDP:BitComet 9255 UDP
"13604:TCP"= 13604:TCP:BitComet 13604 TCP
"13604:UDP"= 13604:UDP:BitComet 13604 UDP
"23287:TCP"= 23287:TCP:BitComet 23287 TCP
"23287:UDP"= 23287:UDP:BitComet 23287 UDP
"21023:TCP"= 21023:TCP:BitComet 21023 TCP
"21023:UDP"= 21023:UDP:BitComet 21023 UDP
"7910:TCP"= 7910:TCP:BitComet 7910 TCP
"7910:UDP"= 7910:UDP:BitComet 7910 UDP
"13051:TCP"= 13051:TCP:BitComet 13051 TCP
"13051:UDP"= 13051:UDP:BitComet 13051 UDP
"21832:TCP"= 21832:TCP:BitComet 21832 TCP
"21832:UDP"= 21832:UDP:BitComet 21832 UDP
"7903:TCP"= 7903:TCP:BitComet 7903 TCP
"7903:UDP"= 7903:UDP:BitComet 7903 UDP
"23216:TCP"= 23216:TCP:BitComet 23216 TCP
"23216:UDP"= 23216:UDP:BitComet 23216 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-03-30 111184]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-03-13 33800]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [2005-08-08 6640]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2002-08-29 69120]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-03-30 20560]
R4 FAH-01;Folding Service #01;c:\program files\Folding@Home #01\Folding@Home #01\FAH-Console.exe [2008-06-30 253952]
R4 FAH-02;Folding Service #02;c:\program files\Folding@Home #01\Folding@Home #02\FAH-Console.exe [2008-06-30 253952]
R4 NeroMediaHomeService.4;Nero MediaHome 4 Service;c:\program files\Nero\Nero MediaHome 4\NMMediaServerService.exe [2008-08-29 427304]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\Axtmvflt.sys [2007-06-27 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\Axtmvmdm.sys [2007-06-27 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\Axtmvprt.sys [2007-06-27 38784]
S4 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S4 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2008-10-22 16695]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{716036c4-e1ea-11dc-8e0b-806d6172696f}]
\Shell\AutoRun\command - e:\.\Bin\ASSETUP.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uInternet Settings,ProxyOverride = *.local
IE: &Stáhnout &vše FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\olda\Data aplikací\Mozilla\Firefox\Profiles\wg7emd2a.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRLCT4Player.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-20 16:49:33
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1659004503-515967899-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(824)
c:\windows\system32\nvappfilter.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PSIService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Celkový čas: 2009-01-20 16:52:53 - počítač byl restartován [olda]
ComboFix-quarantined-files.txt 2009-01-20 15:52:50
ComboFix2.txt 2009-01-20 11:54:23

Před spuštěním: Volných bajtů: 143,886,200,832
Po spuštění: Volných bajtů: 143,868,002,304

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
439 --- E O F --- 2008-11-12 08:41:53



log HJT :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:26, on 20.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\TBPanel.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Folding@Home #01\Folding@Home #01\FAH-Console.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Folding@Home #01\Folding@Home #02\FAH-Console.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Nero MediaHome 4] "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1659004503-515967899-839522115-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-1659004503-515967899-839522115-1008\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3956675921
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EHttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Folding Service #01 (FAH-01) - Stanford University - C:\Program Files\Folding@Home #01\Folding@Home #01\FAH-Console.exe
O23 - Service: Folding Service #02 (FAH-02) - Stanford University - C:\Program Files\Folding@Home #01\Folding@Home #02\FAH-Console.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 13911 bytes



..........díky moc

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

Start-spustit- services.msc -najdi ESET service pravým na ni klikni a vyber vlastnosti , v okně dej typ spouštění na zakázáno.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a RegCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš
Pokud nejsou problémy , je to vše.

[Ententyk]

..tak už jsem chtěl jenom poděkovat a zmizet,ale......
po restartu mi vyběhlo okno s hláskou, že součást "LaunchAplication.exe" - "ConnApi.Dll" nelze najít....s tlačítkem OK,tak jsem to vyoukejoval ) a hrnu se zapnout ty aktualizace a pořád stejný,na kartě tento počítač -vlastnosti-at.aktu. je to pořád zaškrtlí na automaticky,ve start-ovl. panely-centrum zabezpečení - vypnuto????-když se to snažím zapnout,tak to hlásí,že bohužel ne a když kliknu na stert-winupdate,tak se mi sice načte stránka microsoft s menu instalace vlastní,nebo expresní,ale když kliknu na to,či ono,tak to hodí hlášku problémy se serverem.... (......nejradši bych to celý zbořil,ale štve mě,že mám v Mozille maila za 2 roky(včetně pracovních) a MozBackup,s kterým jsem měl skvělé zkušenosti mi hází chybu - udělám zálohu a pak pro jistotu zkusím znova obnovit a hlásí,že špatný soubor zálohy,co stím????????? díky

[Ententyk]

.ještě mě napadlo stáhnout celej sp3 a zkusit to s ním přebít,ale to je asi hovadina co?????

[jaro3]

SP3 podle mě jen na čistou instalaci.
Aktualizace:

Stáhni si Dial-a-fix
Fix Windows Update - Opraví problémy se stahováním a instalováním aktualizací Windows Update.
Control Panel applets - Pokusí se o opravu Ovládacích panelů.
Klikni na kladívko-další možnosti:
Reinstall Automatic Updates service - Pokusí se o reinstalaci služby zajišťující automatické aktualizace (případná potřeba instalačního media Windows).
SFC scan - Spustí nástroj pro kontrolu systémových souborů (případná potřeba instalačního media Windows).
Klikni na službu a pak na Go.

[Ententyk]

..........pomohlo to,díky moc........budu všude chválit,mějte se