Potrebuji poradit mam spyware

zpev · Příspěvekod **zpev** » 06 dub 2008 09:03

Dobry den,

potrebuji pomoc ma spyware a nejde ven. Prikladam vypis.

Dekuji

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:00:01, on 6.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mira\Plocha\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.centrum.cz/?ms=ge
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Bleskově - {141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz (file missing)
O9 - Extra button: Centrum.cz - {2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz (file missing)
O9 - Extra button: Xchat - {2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz (file missing)
O9 - Extra button: Aktuálně - {2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Slovníky - {2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz (file missing)
O9 - Extra button: Supermapy - {309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz (file missing)
O9 - Extra button: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra 'Tools' menuitem: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra button: mp3.centrum.cz - {49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/ (file missing)
O9 - Extra button: Žena - {8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz (file missing)
O9 - Extra button: Fotoalba - {8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Počasí - {A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz (file missing)
O9 - Extra button: Sportplus - {BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz (file missing)
O9 - Extra button: Digitálně - {DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/ (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Stahuj.cz - {FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/ (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6027693703
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79C51EA5-57DF-4E3A-9B81-69C930530217}: NameServer = 192.168.10.1
O18 - Protocol: bw+0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: McAfee Application Installer Cleanup (0108381200634640) (0108381200634640mcinstcleanup) - Unknown owner - C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpdj00 - Unknown owner - C:\DOCUME~1\mira\LOCALS~1\Temp\hpdj00.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

--
End of file - 25948 bytes

Reklama

Baron Prášil · Příspěvekod **Baron Prášil** » 06 dub 2008 10:28

no,doufám,že toto téma nějak civilizovaněji ukončíš,než to minulé :evil:

spust služby - napsáním příkazu services.msc do Spustit... v nabídce START a klik na OK
najdi hpdj00 zastav a typ spuštění dej na zakázáno

odinstaluj Zone Alarm

vypni obnovu systému
pravím na Tento počítač>vlastnosti>obnova systému a zaškrtni a ok a potvrdit
až budem hotoví,tak si jí zase zapni opačným postupem

potom použij SDFix
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknoutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah. + opět nový hijackthis

zpev · Příspěvekod **zpev** » 06 dub 2008 11:05

Zatim dekuji budu se snazit :wink:

zpev · Příspěvekod **zpev** » 06 dub 2008 11:34

Tak jsem provedl a nic a prikladam vypis

SDFix: Version 1.166

Run by mira on ne 06.04.2008 at 11:18

Microsoft Windows XP [Verze 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default Desktop Wallpaper

Rebooting

Checking Files :

Trojan Files Found:

C:\WINDOWS\default.htm - Deleted
C:\WINDOWS\regedit.com - Deleted
C:\WINDOWS\regedit.com - Deleted
C:\WINDOWS\system32\winfrun32.bin - Deleted

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-06 11:22:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf41]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf42]

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\\f\1e]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,f0,00,00,00,00,00,00,00,00,00,00,00,..
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\\f\1e]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,00,f0,21,00,00,00,00,00,00,00,00,00,00,..
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?\xe9?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1\xed?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\f\1e]
"DisplayName"="\x010cesk\xe1 kl\xe1vesnice pro E-TEN Glofiish"
"UninstallString"="C:\Program Files\Microsoft ActiveSync\\x010cesk\xe1 kl\xe1vesnice pro E-TEN Glofiish\Uninstall.exe \x010cesk\xe1 kl\xe1vesnice pro E-TEN Glofiish"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\f\1e]
"DisplayName"="\x010cesk\xe1 lokalizace pro E-TEN Glofiish X500"
"UninstallString"="C:\Program Files\Microsoft ActiveSync\\x010cesk\xe1 lokalizace pro E-TEN Glofiish X500\Uninstall.exe \x010cesk\xe1 lokalizace pro E-TEN Glofiish X500"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Dc Strong\\StrongDC.exe"="C:\\Program Files\\Dc Strong\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Documents and Settings\\mira\\Plocha\\Dc Strong\\StrongDC.exe"="C:\\Documents and Settings\\mira\\Plocha\\Dc Strong\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"C:\\Program Files\\Emergency 4\\Em4.exe"="C:\\Program Files\\Emergency 4\\Em4.exe:*:Enabled:Em4"
"C:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"="C:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe:*:Enabled:Brothers In Arms Earned In Blood"
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Documents and Settings\\mira\\Plocha\\My Mobile\\MyMobiler\\MyMobiler.exe"="C:\\Documents and Settings\\mira\\Plocha\\My Mobile\\MyMobiler\\MyMobiler.exe:*:Enabled:Remote Mobile Module"
"C:\\Documents and Settings\\All Users\\Data aplikacˇ\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"="C:\\Documents and Settings\\All Users\\Data aplikacˇ\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe:*:Enabled:Rsupport RemoteCall Viewer"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\\Program Files\\Common Files\\AOL\\1200602454\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1200602454\\ee\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1200602454\\ee\\AOLDesktop.exe"="C:\\Program Files\\Common Files\\AOL\\1200602454\\ee\\AOLDesktop.exe:*:Enabled:AOL Desktop"
"C:\\Program Files\\Sereniti\\NetTrooper\\Sereniti-Service.exe"="C:\\Program Files\\Sereniti\\NetTrooper\\Sereniti-Service.exe:LocalSubNet:Enabled:NetTrooper"
"C:\\Program Files\\Sereniti\\NetTrooper\\Sereniti-SSMonitor.exe"="C:\\Program Files\\Sereniti\\NetTrooper\\Sereniti-SSMonitor.exe:LocalSubNet:Enabled:NetTrooper"
"C:\\Program Files\\Sereniti\\NetTrooper\\Sereniti-NetTrooper.exe"="C:\\Program Files\\Sereniti\\NetTrooper\\Sereniti-NetTrooper.exe:LocalSubNet:Enabled:NetTrooper"
"C:\\Documents and Settings\\All Users\\Data aplikacˇ\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"="C:\\Documents and Settings\\All Users\\Data aplikacˇ\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe:*:Enabled:RemoteX"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\UnrealTournament\\System\\UnrealTournament.exe"="C:\\UnrealTournament\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\UT2004Demo\\System\\UT2004.exe"="C:\\UT2004Demo\\System\\UT2004.exe:*:Enabled:UT2004"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

Remaining Files :

C:\WINDOWS\default.htm Found

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Mon 26 Nov 2007 23,040 ...H. --- "C:\Program Files\CeRegEditor\CeRegMon.exe"
Sat 15 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0e6db4bc1b09434c0b3b5a5c4a3458ce\BIT1.tmp"
Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT4.tmp"
Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bc066f3f60df1b38218903dd0d40ce98\BIT5.tmp"

Finished!

+ hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:29:59, on 6.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mira\Plocha\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.centrum.cz/?ms=ge
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Bleskově - {141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz (file missing)
O9 - Extra button: Centrum.cz - {2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz (file missing)
O9 - Extra button: Xchat - {2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz (file missing)
O9 - Extra button: Aktuálně - {2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Slovníky - {2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz (file missing)
O9 - Extra button: Supermapy - {309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz (file missing)
O9 - Extra button: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra 'Tools' menuitem: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra button: mp3.centrum.cz - {49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/ (file missing)
O9 - Extra button: Žena - {8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz (file missing)
O9 - Extra button: Fotoalba - {8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Počasí - {A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz (file missing)
O9 - Extra button: Sportplus - {BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz (file missing)
O9 - Extra button: Digitálně - {DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/ (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Stahuj.cz - {FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/ (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6027693703
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79C51EA5-57DF-4E3A-9B81-69C930530217}: NameServer = 192.168.10.1
O18 - Protocol: bw+0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: McAfee Application Installer Cleanup (0108381200634640) (0108381200634640mcinstcleanup) - Unknown owner - C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

--
End of file - 26395 bytes

dekuji predem za pomoc

Baron Prášil · Příspěvekod **Baron Prášil** » 06 dub 2008 12:13

Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem klávesy 1
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log, který se ti zobrazí, jinak ho najdeš zde: C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

zpev · Příspěvekod **zpev** » 06 dub 2008 12:31

Tak uz mam a prikladam

ComboFix 08-04-04.1 - mira 2008-04-06 12:20:18.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1369 [GMT 2:00]
Running from: C:\Documents and Settings\mira\Plocha\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\autorun.inf
C:\Program Files\seekmo
C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\default.htm
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\saiemod.dll
C:\WINDOWS\salm.exe
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\msixu.dll
C:\WINDOWS\system32\taskmgr.com
C:\WINDOWS\system32\wer8274.dll
C:\WINDOWS\TEMP\salm.exe
C:\WINDOWS\updatetc.exe
C:\WINDOWS\voiceip.dll

.
((((((((((((((((((((((((( Files Created from 2008-03-06 to 2008-04-06 )))))))))))))))))))))))))))))))
.

2008-04-06 12:27 . 2008-04-06 12:27 <DIR> d-------- C:\Program Files\seekmo
2008-04-06 11:33 . 2008-04-06 11:33 <DIR> d-------- C:\Program Files\180solutions
2008-04-06 11:23 . 2008-04-06 11:23 11,520 --a------ C:\WINDOWS\system32\ntnut32.exe
2008-04-06 11:16 . 2008-04-06 11:16 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-06 11:07 . 2008-04-06 11:24 <DIR> d-------- C:\SDFix
2008-04-06 08:53 . 2008-04-06 11:23 <DIR> d-------- C:\Program Files\zango
2008-04-06 07:55 . 2008-04-06 07:55 24,832 --a------ C:\WINDOWS\system32\shdocpe.dll
2008-04-06 07:50 . 2008-04-06 07:55 <DIR> d-------- C:\Program Files\180searchassistant
2008-04-06 07:50 . 2008-04-06 07:55 <DIR> d-------- C:\Program Files\180search assistant
2008-04-06 07:46 . 2008-04-06 08:55 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-04-06 07:46 . 2008-04-06 07:49 <DIR> d-------- C:\Documents and Settings\mira\Data aplikací\Spyware Terminator
2008-04-06 07:46 . 2008-04-06 07:49 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-04-06 07:46 . 2008-04-06 07:46 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-04-06 02:31 . 2008-04-06 02:33 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-04-06 02:31 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-04-06 02:20 . 2008-04-06 02:20 <DIR> d-------- C:\Program Files\stc
2008-04-06 01:54 . 2008-04-06 01:54 <DIR> d-------- C:\Program Files\Sysmnt
2008-04-06 01:34 . 2008-04-06 11:23 <DIR> d-------- C:\WINDOWS\FLEOK
2008-04-06 01:32 . 2008-04-06 01:32 30,720 --a------ C:\WINDOWS\system32\SIPSPI32.dll
2008-04-06 00:40 . 2008-04-06 00:40 <DIR> d-------- C:\Program Files\Crawler
2008-04-06 00:20 . 2008-04-06 00:20 9,728 --a------ C:\WINDOWS\didduid.ini
2008-04-05 22:37 . 2008-04-05 22:37 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-04-05 21:29 . 2008-04-05 21:29 91,561 --a------ C:\WINDOWS\system32\wmsdkns.exe
2008-04-04 19:24 . 2008-04-04 19:24 <DIR> d-------- C:\WINDOWS\wb
2008-04-02 08:43 . 2008-04-02 08:43 <DIR> d-------- C:\Program Files\directx
2008-04-02 07:48 . 2006-01-10 10:50 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll
2008-04-02 07:48 . 2005-12-22 04:22 5,685 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys
2008-04-02 07:48 . 2005-07-05 10:43 5,120 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2008-04-02 07:48 . 2005-07-05 10:43 3,328 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2008-04-02 04:19 . 2008-04-02 00:19 <DIR> d-------- C:\WINDOWS\NV10241392(2).TMP
2008-04-02 00:23 . 2008-04-02 00:26 <DIR> d-------- C:\WINDOWS\NV10201392.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-06 10:27 21,504 ----a-w C:\WINDOWS\saiemod.dll
2008-04-06 10:27 18,944 ----a-w C:\WINDOWS\updatetc.exe
2008-04-06 10:25 29,952 ----a-w C:\WINDOWS\2020search.dll
2008-04-06 10:25 27,904 ----a-w C:\WINDOWS\cdsm32.dll
2008-04-06 10:25 27,904 ----a-w C:\WINDOWS\bjam.dll
2008-04-06 10:25 22,272 ----a-w C:\WINDOWS\swin32.dll
2008-04-06 10:25 22,272 ----a-w C:\WINDOWS\stcloader.exe
2008-04-06 10:25 21,504 ----a-w C:\WINDOWS\mspphe.dll
2008-04-06 10:25 20,736 ----a-w C:\WINDOWS\bokja.exe
2008-04-06 10:25 17,920 ----a-w C:\WINDOWS\system32\MSIXU.DLL
2008-04-06 10:25 16,128 ----a-w C:\WINDOWS\system32\WER8274.DLL
2008-04-06 10:25 11,776 ----a-w C:\WINDOWS\180ax.exe
2008-04-06 10:16 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Skype
2008-04-06 10:15 --------- d-----w C:\Documents and Settings\mira\Data aplikací\skypePM
2008-04-06 09:25 --------- d-----w C:\Program Files\SpeedFan
2008-04-06 06:14 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-06 00:45 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-04-05 22:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-04-05 22:07 --------- d-----w C:\Program Files\Lavasoft
2008-04-05 22:07 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-05 22:00 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Avg7
2008-04-05 21:45 26,880 ----a-w C:\WINDOWS\winsb.dll
2008-04-04 15:02 --------- d-----w C:\Program Files\Common Files\Logitech
2008-04-04 05:23 --------- d-----w C:\Program Files\Java
2008-04-03 19:21 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-02 05:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-02 05:52 --------- d-----w C:\Program Files\Asus
2008-04-01 22:20 --------- d-----w C:\Program Files\ESET
2008-04-01 22:19 --------- d-----w C:\Program Files\Analog Devices
2008-03-08 04:21 --------- d-----w C:\Program Files\Resco
2008-03-04 06:22 --------- d-----w C:\Documents and Settings\mira\Data aplikací\SUPERAntiSpyware.com
2008-03-02 02:26 --------- d-----w C:\Program Files\Netgate
2008-03-02 02:22 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\NETGATE
2008-03-02 02:05 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Lavasoft
2008-03-02 01:54 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-02-27 07:02 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-02-26 22:43 --------- d-----w C:\Program Files\Skype
2008-02-26 17:04 --------- d-----w C:\Program Files\Google
2008-02-26 17:02 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Styler
2008-02-25 20:45 --------- d-s---w C:\Documents and Settings\All Users\Data aplikací\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Western Digital
2008-02-25 20:45 --------- d-----w C:\Program Files\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\eSellerate
2008-02-25 20:45 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\InstallShield
2008-02-20 09:11 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2008-02-20 09:02 29,704 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2008-02-20 09:01 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2008-02-20 06:55 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\TERMINAL Studio
2008-02-16 01:57 --------- d-----w C:\Program Files\Britanik
2008-02-16 01:12 --------- d-----w C:\Program Files\Microsoft Games
2008-02-15 22:18 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-02-15 19:46 --------- d-----w C:\Program Files\Winamp
2008-02-13 20:10 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Sierra
2008-02-13 17:01 --------- d-----w C:\Program Files\Sierra
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB32.tmp
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB30.tmp
2008-01-18 08:46 37,376 ----a-w C:\WINDOWS\Internet Logs\xDB2E.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB33.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB31.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB2F.tmp
2008-01-18 08:46 1,288,192 ----a-w C:\WINDOWS\Internet Logs\xDB2D.tmp
2008-01-17 20:10 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-01-17 20:10 434,252 ----a-w C:\WINDOWS\system32\MSVCRTD.DLL
2008-01-17 20:10 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-01-17 20:10 216,576 ----a-w C:\WINDOWS\system32\monln.dll
2008-01-17 20:10 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll
2008-01-13 17:14 30,240 ----a-w C:\WINDOWS\system32\VRVD302.dll
2008-01-07 18:23 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-24 18:10 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2007-07-10 17:21 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IE Privacy Keeper"="C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" [2005-12-03 14:52 1015808]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 13:32 81920]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"speedfan"="C:\Program Files\SpeedFan\speedfan.exe" [2007-09-17 19:04 2902528]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 17:50 1289000]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-04-04 17:05 36864]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-05-31 13:09 1314816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 18:14 8491008]
"nwiz"="nwiz.exe" [2007-10-04 18:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 04:07 843776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 18:14 81920]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 12:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Logitech Hardware Abstraction Layer"="C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2006-07-19 12:03 94208]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-08-03 09:44 529968]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-08-03 13:29 244520]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-04-06 07:46 2957824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 20:29 39264]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IETI"="C:\Program Files\Skype\Phone\IEPlugin\unins000.exe" [ ]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-04-04 17:05:08 196608]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-04-04 17:02:49 671744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo8"= VfWWDM32.dll
"msacm.lameacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm
"msacm.CoreFLAC_ACM"= C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"msacm.divxa32"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"msacm.l3acm"= l3codeca.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Microsoft Office Outlook"=C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE /recycle
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 RC 16.1\RivaTuner.exe" /S
"WD Button Manager"=WDBtnMgr.exe
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
"ASM"="C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe"
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"Ai Nap"="C:\Program Files\ASUS\AI Nap\AiNap.exe"
"Ai Gear Help"="C:\Program Files\ASUS\AI Gear\GearHelp.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Dc Strong\\StrongDC.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\mira\\Plocha\\Dc Strong\\StrongDC.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Documents and Settings\\mira\\Plocha\\My Mobile\\MyMobiler\\MyMobiler.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]
R1 OxFWLF;OxFWLF;C:\WINDOWS\system32\drivers\OxFWLF.sys [2007-05-25 10:17]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-01-04 15:13]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2008-01-04 15:13]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2008-01-04 15:13]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-04-06 07:46]
R1 VRVD302;VRVD302;C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-01-13 19:14]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2006-03-02 14:00]
R3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);C:\WINDOWS\system32\drivers\averhbtv.sys [2007-09-07 05:36]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2006-03-02 14:00]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 23:08]
R3 usbhub;Ovladač standardního rozbočovače USB;C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 23:08]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 14:00]
S0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys []
S2 0108381200634640mcinstcleanup;McAfee Application Installer Cleanup (0108381200634640);C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini []
S2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2002-11-18 17:05]
S2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2002-11-18 17:05]
S2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
S3 autorun;autorun;C:\huadio.tmp []
S3 FWL;Fwl Packet Filter;C:\Program files\Software602\602LAN SUITE\fwl.sys []
S3 OXUDIDRV;OXUDIDRV;C:\WINDOWS\system32\Drivers\OXUDIDRV_X32.sys [2007-05-25 10:17]
S3 SeNpf;SeNpf;C:\WINDOWS\system32\drivers\SeNpf.sys [2007-05-03 14:17]
S3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 TVICHW32;TVICHW32;C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [2007-01-18 14:38]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 AutoSyncService;Memeo AutoSync ;"C:\Program Files\Memeo\AutoSync\MemeoService.exe" [2007-07-06 18:28]
S4 hpdj00;hpdj00;C:\DOCUME~1\mira\LOCALS~1\Temp\hpdj00.exe []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f3a42284-69bf-11dc-a1ad-0018f3b14476}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-04-04 15:16:26 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2008-04-06 10:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"2008-04-04 15:16:03 C:\WINDOWS\Tasks\Úklid 1 kliknutím.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-06 12:28:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\autorun]
"ImagePath"="\??\C:\huadio.tmp"
.
Completion time: 2008-04-06 12:29:01
ComboFix-quarantined-files.txt 2008-04-06 10:28:57
Adresářů: 13, Volných bajtů: 68,895,465,472
Adresářů: 15, Volných bajtů: 68,872,818,688
.
2008-04-04 08:12:36 --- E O F ---

Dekuji

Baron Prášil · Příspěvekod **Baron Prášil** » 06 dub 2008 13:56

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:

Kód: Vybrat vše

File::
C:\WINDOWS\system32\ntnut32.exe
C:\WINDOWS\system32\shdocpe.dll
C:\WINDOWS\2020search.dll
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\swin32.dll
C:\WINDOWS\stcloader.exe
C:\WINDOWS\mspphe.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\system32\MSIXU.DLL
C:\WINDOWS\system32\WER8274.DLL
C:\WINDOWS\180ax.exe
C:\WINDOWS\winsb.dll
C:\DOCUME~1\mira\LOCALS~1\Temp\hpdj00.exe

Folder::
C:\Program Files\seekmo
C:\Program Files\180solutions
C:\Program Files\zango
C:\Program Files\180searchassistant
C:\Program Files\180search assistant
C:\Program Files\Sysmnt
C:\WINDOWS\FLEOK
C:\Program Files\stc

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu+nový log z hijackthis+info

Baron Prášil · Příspěvekod **Baron Prášil** » 06 dub 2008 14:07

jestli jsi to ještě neudělal,tak to ještě nedělej tomtom je prej navigace,ovšem její exáč je krajně podezřelej.
takže předělám skript.
jestli jsi to už udělal,tak to holt nainstalíš znova. když se kácí les,lítaj třísky :roll:

// tak,skript je redy !

zpev · Příspěvekod **zpev** » 06 dub 2008 14:18

tedto dodelalo

ComboFix 08-04-04.1 - mira 2008-04-06 14:07:49.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1403 [GMT 2:00]
Running from: C:\Documents and Settings\mira\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\mira\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\DOCUME~1\mira\LOCALS~1\Temp\hpdj00.exe
C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\mspphe.dll
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\MSIXU.DLL
C:\WINDOWS\system32\ntnut32.exe
C:\WINDOWS\system32\shdocpe.dll
C:\WINDOWS\system32\WER8274.DLL
C:\WINDOWS\winsb.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\180search assistant
C:\Program Files\180search assistant\180sa.exe
C:\Program Files\180search assistant\sau.exe
C:\Program Files\180searchassistant
C:\Program Files\180searchassistant\saap.exe
C:\Program Files\180searchassistant\sac.exe
C:\Program Files\180solutions
C:\Program Files\180solutions\sais.exe
C:\Program Files\seekmo
C:\Program Files\seekmo\seekmohook.dll
C:\Program Files\stc
C:\Program Files\stc\csv5p070.exe
C:\Program Files\Sysmnt
C:\Program Files\Sysmnt\Ssmgr.exe
C:\Program Files\TomTom HOME 2
C:\Program Files\TomTom HOME 2\helpcontent\help.jar
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\TomTom HOME 2\license\EULA-af-ZA.html
C:\Program Files\TomTom HOME 2\license\EULA-ca-ES.html
C:\Program Files\TomTom HOME 2\license\EULA-cz-CZ.html
C:\Program Files\TomTom HOME 2\license\EULA-da-DK.html
C:\Program Files\TomTom HOME 2\license\EULA-de-DE.html
C:\Program Files\TomTom HOME 2\license\EULA-en-GB.html
C:\Program Files\TomTom HOME 2\license\EULA-en-US.html
C:\Program Files\TomTom HOME 2\license\EULA-es-ES.html
C:\Program Files\TomTom HOME 2\license\EULA-es-US.html
C:\Program Files\TomTom HOME 2\license\EULA-et-EE.html
C:\Program Files\TomTom HOME 2\license\EULA-fi-FI.html
C:\Program Files\TomTom HOME 2\license\EULA-fr-FR.html
C:\Program Files\TomTom HOME 2\license\EULA-fr-US.html
C:\Program Files\TomTom HOME 2\license\EULA-hu-HU.html
C:\Program Files\TomTom HOME 2\license\EULA-it-IT.html
C:\Program Files\TomTom HOME 2\license\EULA-lt-LT.html
C:\Program Files\TomTom HOME 2\license\EULA-lv-LV.html
C:\Program Files\TomTom HOME 2\license\EULA-nb-NO.html
C:\Program Files\TomTom HOME 2\license\EULA-nl-NL.html
C:\Program Files\TomTom HOME 2\license\EULA-pl-PL.html
C:\Program Files\TomTom HOME 2\license\EULA-pt-BR.html
C:\Program Files\TomTom HOME 2\license\EULA-pt-PT.html
C:\Program Files\TomTom HOME 2\license\EULA-sk-SK.html
C:\Program Files\TomTom HOME 2\license\EULA-sl-SL.html
C:\Program Files\TomTom HOME 2\license\EULA-sv-SE.html
C:\Program Files\TomTom HOME 2\license\EULA-tr-TR.html
C:\Program Files\TomTom HOME 2\license\EULA-zh-CN.html
C:\Program Files\TomTom HOME 2\license\EULA-zh-TW.html
C:\Program Files\TomTom HOME 2\Resources\libmspack_license.txt
C:\Program Files\TomTom HOME 2\Resources\TomTom.ico
C:\Program Files\TomTom HOME 2\Resources\TomTomSplash.bmp
C:\Program Files\TomTom HOME 2\TomTomHOME.exe
C:\Program Files\TomTom HOME 2\Translations\ca_ES.mo
C:\Program Files\TomTom HOME 2\Translations\cs.mo
C:\Program Files\TomTom HOME 2\Translations\da.mo
C:\Program Files\TomTom HOME 2\Translations\de.mo
C:\Program Files\TomTom HOME 2\Translations\en_GB.mo
C:\Program Files\TomTom HOME 2\Translations\en_US.mo
C:\Program Files\TomTom HOME 2\Translations\es.mo
C:\Program Files\TomTom HOME 2\Translations\et.mo
C:\Program Files\TomTom HOME 2\Translations\fi.mo
C:\Program Files\TomTom HOME 2\Translations\fr.mo
C:\Program Files\TomTom HOME 2\Translations\hu.mo
C:\Program Files\TomTom HOME 2\Translations\it.mo
C:\Program Files\TomTom HOME 2\Translations\lt.mo
C:\Program Files\TomTom HOME 2\Translations\lv.mo
C:\Program Files\TomTom HOME 2\Translations\nb_NO.mo
C:\Program Files\TomTom HOME 2\Translations\nl.mo
C:\Program Files\TomTom HOME 2\Translations\pl.mo
C:\Program Files\TomTom HOME 2\Translations\pt.mo
C:\Program Files\TomTom HOME 2\Translations\pt_BR.mo
C:\Program Files\TomTom HOME 2\Translations\sk.mo
C:\Program Files\TomTom HOME 2\Translations\sv.mo
C:\Program Files\TomTom HOME 2\Translations\tr.mo
C:\Program Files\TomTom HOME 2\Translations\zh_CN.mo
C:\Program Files\TomTom HOME 2\Translations\zh_TW.mo
C:\Program Files\TomTom HOME 2\xul\application.ini
C:\Program Files\TomTom HOME 2\xul\components\commandlineValidator.js
C:\Program Files\TomTom HOME 2\xul\components\HOMEServices.dll
C:\Program Files\TomTom HOME 2\xul\components\tthome.xpt
C:\Program Files\TomTom HOME 2\xul\components\untrusteduri.js
C:\Program Files\TomTom HOME 2\xul\defaults\preferences\installer-generated.js
C:\Program Files\TomTom HOME 2\xul\defaults\preferences\tthome-prefs.js
C:\Program Files\TomTom HOME 2\xul\chrome\chrome.manifest
C:\Program Files\TomTom HOME 2\xul\chrome\tthome.jar
C:\Program Files\TomTom HOME 2\xul\chrome\ttuntrusted.jar
C:\Program Files\TomTom HOME 2\xul\plugins\emulator\resources\NavigatorSplashScreen.bmp
C:\Program Files\TomTom HOME 2\xul\plugins\emulator\resources\NavigatorSplashScreenWide.bmp
C:\Program Files\TomTom HOME 2\xul\plugins\npTomTomEmulatorPlugin.dll
C:\Program Files\TomTom HOME 2\xulrunner\AccessibleMarshal.dll
C:\Program Files\TomTom HOME 2\xulrunner\bloaturls.txt
C:\Program Files\TomTom HOME 2\xulrunner\components\FeedProcessor.js
C:\Program Files\TomTom HOME 2\xulrunner\components\jsconsole-clhandler.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsContentDispatchChooser.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsContentPrefService.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsDefaultCLH.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsDictionary.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsExtensionManager.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsHandlerService.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsHelperAppDlg.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsLivemarkService.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsLoginInfo.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsLoginManager.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsLoginManagerPrompter.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsPostUpdateWin.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsProgressDialog.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsProxyAutoConfig.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsResetPref.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsScriptableIO.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsTaggingService.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsTryToClose.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsUpdateService.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsURLFormatter.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsXmlRpcClient.js
C:\Program Files\TomTom HOME 2\xulrunner\components\nsXULAppInstall.js
C:\Program Files\TomTom HOME 2\xulrunner\components\pluginGlue.js
C:\Program Files\TomTom HOME 2\xulrunner\components\storage-Legacy.js
C:\Program Files\TomTom HOME 2\xulrunner\components\tthome.xpt
C:\Program Files\TomTom HOME 2\xulrunner\components\txEXSLTRegExFunctions.js
C:\Program Files\TomTom HOME 2\xulrunner\components\venkman-service.js
C:\Program Files\TomTom HOME 2\xulrunner\defaults\autoconfig\platform.js
C:\Program Files\TomTom HOME 2\xulrunner\defaults\autoconfig\prefcalls.js
C:\Program Files\TomTom HOME 2\xulrunner\defaults\pref\xulrunner.js
C:\Program Files\TomTom HOME 2\xulrunner\defaults\profile\chrome\userContent-example.css
C:\Program Files\TomTom HOME 2\xulrunner\defaults\profile\chrome\userChrome-example.css
C:\Program Files\TomTom HOME 2\xulrunner\defaults\profile\localstore.rdf
C:\Program Files\TomTom HOME 2\xulrunner\defaults\profile\US\chrome\userContent-example.css
C:\Program Files\TomTom HOME 2\xulrunner\defaults\profile\US\chrome\userChrome-example.css
C:\Program Files\TomTom HOME 2\xulrunner\defaults\profile\US\localstore.rdf
C:\Program Files\TomTom HOME 2\xulrunner\dependentlibs.list
C:\Program Files\TomTom HOME 2\xulrunner\dictionaries\en-US.aff
C:\Program Files\TomTom HOME 2\xulrunner\dictionaries\en-US.dic
C:\Program Files\TomTom HOME 2\xulrunner\freebl3.dll
C:\Program Files\TomTom HOME 2\xulrunner\freebl3.chk
C:\Program Files\TomTom HOME 2\xulrunner\greprefs\all.js
C:\Program Files\TomTom HOME 2\xulrunner\greprefs\security-prefs.js
C:\Program Files\TomTom HOME 2\xulrunner\greprefs\xpinstall.js
C:\Program Files\TomTom HOME 2\xulrunner\chrome\classic.jar
C:\Program Files\TomTom HOME 2\xulrunner\chrome\classic.manifest
C:\Program Files\TomTom HOME 2\xulrunner\chrome\comm.jar
C:\Program Files\TomTom HOME 2\xulrunner\chrome\comm.manifest
C:\Program Files\TomTom HOME 2\xulrunner\chrome\en-US.jar
C:\Program Files\TomTom HOME 2\xulrunner\chrome\en-US.manifest
C:\Program Files\TomTom HOME 2\xulrunner\chrome\installed-chrome.txt
C:\Program Files\TomTom HOME 2\xulrunner\chrome\pippki.jar
C:\Program Files\TomTom HOME 2\xulrunner\chrome\pippki.manifest
C:\Program Files\TomTom HOME 2\xulrunner\chrome\toolkit.jar
C:\Program Files\TomTom HOME 2\xulrunner\chrome\toolkit.manifest
C:\Program Files\TomTom HOME 2\xulrunner\IA2Marshal.dll
C:\Program Files\TomTom HOME 2\xulrunner\js3250.dll
C:\Program Files\TomTom HOME 2\xulrunner\LICENSE
C:\Program Files\TomTom HOME 2\xulrunner\modules\XPCOMUtils.jsm
C:\Program Files\TomTom HOME 2\xulrunner\nspr4.dll
C:\Program Files\TomTom HOME 2\xulrunner\nss3.dll
C:\Program Files\TomTom HOME 2\xulrunner\nssckbi.dll
C:\Program Files\TomTom HOME 2\xulrunner\nssdbm3.dll
C:\Program Files\TomTom HOME 2\xulrunner\platform.ini
C:\Program Files\TomTom HOME 2\xulrunner\plc4.dll
C:\Program Files\TomTom HOME 2\xulrunner\plds4.dll
C:\Program Files\TomTom HOME 2\xulrunner\plugins\npnul32.dll
C:\Program Files\TomTom HOME 2\xulrunner\README.txt
C:\Program Files\TomTom HOME 2\xulrunner\res\arrow.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\arrowd.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\bloatcycle.html
C:\Program Files\TomTom HOME 2\xulrunner\res\broken-image.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\cmessage.txt
C:\Program Files\TomTom HOME 2\xulrunner\res\contenteditable.css
C:\Program Files\TomTom HOME 2\xulrunner\res\designmode.css
C:\Program Files\TomTom HOME 2\xulrunner\res\dtd\xhtml11.dtd
C:\Program Files\TomTom HOME 2\xulrunner\res\EditorOverride.css
C:\Program Files\TomTom HOME 2\xulrunner\res\effective_tld_names.dat
C:\Program Files\TomTom HOME 2\xulrunner\res\entityTables\html40Latin1.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\entityTables\html40Special.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\entityTables\html40Symbols.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\entityTables\htmlEntityVersions.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\entityTables\transliterate.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\forms.css
C:\Program Files\TomTom HOME 2\xulrunner\res\grabber.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\hiddenWindow.html
C:\Program Files\TomTom HOME 2\xulrunner\res\html.css
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-audio.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-binary.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-find.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-image.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-menu.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-movie.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-sound.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-telnet.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-text.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\html\gopher-unknown.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\charsetalias.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\charsetData.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\langGroups.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\language.properties
C:\Program Files\TomTom HOME 2\xulrunner\res\loading-image.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\quirk.css
C:\Program Files\TomTom HOME 2\xulrunner\res\svg.css
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-column-after-active.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-column-after-hover.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-column-after.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-column-before-active.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-column-before-hover.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-column-before.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-row-after-active.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-row-after-hover.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-row-after.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-row-before-active.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-row-before-hover.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-add-row-before.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-remove-column-active.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-remove-column-hover.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-remove-column.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-remove-row-active.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-remove-row-hover.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\table-remove-row.gif
C:\Program Files\TomTom HOME 2\xulrunner\res\ua.css
C:\Program Files\TomTom HOME 2\xulrunner\res\viewsource.css
C:\Program Files\TomTom HOME 2\xulrunner\res\wincharset.properties
C:\Program Files\TomTom HOME 2\xulrunner\smime3.dll
C:\Program Files\TomTom HOME 2\xulrunner\softokn3.dll
C:\Program Files\TomTom HOME 2\xulrunner\softokn3.chk
C:\Program Files\TomTom HOME 2\xulrunner\sqlite3.dll
C:\Program Files\TomTom HOME 2\xulrunner\ssl3.dll
C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOME_Exception.txt
C:\Program Files\TomTom HOME 2\xulrunner\xpcom.dll
C:\Program Files\TomTom HOME 2\xulrunner\xpicleanup.exe
C:\Program Files\TomTom HOME 2\xulrunner\xul.dll
C:\Program Files\TomTom HOME 2\xulrunner\xulrunner.exe
C:\Program Files\zango
C:\Program Files\zango\zango.exe
C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\default.htm
C:\WINDOWS\FLEOK
C:\WINDOWS\FLEOK\180ax.exe
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\saiemod.dll
C:\WINDOWS\salm.exe
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\MSIXU.DLL
C:\WINDOWS\system32\ntnut32.exe
C:\WINDOWS\system32\shdocpe.dll
C:\WINDOWS\system32\wer8274.dll
C:\WINDOWS\TEMP\salm.exe
C:\WINDOWS\updatetc.exe
C:\WINDOWS\voiceip.dll
C:\WINDOWS\winsb.dll

.
((((((((((((((((((((((((( Files Created from 2008-03-06 to 2008-04-06 )))))))))))))))))))))))))))))))
.

2008-04-06 13:33 . 2008-04-06 13:35 <DIR> d-------- C:\Documents and Settings\mira\Data aplikací\AVG7
2008-04-06 13:32 . 2008-04-06 13:32 <DIR> d-------- C:\Documents and Settings\LocalService\Data aplikací\AVG7
2008-04-06 13:30 . 2008-04-06 13:30 <DIR> d-------- C:\WINDOWS\LastGood
2008-04-06 11:16 . 2008-04-06 11:16 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-06 11:07 . 2008-04-06 11:24 <DIR> d-------- C:\SDFix
2008-04-06 02:31 . 2008-04-06 13:17 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-04-06 02:31 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-04-06 01:32 . 2008-04-06 01:32 30,720 --a------ C:\WINDOWS\system32\SIPSPI32.dll
2008-04-06 00:40 . 2008-04-06 00:40 <DIR> d-------- C:\Program Files\Crawler
2008-04-06 00:20 . 2008-04-06 00:20 9,728 --a------ C:\WINDOWS\didduid.ini
2008-04-05 22:37 . 2008-04-05 22:37 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-04-05 21:29 . 2008-04-05 21:29 91,561 --a------ C:\WINDOWS\system32\wmsdkns.exe
2008-04-04 19:24 . 2008-04-04 19:24 <DIR> d-------- C:\WINDOWS\wb
2008-04-02 08:43 . 2008-04-02 08:43 <DIR> d-------- C:\Program Files\directx
2008-04-02 07:48 . 2006-01-10 10:50 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll
2008-04-02 07:48 . 2005-12-22 04:22 5,685 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys
2008-04-02 07:48 . 2005-07-05 10:43 5,120 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2008-04-02 07:48 . 2005-07-05 10:43 3,328 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2008-04-02 04:19 . 2008-04-02 00:19 <DIR> d-------- C:\WINDOWS\NV10241392(2).TMP
2008-04-02 00:23 . 2008-04-02 00:26 <DIR> d-------- C:\WINDOWS\NV10201392.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-06 11:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Avg7
2008-04-06 11:32 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Grisoft
2008-04-06 11:30 --------- d-----w C:\Program Files\ESET
2008-04-06 11:25 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Skype
2008-04-06 11:19 --------- d-----w C:\Program Files\SpeedFan
2008-04-06 11:17 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-04-06 10:42 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-06 10:15 --------- d-----w C:\Documents and Settings\mira\Data aplikací\skypePM
2008-04-05 22:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-04-05 22:07 --------- d-----w C:\Program Files\Lavasoft
2008-04-05 22:07 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-04 15:02 --------- d-----w C:\Program Files\Common Files\Logitech
2008-04-04 05:23 --------- d-----w C:\Program Files\Java
2008-04-03 19:21 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-02 05:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-02 05:52 --------- d-----w C:\Program Files\Asus
2008-04-01 22:19 --------- d-----w C:\Program Files\Analog Devices
2008-03-08 04:21 --------- d-----w C:\Program Files\Resco
2008-03-04 06:22 --------- d-----w C:\Documents and Settings\mira\Data aplikací\SUPERAntiSpyware.com
2008-03-02 02:26 --------- d-----w C:\Program Files\Netgate
2008-03-02 02:22 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\NETGATE
2008-03-02 02:05 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Lavasoft
2008-03-02 01:54 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-02-27 07:02 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-02-26 22:43 --------- d-----w C:\Program Files\Skype
2008-02-26 17:04 --------- d-----w C:\Program Files\Google
2008-02-26 17:02 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Styler
2008-02-25 20:45 --------- d-s---w C:\Documents and Settings\All Users\Data aplikací\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Western Digital
2008-02-25 20:45 --------- d-----w C:\Program Files\Memeo
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-25 20:45 --------- d-----w C:\Program Files\Common Files\eSellerate
2008-02-25 20:45 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\InstallShield
2008-02-20 06:55 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\TERMINAL Studio
2008-02-16 01:57 --------- d-----w C:\Program Files\Britanik
2008-02-16 01:12 --------- d-----w C:\Program Files\Microsoft Games
2008-02-15 22:18 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-02-15 19:46 --------- d-----w C:\Program Files\Winamp
2008-02-13 20:10 --------- d-----w C:\Documents and Settings\mira\Data aplikací\Sierra
2008-02-13 17:01 --------- d-----w C:\Program Files\Sierra
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB32.tmp
2008-01-18 08:46 9,216 ----a-w C:\WINDOWS\Internet Logs\xDB30.tmp
2008-01-18 08:46 37,376 ----a-w C:\WINDOWS\Internet Logs\xDB2E.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB33.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB31.tmp
2008-01-18 08:46 1,289,216 ----a-w C:\WINDOWS\Internet Logs\xDB2F.tmp
2008-01-18 08:46 1,288,192 ----a-w C:\WINDOWS\Internet Logs\xDB2D.tmp
2008-01-17 20:10 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-01-17 20:10 434,252 ----a-w C:\WINDOWS\system32\MSVCRTD.DLL
2008-01-17 20:10 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-01-17 20:10 216,576 ----a-w C:\WINDOWS\system32\monln.dll
2008-01-17 20:10 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll
2008-01-13 17:14 30,240 ----a-w C:\WINDOWS\system32\VRVD302.dll
2008-01-07 18:23 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-24 18:10 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2007-07-10 17:21 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
.

((((((((((((((((((((((((((((( snapshot@2008-04-06_12.28.35,43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-06 09:23:21 19,712 ----a-w C:\WINDOWS\Installer\id53.exe
+ 2008-04-06 11:21:00 20,736 ----a-w C:\WINDOWS\Installer\id53.exe
+ 2008-02-20 09:01:30 39,944 ----a-w C:\WINDOWS\LastGood\system32\DRIVERS\eamon.sys
+ 2008-02-20 09:02:22 29,704 ----a-w C:\WINDOWS\LastGood\system32\DRIVERS\easdrv.sys
+ 2008-02-20 09:11:16 33,800 ----a-w C:\WINDOWS\LastGood\system32\DRIVERS\epfwtdir.sys
+ 2008-04-06 11:32:46 821,856 ----a-w C:\WINDOWS\system32\drivers\avg7core.sys
+ 2008-04-06 11:32:50 4,224 ----a-w C:\WINDOWS\system32\drivers\avg7rsw.sys
+ 2008-04-06 11:32:50 27,776 ----a-w C:\WINDOWS\system32\drivers\avg7rsxp.sys
+ 2008-04-06 11:32:50 10,760 ----a-w C:\WINDOWS\system32\drivers\avgclean.sys
+ 2008-04-06 11:32:50 26,952 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
+ 2008-04-06 11:19:38 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_834.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IE Privacy Keeper"="C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" [2005-12-03 14:52 1015808]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 13:32 81920]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"speedfan"="C:\Program Files\SpeedFan\speedfan.exe" [2007-09-17 19:04 2902528]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 17:50 1289000]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-04-04 17:05 36864]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-05-31 13:09 1314816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 18:14 8491008]
"nwiz"="nwiz.exe" [2007-10-04 18:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 04:07 843776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 18:14 81920]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 12:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Logitech Hardware Abstraction Layer"="C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2006-07-19 12:03 94208]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-08-03 09:44 529968]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-08-03 13:29 244520]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-06 13:32 579072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 20:29 39264]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-04-06 13:32 219136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IETI"="C:\Program Files\Skype\Phone\IEPlugin\unins000.exe" [ ]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-04-04 17:05:08 196608]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-04-04 17:02:49 671744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo8"= VfWWDM32.dll
"msacm.lameacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"= C:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm
"msacm.CoreFLAC_ACM"= C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"msacm.divxa32"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"msacm.l3acm"= l3codeca.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Microsoft Office Outlook"=C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE /recycle
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 RC 16.1\RivaTuner.exe" /S
"WD Button Manager"=WDBtnMgr.exe
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
"ASM"="C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe"
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"Ai Nap"="C:\Program Files\ASUS\AI Nap\AiNap.exe"
"Ai Gear Help"="C:\Program Files\ASUS\AI Gear\GearHelp.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Dc Strong\\StrongDC.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\mira\\Plocha\\Dc Strong\\StrongDC.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Documents and Settings\\mira\\Plocha\\My Mobile\\MyMobiler\\MyMobiler.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Documents and Settings\\All Users\\Data aplikací\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 OxFWLF;OxFWLF;C:\WINDOWS\system32\drivers\OxFWLF.sys [2007-05-25 10:17]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-01-04 15:13]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2008-01-04 15:13]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2008-01-04 15:13]
R1 VRVD302;VRVD302;C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-01-13 19:14]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2006-03-02 14:00]
R3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);C:\WINDOWS\system32\drivers\averhbtv.sys [2007-09-07 05:36]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2006-03-02 14:00]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 23:08]
R3 usbhub;Ovladač standardního rozbočovače USB;C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 23:08]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 14:00]
R4 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys []
S2 0108381200634640mcinstcleanup;McAfee Application Installer Cleanup (0108381200634640);C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini []
S2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2002-11-18 17:05]
S2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2002-11-18 17:05]
S2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
S3 autorun;autorun;C:\huadio.tmp []
S3 FWL;Fwl Packet Filter;C:\Program files\Software602\602LAN SUITE\fwl.sys []
S3 OXUDIDRV;OXUDIDRV;C:\WINDOWS\system32\Drivers\OXUDIDRV_X32.sys [2007-05-25 10:17]
S3 SeNpf;SeNpf;C:\WINDOWS\system32\drivers\SeNpf.sys [2007-05-03 14:17]
S3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 TVICHW32;TVICHW32;C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [2007-01-18 14:38]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 AutoSyncService;Memeo AutoSync ;"C:\Program Files\Memeo\AutoSync\MemeoService.exe" [2007-07-06 18:28]
S4 hpdj00;hpdj00;C:\DOCUME~1\mira\LOCALS~1\Temp\hpdj00.exe []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f3a42284-69bf-11dc-a1ad-0018f3b14476}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe

*Newly Created Service* - AVG7ALRT
*Newly Created Service* - AVG7CORE
*Newly Created Service* - AVG7RSXP
*Newly Created Service* - AVG7UPDSVC
*Newly Created Service* - AVGCLEAN
.
Contents of the 'Scheduled Tasks' folder
"2008-04-04 15:16:26 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2008-04-06 10:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"2008-04-04 15:16:03 C:\WINDOWS\Tasks\Úklid 1 kliknutím.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-06 14:12:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\autorun]
"ImagePath"="\??\C:\huadio.tmp"
.
Completion time: 2008-04-06 14:12:41
ComboFix-quarantined-files.txt 2008-04-06 12:12:38
ComboFix2.txt 2008-04-06 10:29:02
Adresářů: 13, Volných bajtů: 68,841,304,064
Adresářů: 15, Volných bajtů: 68,804,849,664
.
2008-04-04 08:12:36 --- E O F ---

Baron Prášil · Příspěvekod **Baron Prášil** » 06 dub 2008 15:38

člověče!chtěl sem taky hijackthis a info o tom jak se chová komp. takhle si to jenom protahuješ :smile:

tomtoma je mi líto

zpev · Příspěvekod **zpev** » 06 dub 2008 17:05

to myslis ze to napadlo to mtom to doufam ne no ale co bych nadelal

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:28, on 6.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\mira\Plocha\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Bleskově - {141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz (file missing)
O9 - Extra button: Centrum.cz - {2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz (file missing)
O9 - Extra button: Xchat - {2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz (file missing)
O9 - Extra button: Aktuálně - {2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Slovníky - {2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz (file missing)
O9 - Extra button: Supermapy - {309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz (file missing)
O9 - Extra button: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra 'Tools' menuitem: Britanik - {479BEE90-08C0-44fa-AE28-06BA96963B5B} - C:\Program Files\Britanik\britanik.dll
O9 - Extra button: mp3.centrum.cz - {49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/ (file missing)
O9 - Extra button: Žena - {8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz (file missing)
O9 - Extra button: Fotoalba - {8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Počasí - {A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz (file missing)
O9 - Extra button: Sportplus - {BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz (file missing)
O9 - Extra button: Digitálně - {DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/ (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Stahuj.cz - {FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/ (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6027693703
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79C51EA5-57DF-4E3A-9B81-69C930530217}: NameServer = 192.168.10.1
O18 - Protocol: bw+0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5028BAD-6B5E-4B1F-AD58-CEE4AE19A123} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: McAfee Application Installer Cleanup (0108381200634640) (0108381200634640mcinstcleanup) - Unknown owner - C:\DOCUME~1\mira\LOCALS~1\Temp\010838~1.EXE (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

--
End of file - 27235 bytes

Baron Prášil · Příspěvekod **Baron Prášil** » 06 dub 2008 17:08

ne je mi líto tebe,že budeš muset tomtoma nainstalit znova. byl to můj omyl :smile:

ale prosím,prosím,prosím, co ten kompík? jak se chová? jak to vypadá s tvím původním problémem?

Potrebuji poradit mam spyware

Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Re: Potrebuji poradit mam spyware

Kdo je online