Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

SKYPE VIRUS!!!!

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
mourison
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 25 črc 2012 16:40
Kontaktovat uživatele:
Kontaktovat uživatele mourison

SKYPE VIRUS!!!!

#1 Příspěvek od mourison »

Dobrý den. Potřebuji rychle help.
Dozvěděl jsem se, že skype virus jako hxxp://goo.gl/xxxxx?image=VasSkype" je velmi nebezpečný a Antivirus avast si s ním neporadí. Je to pravda ? a jak se jej zbavím ?. Děkuji.
Naposledy upravil(a) vyosek dne 04 pro 2012 18:40, celkem upraveno 1 x.
Důvod: Z bezp. duvodu znefunkcnen link
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: SKYPE VIRUS!!!!

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Rychle se ani pes nevyse*e...A my jsme tu zdarma a ve svem volnem case

:arrow: Info o viru http://www.viry.cz/nova-havet-se-siri-pres-skype/

:arrow: Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mourison
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 25 črc 2012 16:40
Kontaktovat uživatele:
Kontaktovat uživatele mourison

Re: SKYPE VIRUS!!!!

#3 Příspěvek od mourison »

Chtěl jsem se zeptat jestli jsem byl napaden i když jsem otevřel archiv, ale nerozkliknul jsem .exe soubor. ?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: SKYPE VIRUS!!!!

#4 Příspěvek od vyosek »

Nemel by byt, ale kdyz date ten log z RSIT tak budem moudrejsi
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mourison
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 25 črc 2012 16:40
Kontaktovat uživatele:
Kontaktovat uživatele mourison

Re: SKYPE VIRUS!!!!

#5 Příspěvek od mourison »

Velmi děkuji za pomoc. okamžiťe to zkusím :D
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: SKYPE VIRUS!!!!

#6 Příspěvek od vyosek »

:wink: :)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mourison
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 25 črc 2012 16:40
Kontaktovat uživatele:
Kontaktovat uživatele mourison

Re: SKYPE VIRUS!!!!

#7 Příspěvek od mourison »

Chcete zaslat log.txt ?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: SKYPE VIRUS!!!!

#8 Příspěvek od vyosek »

Chce to trochu klidu a cist
Vyckejte nekolik vterin, nez se vygeneruje log se jmenem log.txt (pokud nebude log vygenerovan, naleznete jej na C:\rsit\log.txt); jeho obsah zkopirujte do vaseho threadu na forum.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mourison
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 25 črc 2012 16:40
Kontaktovat uživatele:
Kontaktovat uživatele mourison

Re: SKYPE VIRUS!!!!

#9 Příspěvek od mourison »

Tak a je tu :D

Logfile of random's system information tool 1.09 (written by random/random)
Run by Zuzana at 2012-12-04 18:56:24
Microsoft Windows 7 Home Premium
System drive C: has 259 GB (52%) free of 500 GB
Total RAM: 3326 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:40, on 4.12.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Users\Zuzana\Desktop\RSIT.exe
C:\Program Files\trend micro\Zuzana.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb201?a=6PQQHrDc06&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 6F65AFE93F}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Zuzana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Zuzana\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Cracked Steam Service] "D:\Program Files\Steam\Cracked Steam\Cracked Steam.exe" /SERVICE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra button: (no name) - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files\Splashtop\Splashtop Connect IE\STCHelper.exe",-101 - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: @"C:\Program Files\Splashtop\Splashtop Connect IE\STCHelper.exe",-103 - {9E508DD9-844C-4985-AC11-AFE5DD71E0BF} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: (no name) - {B771147A-4CC8-450e-8AB1-7D47821751B1} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files\Splashtop\Splashtop Connect IE\STCHelper.exe",-102 - {B771147A-4CC8-450e-8AB1-7D47821751B1} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: @"C:\Program Files\Splashtop\Splashtop Connect IE\STCHelper.exe",-104 - {EB89B163-2474-4734-9E93-68B61BC5BED5} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe

--
End of file - 12569 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2965447737-3649890054-2591660733-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2965447737-3649890054-2591660733-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2965447737-3649890054-2591660733-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2965447737-3649890054-2591660733-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default

prefs.js - "browser.startup.homepage" - "http://mystart.incredibar.com/mb201?a=6PQQHrDc06&i=26"
prefs.js - "keyword.URL" - "http://mystart.incredibar.com/mb201/?lo ... 26&search="

"{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}"=C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
"{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}"=C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
"{d9284e50-81fc-11da-a72b-0800200c9a66}"=C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\IB Updater\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default\extensions\
ffxtlbr@incredibar.com

C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default\searchplugins\
MyStart Search.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
Splashtop Connect VisualBookmark - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll [2011-01-21 345968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
IB Updater - C:\Program Files\IB Updater\Extension32.dll [2012-10-23 170840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-21 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-23 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}]
WinToFlash Suggestor - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll [2012-05-25 281424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-23 1227224]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-21 270336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"=C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe [2011-01-21 776064]
"ZyngaGamesAgent"=C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [2010-11-15 841544]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-02 9808488]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-23 4297136]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Google Update"=C:\Users\Zuzana\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 116648]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Facebook Update"=C:\Users\Zuzana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-01 138096]
"Cracked Steam Service"=D:\Program Files\Steam\Cracked Steam\Cracked Steam.exe [2011-09-16 337506]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
"VIDC.FPS1"=frapsvid.dll
"msacm.l3codec"=l3codecp.acm

======File associations======

.js - edit -
.js - open - "D:\pspad\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2012-12-04 18:56:24 ----D---- C:\rsit
2012-12-04 18:56:24 ----D---- C:\Program Files\trend micro
2012-12-04 12:05:11 ----D---- C:\Windows\Minidump
2012-12-01 22:23:50 ----D---- C:\Program Files\Firefly Studios
2012-11-25 21:10:01 ----D---- C:\Program Files\Game_Maker8
2012-11-25 19:46:24 ----ASH---- C:\pagefile.sys
2012-11-24 15:08:54 ----D---- C:\Program Files\WinToFlash Suggestor
2012-11-24 15:06:41 ----D---- C:\Program Files\Perion
2012-11-24 15:06:37 ----A---- C:\user.js
2012-11-24 15:06:36 ----D---- C:\Program Files\Incredibar.com
2012-11-24 15:06:33 ----D---- C:\Windows\system32\WNLT
2012-11-24 15:06:32 ----D---- C:\Program Files\IB Updater
2012-11-21 17:34:06 ----RD---- C:\Program Files\Skype
2012-11-21 17:34:06 ----D---- C:\Program Files\Common Files\Skype
2012-11-18 19:42:07 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-11-18 19:42:07 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-11-18 19:42:07 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-11-18 19:42:07 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-11-18 19:42:05 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-11-18 19:42:04 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-11-18 19:42:02 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-11-18 19:42:02 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-11-18 19:42:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-11-18 19:42:00 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-11-18 19:42:00 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-11-18 19:41:59 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-11-18 19:41:59 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-11-18 19:41:59 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-11-18 19:41:58 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-11-18 19:41:58 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-11-18 19:41:58 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-11-18 19:41:58 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-11-18 19:41:57 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-11-18 19:41:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-11-18 19:41:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-11-18 19:41:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-11-18 19:41:56 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-11-18 19:41:55 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-11-18 19:41:55 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-11-18 19:41:55 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-11-18 19:41:55 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-11-18 19:41:54 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-11-18 19:41:51 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-11-18 19:41:51 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-11-18 19:41:50 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-11-18 19:41:50 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-11-18 19:41:50 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-11-18 19:41:50 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-11-18 19:41:49 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-11-18 19:41:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-11-18 19:41:49 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-11-18 19:41:48 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-11-18 19:41:48 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-11-18 19:41:48 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-11-18 19:41:47 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-11-18 19:41:46 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-11-18 19:41:44 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-11-18 19:41:44 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-11-18 19:41:42 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-11-18 19:41:40 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-11-18 19:41:39 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-11-18 19:41:39 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-11-18 19:41:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-11-18 19:41:36 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-11-18 19:41:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-11-18 19:41:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-11-18 19:41:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-11-18 19:41:08 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-11-18 19:41:07 ----A---- C:\Windows\system32\xinput1_3.dll
2012-11-18 19:41:06 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-11-18 19:41:03 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-11-18 19:41:03 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-11-18 19:40:59 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-11-18 19:40:58 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-11-18 19:40:57 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-11-18 19:40:56 ----A---- C:\Windows\system32\d3dx10.dll
2012-11-18 19:40:55 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-11-18 19:40:54 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-11-18 19:40:54 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-11-18 19:40:53 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-11-18 19:40:52 ----A---- C:\Windows\system32\xinput1_2.dll
2012-11-18 19:40:51 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-11-18 19:40:50 ----A---- C:\Windows\system32\xinput1_1.dll
2012-11-18 19:40:48 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-11-18 19:40:32 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-11-18 19:40:31 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-11-18 19:40:31 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-11-18 19:40:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-11-18 19:40:27 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-11-18 19:40:26 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-11-18 19:40:25 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-11-18 19:40:19 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-11-15 20:53:37 ----D---- C:\Program Files\Futuremark
2012-11-15 20:53:26 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-11-15 20:53:26 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-11-15 20:53:25 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-11-15 20:53:24 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-11-15 20:53:24 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-11-15 20:53:23 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-11-15 20:53:21 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-11-15 20:53:21 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-11-15 20:53:20 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-11-10 11:00:41 ----D---- C:\ProgramData\3DMGAME
2012-11-07 15:02:15 ----D---- C:\Program Files\Valve
2012-11-05 22:09:43 ----A---- C:\Windows\system32\drivers\PnkBstrK.sys
2012-11-05 22:09:43 ----A---- C:\Users\Zuzana\AppData\Roaming\PnkBstrK.sys
2012-11-05 22:09:14 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-11-05 22:09:12 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-11-05 13:50:29 ----D---- C:\Users\Zuzana\AppData\Roaming\Origin
2012-11-05 13:50:17 ----D---- C:\ProgramData\Origin

======List of files/folders modified in the last 1 month======

2012-12-04 18:56:31 ----D---- C:\Windows\Temp
2012-12-04 18:56:24 ----RD---- C:\Program Files
2012-12-04 12:06:31 ----A---- C:\Windows\win.ini
2012-12-04 12:05:11 ----D---- C:\Windows
2012-12-01 22:25:24 ----SHD---- C:\System Volume Information
2012-12-01 22:23:50 ----HD---- C:\Program Files\InstallShield Installation Information
2012-12-01 22:22:09 ----D---- C:\Windows\system32\Tasks
2012-12-01 20:19:25 ----D---- C:\Users\Zuzana\AppData\Roaming\uTorrent
2012-12-01 19:00:20 ----D---- C:\Program Files\Common Files\InstallShield
2012-12-01 18:59:03 ----D---- C:\Users\Zuzana\AppData\Roaming\Skype
2012-12-01 14:03:32 ----D---- C:\Users\Zuzana\AppData\Roaming\FileZilla
2012-12-01 12:57:30 ----D---- C:\Users\Zuzana\AppData\Roaming\.minecraft
2012-11-30 22:14:43 ----D---- C:\Windows\System32
2012-11-30 15:23:59 ----D---- C:\Windows\inf
2012-11-30 15:23:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-29 20:00:16 ----D---- C:\Windows\Prefetch
2012-11-28 19:33:41 ----A---- C:\Windows\system32\CmdLineExt.dll
2012-11-27 21:57:59 ----D---- C:\Windows\system32\config
2012-11-27 20:15:46 ----D---- C:\ProgramData\PMB Files
2012-11-24 14:58:47 ----D---- C:\Program Files\Common Files\Steam
2012-11-21 17:34:10 ----SHD---- C:\Windows\Installer
2012-11-21 17:34:10 ----D---- C:\ProgramData\Skype
2012-11-21 17:34:06 ----D---- C:\Program Files\Common Files
2012-11-18 19:40:48 ----RSD---- C:\Windows\assembly
2012-11-18 17:32:40 ----D---- C:\Windows\system32\catroot2
2012-11-17 16:19:37 ----D---- C:\Windows\system32\wdi
2012-11-14 16:41:03 ----D---- C:\Windows\system32\directx
2012-11-14 16:41:00 ----HD---- C:\Windows\msdownld.tmp
2012-11-12 15:24:24 ----D---- C:\Users\Zuzana\AppData\Roaming\vlc
2012-11-10 11:00:41 ----HD---- C:\ProgramData
2012-11-05 22:09:43 ----D---- C:\Windows\system32\drivers
2012-11-05 22:09:11 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-10-14 477240]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 18544]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-23 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-23 360392]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-23 54232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-03-05 45184]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-23 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-23 58680]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-09-28 25888]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 8758784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-28 296448]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 32256]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 52224]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-12-04 17488]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-07-31 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-11-02 3228712]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-05-25 204448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-13 328808]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-09-28 278984]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-03-09 1501696]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-09-24 102416]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VSPerfDrv110;Performance Tools Driver 11.0; \??\D:\visual studio\Team Tools\Performance Tools\VSPerfDrv110.sys [2012-07-13 55416]
S3 XDva398;XDva398; \??\C:\Windows\system32\XDva398.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-28 217600]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 291840]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-23 44808]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-11-06 76888]
R2 SCBackService;Splashtop Connect Service; C:\Program Files\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service; C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-03-24 493384]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service; C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-08 46528]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 133632]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-12 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-11-16 529744]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 Te.Service;Te.Service; C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 94208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: SKYPE VIRUS!!!!

#10 Příspěvek od vyosek »

:arrow: Skype malware tam neni, ale zato jsou tam jine :arcisit:

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Search
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mourison
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 25 črc 2012 16:40
Kontaktovat uživatele:
Kontaktovat uživatele mourison

Re: SKYPE VIRUS!!!!

#11 Příspěvek od mourison »

Chci se zeptat jestli se to nebude hádat s Antivirem AVAST ?
Nahoru
mourison
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 25 črc 2012 16:40
Kontaktovat uživatele:
Kontaktovat uživatele mourison

Re: SKYPE VIRUS!!!!

#12 Příspěvek od mourison »

A zde je ten log:

# AdwCleaner v2.002 - Logfile created 12/06/2012 at 17:54:38
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium (32 bits)
# User : Zuzana - ZUZANA-PC
# Boot Mode : Normal
# Running from : C:\Users\Zuzana\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\user.js
File Found : C:\Users\Zuzana\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default\searchplugins\MyStart Search.xml
File Found : C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\splashtop
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\ProgramData\splashtop
Folder Found : C:\Users\Zuzana\AppData\Local\Conduit
Folder Found : C:\Users\Zuzana\AppData\LocalLow\Conduit
Folder Found : C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default\extensions\ffxtlbr@incredibar.com
Folder Found : C:\Users\Zuzana\AppData\Roaming\splashtop

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A89A7E3-6ADD-4EF9-8EE7-A3C3B7D83BB0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\SweetIm
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Key Found : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\SweetIm
Key Found : HKU\S-1-5-21-2965447737-3649890054-2591660733-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKU\S-1-5-21-2965447737-3649890054-2591660733-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKU\S-1-5-21-2965447737-3649890054-2591660733-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8ABEEB45-FCF0-11E1-AD72-1C6F65AFE93F}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb201?a=6PQQHrDc06&i=26

-\\ Mozilla Firefox v14.0.1 (cs)

Profile name : default
File : C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\r3vzpeaf.default\prefs.js

Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb201?a=6PQQHrDc06&i=26");
Found : user_pref("browser.search.defaultenginename", "MyStart Search");
Found : user_pref("browser.startup.homepage", "hxxp://mystart.incredibar.com/mb201?a=6PQQHrDc06&i=26");
Found : user_pref("extensions.enabledAddons", "{54BB9F3F-07E5-486c-9B39-C7398B99391C}:4.0.2011021601,{F8A55C[...]
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.cntry", "CZ");
Found : user_pref("extensions.incredibar.dfltLng", "");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.did", "10643");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "6DD45F939A336C7B33EADBF0DB900096");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.id", "fad5c95c0000000000001c6f65afe93f");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15668");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:06:37");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "1");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQQHrDc06&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6PQQHrDc06");
Found : user_pref("extensions.incredibar.upn2n", "92543982036197966");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1415:06:37");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10643");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "fad5c95c0000000000001c6f65afe93f");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15668");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "1");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQQHrDc06&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6PQQHrDc06");
Found : user_pref("extensions.incredibar_i.upn2n", "92543982036197966");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:06:37");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&a=6PQQHrDc06&&i=26&search="[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8ABE[...]
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.12] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8ABEEB45-FCF0-11E1-AD72-1C6F65AFE93F}",
Found [l.59] : icon_url = "hxxp://mystart.incredibar.com/mb201/favicon.ico",
Found [l.62] : keyword = "mystart.incredibar.com/mb201",
Found [l.65] : search_url = "hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQQHrDc06&i=26",
Found [l.1983] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8ABEEB45-FCF0-11E1-AD72-1C6F65AFE93F}",

*************************

AdwCleaner[R1].txt - [15208 octets] - [06/12/2012 17:54:38]

########## EOF - C:\AdwCleaner[R1].txt - [15269 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: SKYPE VIRUS!!!!

#13 Příspěvek od vyosek »

:arrow: Nedude se hadat, je to jen jednorazovy skener

:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Delete
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“