zablokovany windows

Zpráva

michalkaktus · #16 Příspěvek od **michalkaktus** » 14 říj 2012 20:31

Je prominte to jsem si necsimnul

# AdwCleaner v2.004 - Logfile created 10/14/2012 at 21:29:55
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MICHAL
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Folder Found : C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
Folder Found : C:\Documents and Settings\All Users\Nabídka Start\Programy\Inbox Toolbar
Folder Found : C:\Documents and Settings\All Users\Nabídka Start\Programy\Media Finder
Folder Found : C:\Documents and Settings\Solni\Data aplikací\BabylonToolbar
Folder Found : C:\Documents and Settings\Solni\Data aplikací\Inbox Toolbar
Folder Found : C:\Documents and Settings\Solni\Data aplikací\Ironsource
Folder Found : C:\Documents and Settings\Solni\Data aplikací\Media Finder
Folder Found : C:\Documents and Settings\Solni\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found : C:\Documents and Settings\Solni\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\Solni\Data aplikací\pdfforge
Folder Found : C:\Documents and Settings\Solni\Data aplikací\PriceGong
Folder Found : C:\Documents and Settings\Solni\Data aplikací\Search Settings
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\ConduitEngine
Folder Found : C:\Program Files\Crawler
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\DVDVideoSoftTB
Folder Found : C:\Program Files\Inbox Toolbar
Folder Found : C:\Program Files\pdfforge Toolbar
Folder Found : C:\Program Files\Softonic-Eng7
Folder Found : C:\Program Files\Winamp Toolbar

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3ED2B774-03F9-472D-A795-663673DB7B89}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{54B24FA9-87E8-47FC-8589-F9D382D8B299}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5B45AC88-523C-431E-86D7-F339B2EE262E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6801410E-CC88-42D6-A93B-909E95645407}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8B0C188C-F6F3-484D-8225-E40262DDE633}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F501D25D-D2B9-465D-9B68-85F64B8B89D0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Key Found : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Found : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
Key Found : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
Key Found : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore
Key Found : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore.1
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{69332529-EEC8-4D0D-9FD3-202C4AE8E589}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\CToolbar
Key Found : HKLM\Software\DVDVideoSoftTB
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Found : HKLM\Software\Inbox Toolbar
Key Found : HKLM\Software\Ironsource
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8304D071-E731-4DEA-AE92-73D1C362DB9C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96A187BF-B538-4D93-863D-986FABDD0FB8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF8981E-3401-40BA-9941-078C516710B6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB04D833-A3F1-4D3A-B981-10A5909FA828}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E03C8857-F3FD-44F0-9AA5-49BFC983B77D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CToolbar_UNINSTALL
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\searchya
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic-Eng7 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED2B774-03F9-472D-A795-663673DB7B89}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F501D25D-D2B9-465D-9B68-85F64B8B89D0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchya
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic-Eng7 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKLM\Software\pdfforge
Key Found : HKLM\Software\Softonic-Eng7
Key Found : HKLM\Software\Winamp Toolbar
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... =460025464
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =460025464

*************************

AdwCleaner[R1].txt - [20047 octets] - [13/10/2012 18:09:11]
AdwCleaner[R2].txt - [20089 octets] - [13/10/2012 18:16:11]
AdwCleaner[R3].txt - [20150 octets] - [14/10/2012 21:06:12]
AdwCleaner[R4].txt - [20080 octets] - [14/10/2012 21:29:55]

########## EOF - C:\AdwCleaner[R4].txt - [20141 octets] ##########

#17 Příspěvek od **vyosek** » 14 říj 2012 21:49

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

michalkaktus · #18 Příspěvek od **michalkaktus** » 15 říj 2012 06:07

# AdwCleaner v2.004 - Logfile created 10/15/2012 at 07:02:55
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MICHAL
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [20047 octets] - [13/10/2012 18:09:11]
AdwCleaner[R2].txt - [20089 octets] - [13/10/2012 18:16:11]
AdwCleaner[R3].txt - [20150 octets] - [14/10/2012 21:06:12]
AdwCleaner[R4].txt - [20211 octets] - [14/10/2012 21:29:55]
AdwCleaner[S1].txt - [20572 octets] - [15/10/2012 06:56:53]
AdwCleaner[R5].txt - [951 octets] - [15/10/2012 07:02:55]

########## EOF - C:\AdwCleaner[R5].txt - [1010 octets] ##########

# AdwCleaner v2.004 - Logfile created 10/15/2012 at 06:56:53
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MICHAL
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\Inbox Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\Media Finder
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\BabylonToolbar
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\Inbox Toolbar
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\Ironsource
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\Media Finder
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\pdfforge
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\PriceGong
Folder Deleted : C:\Documents and Settings\Solni\Data aplikací\Search Settings
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\Crawler
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\DVDVideoSoftTB
Folder Deleted : C:\Program Files\Inbox Toolbar
Folder Deleted : C:\Program Files\pdfforge Toolbar
Folder Deleted : C:\Program Files\Softonic-Eng7
Folder Deleted : C:\Program Files\Winamp Toolbar

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3ED2B774-03F9-472D-A795-663673DB7B89}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54B24FA9-87E8-47FC-8589-F9D382D8B299}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B45AC88-523C-431E-86D7-F339B2EE262E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6801410E-CC88-42D6-A93B-909E95645407}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B0C188C-F6F3-484D-8225-E40262DDE633}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F501D25D-D2B9-465D-9B68-85F64B8B89D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Key Deleted : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{69332529-EEC8-4D0D-9FD3-202C4AE8E589}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\Software\Ironsource
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8304D071-E731-4DEA-AE92-73D1C362DB9C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96A187BF-B538-4D93-863D-986FABDD0FB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF8981E-3401-40BA-9941-078C516710B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB04D833-A3F1-4D3A-B981-10A5909FA828}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E03C8857-F3FD-44F0-9AA5-49BFC983B77D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CToolbar_UNINSTALL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\searchya
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic-Eng7 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED2B774-03F9-472D-A795-663673DB7B89}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F501D25D-D2B9-465D-9B68-85F64B8B89D0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchya
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic-Eng7 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\Softonic-Eng7
Key Deleted : HKLM\Software\Winamp Toolbar
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... =460025464 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =460025464 --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [20047 octets] - [13/10/2012 18:09:11]
AdwCleaner[R2].txt - [20089 octets] - [13/10/2012 18:16:11]
AdwCleaner[R3].txt - [20150 octets] - [14/10/2012 21:06:12]
AdwCleaner[R4].txt - [20211 octets] - [14/10/2012 21:29:55]
AdwCleaner[S1].txt - [20441 octets] - [15/10/2012 06:56:53]

########## EOF - C:\AdwCleaner[S1].txt - [20502 octets] ##########

#19 Příspěvek od **vyosek** » 15 říj 2012 09:05

Poprosim o log z DDS

Stahnete DDS odsud http://download.bleepingcomputer.com/sUBs/Beta/dds.exe a ulozte na plochu
Spustte a kliknete na Start
Po chvili vyskoci log, ten rad uvidim

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

michalkaktus · #20 Příspěvek od **michalkaktus** » 15 říj 2012 09:55

DDS (Ver_2011-09-30.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by Administrator at 10:51:52 on 2012-10-15
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2503 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://www.google.com
mURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
mURLSearchHooks: {D3F669EB-57CE-4f45-8FBD-E245CBB46366} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
dURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Podpora odkazu pro Adobe PDF Reader: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {1827766B-9F49-4854-8034-F6EE26FCB1EC} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - c:\program files\flashget\jccatch.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - d:\torent\bitcomet\tools\BitCometBHO_1.5.4.11.dll
BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\bearshare applications\bearshare mediabar\BearShareIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: <No Name>: {E3215F20-3212-11D6-9F8B-00D0B743919D} -
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FlashGet GetFlash Class: {F156768E-81EF-470C-9057-481BA8380DBA} - c:\program files\flashget\getflash.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: BearShare MediaBar: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [Report] C:\AdwCleaner[S1].txt
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\icq7.4\ICQ.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - d:\torent\bitcomet\tools\BitCometBHO_1.5.4.11.dll/206
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file://c:\program files\autocad lt 2000i cz\InstFred.ocx
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1222713752671
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://c:\program files\autocad lt 2000i cz\AcDcToday.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://c:\program files\autocad lt 2000i cz\AcPreview.ocx
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab
TCP: Interfaces\{37CE4976-1106-4A08-B9C8-54CFB8DA7ED4} : NameServer = 10.200.200.1
TCP: Interfaces\{EA208548-90E3-451D-B922-626D66366764} : NameServer = 10.200.200.1
TCP: Interfaces\{EA208548-90E3-451D-B922-626D66366764} : DHCPNameServer = 192.168.3.1
Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - c:\program files\skyline\terraexplorer\TerraExplorerX.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: sclgntfy - wlnotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\data aplikací\mozilla\firefox\profiles\8nfqzt63.default\
.
============= SERVICES / DRIVERS ===============
.
R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [2009-12-7 61328]
R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [2010-2-24 173328]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [2009-1-1 971232]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-8-18 69120]
S0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2007-4-28 5248]
S0 ElbyVCD;ElbyVCD; [x]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-12-7 61328]
S1 MpKsl03f326c6;MpKsl03f326c6;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{2f4928a3-2c8d-4757-894b-33e825962d47}\mpksl03f326c6.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{2f4928a3-2c8d-4757-894b-33e825962d47}\MpKsl03f326c6.sys [?]
S1 MpKsl04007644;MpKsl04007644;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{3c595c1e-60dd-4f65-93a1-371284d42633}\mpksl04007644.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{3c595c1e-60dd-4f65-93a1-371284d42633}\MpKsl04007644.sys [?]
S1 MpKsl0cc2a520;MpKsl0cc2a520;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{cdc44c32-986d-472d-b5c8-c8af0b7f03d2}\mpksl0cc2a520.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{cdc44c32-986d-472d-b5c8-c8af0b7f03d2}\MpKsl0cc2a520.sys [?]
S1 MpKsl3a6dfc4a;MpKsl3a6dfc4a;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a3b23d47-2e0a-41c6-ac7e-850f17422425}\mpksl3a6dfc4a.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a3b23d47-2e0a-41c6-ac7e-850f17422425}\MpKsl3a6dfc4a.sys [?]
S1 MpKsl3d1cd803;MpKsl3d1cd803;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a2bcc453-ec8a-47b4-9b6e-8fccf05abf1d}\mpksl3d1cd803.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a2bcc453-ec8a-47b4-9b6e-8fccf05abf1d}\MpKsl3d1cd803.sys [?]
S1 MpKsl4f7cacfe;MpKsl4f7cacfe;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{3a2c55a7-fd2d-45be-b4e6-f8fa907ff3cd}\mpksl4f7cacfe.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{3a2c55a7-fd2d-45be-b4e6-f8fa907ff3cd}\MpKsl4f7cacfe.sys [?]
S1 MpKsl52917d25;MpKsl52917d25;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{3ed11766-1a1f-483e-95f0-9032804f91d9}\mpksl52917d25.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{3ed11766-1a1f-483e-95f0-9032804f91d9}\MpKsl52917d25.sys [?]
S1 MpKsl5658b7dc;MpKsl5658b7dc;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{59ba67fa-ca49-4dc0-bf13-3bb0cdce4dec}\mpksl5658b7dc.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{59ba67fa-ca49-4dc0-bf13-3bb0cdce4dec}\MpKsl5658b7dc.sys [?]
S1 MpKsl5a0ab057;MpKsl5a0ab057;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{2e43ecf8-5626-424c-8ad8-2e48d0214f92}\mpksl5a0ab057.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{2e43ecf8-5626-424c-8ad8-2e48d0214f92}\MpKsl5a0ab057.sys [?]
S1 MpKsl5bb9b265;MpKsl5bb9b265;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{db2a8be9-ef91-46c4-b9d6-129e83063ca3}\mpksl5bb9b265.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{db2a8be9-ef91-46c4-b9d6-129e83063ca3}\MpKsl5bb9b265.sys [?]
S1 MpKsl5f0dc258;MpKsl5f0dc258;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{028d6023-b748-4b20-ac91-d8fa04dcb248}\mpksl5f0dc258.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{028d6023-b748-4b20-ac91-d8fa04dcb248}\MpKsl5f0dc258.sys [?]
S1 MpKsl61031707;MpKsl61031707;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{028d6023-b748-4b20-ac91-d8fa04dcb248}\mpksl61031707.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{028d6023-b748-4b20-ac91-d8fa04dcb248}\MpKsl61031707.sys [?]
S1 MpKsl75d7b8c4;MpKsl75d7b8c4;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{cdc44c32-986d-472d-b5c8-c8af0b7f03d2}\mpksl75d7b8c4.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{cdc44c32-986d-472d-b5c8-c8af0b7f03d2}\MpKsl75d7b8c4.sys [?]
S1 MpKsl760a8b3a;MpKsl760a8b3a;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{ce843fa1-b71a-40d0-abab-47dc05321055}\mpksl760a8b3a.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{ce843fa1-b71a-40d0-abab-47dc05321055}\MpKsl760a8b3a.sys [?]
S1 MpKsl7cdcf280;MpKsl7cdcf280;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{7e10260d-59e3-45f7-b192-9b5217fdf1a5}\mpksl7cdcf280.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{7e10260d-59e3-45f7-b192-9b5217fdf1a5}\MpKsl7cdcf280.sys [?]
S1 MpKsl7dff7484;MpKsl7dff7484;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a2bcc453-ec8a-47b4-9b6e-8fccf05abf1d}\mpksl7dff7484.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a2bcc453-ec8a-47b4-9b6e-8fccf05abf1d}\MpKsl7dff7484.sys [?]
S1 MpKsl81d3fbd3;MpKsl81d3fbd3;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a3b23d47-2e0a-41c6-ac7e-850f17422425}\mpksl81d3fbd3.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a3b23d47-2e0a-41c6-ac7e-850f17422425}\MpKsl81d3fbd3.sys [?]
S1 MpKsl898a0807;MpKsl898a0807;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{4015787d-fcd5-4b27-8f01-312a7f95314d}\mpksl898a0807.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{4015787d-fcd5-4b27-8f01-312a7f95314d}\MpKsl898a0807.sys [?]
S1 MpKsl9c227bc4;MpKsl9c227bc4;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{c97c82ae-2eb8-46d6-91df-bb00bdebce48}\mpksl9c227bc4.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{c97c82ae-2eb8-46d6-91df-bb00bdebce48}\MpKsl9c227bc4.sys [?]
S1 MpKsl9d03b422;MpKsl9d03b422;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{b501a6d5-bd17-4ee5-83a0-05c30272c54d}\mpksl9d03b422.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{b501a6d5-bd17-4ee5-83a0-05c30272c54d}\MpKsl9d03b422.sys [?]
S1 MpKslae57a0b2;MpKslae57a0b2;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{0d9696cd-4aa3-4a68-87a5-28a2bf9fe6d3}\mpkslae57a0b2.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{0d9696cd-4aa3-4a68-87a5-28a2bf9fe6d3}\MpKslae57a0b2.sys [?]
S1 MpKslb0dd9ce9;MpKslb0dd9ce9;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{8fb29c02-d612-4739-8ac4-64d9c24ac6f2}\mpkslb0dd9ce9.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{8fb29c02-d612-4739-8ac4-64d9c24ac6f2}\MpKslb0dd9ce9.sys [?]
S1 MpKslbc39adbf;MpKslbc39adbf;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{7970c9b1-a157-44b3-b3dd-28c9a6a531eb}\mpkslbc39adbf.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{7970c9b1-a157-44b3-b3dd-28c9a6a531eb}\MpKslbc39adbf.sys [?]
S1 MpKslc66ec8b4;MpKslc66ec8b4;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{60198707-cc3a-457c-a3fe-95708c24ac5f}\mpkslc66ec8b4.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{60198707-cc3a-457c-a3fe-95708c24ac5f}\MpKslc66ec8b4.sys [?]
S1 MpKslce24ba4d;MpKslce24ba4d;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{4015787d-fcd5-4b27-8f01-312a7f95314d}\mpkslce24ba4d.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{4015787d-fcd5-4b27-8f01-312a7f95314d}\MpKslce24ba4d.sys [?]
S1 MpKsle1cea29f;MpKsle1cea29f;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{cf5eccb1-094b-4422-b232-9844f43a802d}\mpksle1cea29f.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{cf5eccb1-094b-4422-b232-9844f43a802d}\MpKsle1cea29f.sys [?]
S1 MpKsle4e301a5;MpKsle4e301a5;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{ce843fa1-b71a-40d0-abab-47dc05321055}\mpksle4e301a5.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{ce843fa1-b71a-40d0-abab-47dc05321055}\MpKsle4e301a5.sys [?]
S1 MpKsled818e7b;MpKsled818e7b;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a048f9d2-7e84-4767-a586-a53ba84a3ca9}\mpksled818e7b.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a048f9d2-7e84-4767-a586-a53ba84a3ca9}\MpKsled818e7b.sys [?]
S1 MpKslf3d1d45e;MpKslf3d1d45e;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a2bcc453-ec8a-47b4-9b6e-8fccf05abf1d}\mpkslf3d1d45e.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{a2bcc453-ec8a-47b4-9b6e-8fccf05abf1d}\MpKslf3d1d45e.sys [?]
S1 MpKslf8e56aa4;MpKslf8e56aa4;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{028d6023-b748-4b20-ac91-d8fa04dcb248}\mpkslf8e56aa4.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{028d6023-b748-4b20-ac91-d8fa04dcb248}\MpKslf8e56aa4.sys [?]
S1 MpKslfa2eae8e;MpKslfa2eae8e;\??\c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{ca670099-aa4e-4e21-b634-67d8effb12b2}\mpkslfa2eae8e.sys --> c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{ca670099-aa4e-4e21-b634-67d8effb12b2}\MpKslfa2eae8e.sys [?]
S1 SpyEmrg;Spy Emergency Driver; [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2009-1-19 277544]
S2 BMJ1IG8W;BMJ1IG8W;c:\windows\system32\drivers\BZ8AC6AI.sys [2009-1-2 28384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 EG Station Information Service;EG Station Information Service;c:\esko\bg_prog_egsis_v010\bin_ix86\egsissrv.exe [2008-1-20 81920]
S2 gupdate;Služba Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-17 135664]
S2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2009-7-15 247096]
S2 IoHw32;IoHw32 Kernel Driver;c:\program files\hinfocpu\IoHw32.sys [2003-1-1 4609]
S2 ITPASH87;ITPASH87;c:\windows\system32\drivers\OT1Q22XN.sys [2008-12-30 28384]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-1-27 50704]
S2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [2010-3-18 15960]
S2 SamsungAllShareV2.0;Samsung AllShare PC;d:\nová složka\allshare\allsharedms\AllShareDMS.exe [2012-3-2 25504]
S2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [2010-12-23 5120]
S2 XAMPP;XAMPP Service;k:\xamp\service.exe --> k:\xamp\service.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 250808]
S3 ArtiosLM;Artios License Manager;c:\windows\system32\artioslm.exe [2000-7-10 239616]
S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\admini~1\locals~1\temp\aticdsdr.sys --> c:\docume~1\admini~1\locals~1\temp\ATICDSDr.sys [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2012-5-1 99856]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [2010-1-12 220672]
S3 cmudau32;C-Media USB UDA Sound Interface;c:\windows\system32\drivers\cmudaxu.sys [2007-5-2 1391040]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2011-6-25 79360]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-17 135664]
S3 Ma730c;MA730 Bluetooth Core Driver;c:\windows\system32\drivers\ma730c.sys [2008-12-30 157024]
S3 Ma730Pt;MA730 Bluetooth VCOM Driver;c:\windows\system32\drivers\ma730Pt.sys [2008-12-30 103680]
S3 Ma730VaA;MA730 Bluetooth Advanced Audio;c:\windows\system32\drivers\Ma730VaA.sys [2008-12-30 21851]
S3 Ma730Vad;MA730 Bluetooth Audio;c:\windows\system32\drivers\Ma730Vad.sys [2008-12-30 50522]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 114144]
S3 MSSQL$ARTIOSCADDB;MSSQL$ARTIOSCADDB;c:\program files\microsoft sql server\mssql$artioscaddb\binn\sqlservr.exe -sartioscaddb --> c:\program files\microsoft sql server\mssql$artioscaddb\binn\sqlservr.exe -sARTIOSCADDB [?]
S3 SimpleSlideShowServer;SimpleSlideShowServer;d:\nová složka\allshare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 spotJ;Spot Software GPS USB Driver (spotJ);c:\windows\system32\drivers\spotJ32.sys [2010-1-12 36608]
S3 SpotVcp;NXP swGPS Spot Virtual COM port driver;c:\windows\system32\drivers\SpotVcp.sys [2007-5-16 34304]
S3 SQLAgent$ARTIOSCADDB;SQLAgent$ARTIOSCADDB;c:\program files\microsoft sql server\mssql$artioscaddb\binn\sqlagent.exe -i artioscaddb --> c:\program files\microsoft sql server\mssql$artioscaddb\binn\sqlagent.EXE -i ARTIOSCADDB [?]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [2010-2-4 1506304]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2007-4-28 160640]
.
=============== File Associations ===============
.
ShellExec: BitComet.exe: open="d:\torent\bitcomet\BitComet.exe"
.
=============== Created Last 30 ================
.
2012-10-15 06:49:48 -------- d-----w- c:\documents and settings\administrator\data aplikací\vlc
2012-09-20 19:51:51 -------- d-----w- c:\program files\slovesa
.
==================== Find3M ====================
.
2012-10-09 09:44:16 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 09:44:16 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-28 15:18:59 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:32 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53:44 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27:26 2150912 ------w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:27:26 2029568 ------w- c:\windows\system32\ntkrnlpa.exe
2005-09-09 17:55:53 7155864 ----a-w- c:\program files\NGhost10.msi
.
============= FINISH: 10:52:16,98 ===============

#21 Příspěvek od **vyosek** » 15 říj 2012 10:01

Fajn, hura na ComboFix

michalkaktus · #22 Příspěvek od **michalkaktus** » 15 říj 2012 10:07

ComboFix 12-10-14.03 - Administrator 15.10.2012 10:59:19.10.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2591 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-15 do 2012-10-15 )))))))))))))))))))))))))))))))
.
.
2012-10-15 06:49 . 2012-10-15 06:49 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\vlc
2012-10-13 16:07 . 2012-10-13 16:07 -------- d-----w- c:\windows\LastGood
2012-10-12 16:52 . 2012-10-12 16:53 -------- d-----w- C:\rsit
2012-09-20 19:51 . 2012-09-20 19:51 -------- d-----w- c:\program files\slovesa
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 09:44 . 2012-04-12 03:50 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 09:44 . 2012-01-04 01:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:18 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-18 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2004-08-18 12:00 2150912 ------w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:27 . 2004-08-17 15:45 2029568 ------w- c:\windows\system32\ntkrnlpa.exe
2005-09-09 17:55 . 2007-09-03 14:52 7155864 ----a-w- c:\program files\NGhost10.msi
2010-03-31 08:09 . 2010-03-31 08:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2010-04-08 10:36 . 2010-04-08 10:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2012-09-10 19:54 . 2011-05-29 20:00 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2008-09-02 14:05 398776 ----a-w- c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acrobat Assistant.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Service Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Solni^Nabídka Start^Programy^Po spuštění^Password Safe.lnk]
backup=c:\windows\pss\Password Safe.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-11-10 19:26 165144 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2008-11-10 19:35 962112 ----a-w- c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
2012-03-01 21:59 285072 ----a-w- d:\nová složka\AllShare\AllShareAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2005-11-24 13:38 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
2010-12-17 17:12 332288 ----a-w- c:\program files\Common Files\Common Desktop Agent\CDASrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
2003-06-17 23:00 45056 ------w- c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2010-03-18 17:17 19456 ----a-w- c:\windows\system32\CtHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2007-02-26 00:01 437160 ----a-w- c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-22 03:33 136176 ----atw- c:\documents and settings\Solni\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-05-02 12:18 119608 ----a-w- c:\program files\ICQ7.4\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LchDrvKey]
2007-03-28 16:55 36864 ----a-w- c:\windows\LchDrvKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-31 14:49 385024 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter]
2003-10-08 14:35 139264 ----a-w- c:\program files\Creative\MediaSource\RemoteControl\RcMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2012-04-05 19:48 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-01-07 11:12 253672 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-06-11 04:22 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2011-07-16 18:26 1234688 ----a-w- c:\program files\Trojan Remover\Trjscan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2008-11-10 19:00 4366848 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AVerRemote"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"OSSelectorReinstall"=c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe" /md I
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP1a\\RpcSandraSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP1a\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"d:\\hry\\red\\Redlightcenter.exe"=
"c:\\Esko\\bg_prog_egsis_v010\\bin_ix86\\egsissrv.exe"=
"c:\\Esko\\bg_prog_egsis_v010\\bin_ix86\\EGSystemInfoTool.exe"=
"c:\\Program Files\\FDRLab\\save2pc\\save2pc_light.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"d:\\hry\\Mass Effect\\MassEffectLauncher.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"d:\\hry\\Mass Effect\\Binaries\\MassEffect.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"d:\\hry\\crysis\\Bin32\\Crysis.exe"=
"d:\\hry\\crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\hry\\wolfenstein\\MP\\Wolf2MP.exe"=
"d:\\hry\\wolfenstein\\MP\\Wolf2MPLite.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\hry\\medal\\mohpa.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"d:\\Poslední zákoha disku c!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\\Program Files\\FTP Commander\\Ftpcomm.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"d:\\torent\\swapper.exe"=
"d:\\emule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"d:\\Utherverse VWW Client\\Utherverse.exe"=
"c:\\torent\\BitComet\\BitComet.exe"=
"d:\\torent\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Nová složka\\AllShare\\AllShareDMS\\AllShareDMS.exe"=
"d:\\Nová složka\\AllShare\\AllShare.exe"=
"d:\\Nová složka\\AllShare\\AllShareAgent.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"d:\\hry\\pes2012\\pes2012.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
"d:\\hry\\call of juarez\\CoJBiBGame_x86.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\hry\\Call of Duty - Black Ops\\BlackOps.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7263:TCP"= 7263:TCP:BitComet 7263 TCP
"7263:UDP"= 7263:UDP:BitComet 7263 UDP
"7326:TCP"= 7326:TCP:BitComet 7326 TCP
"7326:UDP"= 7326:UDP:BitComet 7326 UDP
"1025:TCP"= 1025:TCP:dc++
"20411:TCP"= 20411:TCP:BitComet 20411 TCP
"20411:UDP"= 20411:UDP:BitComet 20411 UDP
"26005:TCP"= 26005:TCP:BitComet 26005 TCP
"26005:UDP"= 26005:UDP:BitComet 26005 UDP
"9695:TCP"= 9695:TCP:BitComet 9695 TCP
"9695:UDP"= 9695:UDP:BitComet 9695 UDP
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowRedirect"= 1 (0x1)
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
.
R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [7.12.2009 17:59 61328]
R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [24.2.2010 15:06 173328]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [1.1.2009 22:52 971232]
S0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [28.4.2007 15:29 5248]
S0 ElbyVCD;ElbyVCD; [x]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [7.12.2009 17:59 61328]
S1 MpKsl03f326c6;MpKsl03f326c6;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F4928A3-2C8D-4757-894B-33E825962D47}\MpKsl03f326c6.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F4928A3-2C8D-4757-894B-33E825962D47}\MpKsl03f326c6.sys [?]
S1 MpKsl04007644;MpKsl04007644;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3C595C1E-60DD-4F65-93A1-371284D42633}\MpKsl04007644.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3C595C1E-60DD-4F65-93A1-371284D42633}\MpKsl04007644.sys [?]
S1 MpKsl0cc2a520;MpKsl0cc2a520;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl0cc2a520.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl0cc2a520.sys [?]
S1 MpKsl3a6dfc4a;MpKsl3a6dfc4a;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl3a6dfc4a.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl3a6dfc4a.sys [?]
S1 MpKsl3d1cd803;MpKsl3d1cd803;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl3d1cd803.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl3d1cd803.sys [?]
S1 MpKsl4f7cacfe;MpKsl4f7cacfe;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3A2C55A7-FD2D-45BE-B4E6-F8FA907FF3CD}\MpKsl4f7cacfe.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3A2C55A7-FD2D-45BE-B4E6-F8FA907FF3CD}\MpKsl4f7cacfe.sys [?]
S1 MpKsl52917d25;MpKsl52917d25;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3ED11766-1A1F-483E-95F0-9032804F91D9}\MpKsl52917d25.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3ED11766-1A1F-483E-95F0-9032804F91D9}\MpKsl52917d25.sys [?]
S1 MpKsl5658b7dc;MpKsl5658b7dc;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{59BA67FA-CA49-4DC0-BF13-3BB0CDCE4DEC}\MpKsl5658b7dc.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{59BA67FA-CA49-4DC0-BF13-3BB0CDCE4DEC}\MpKsl5658b7dc.sys [?]
S1 MpKsl5a0ab057;MpKsl5a0ab057;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2E43ECF8-5626-424C-8AD8-2E48D0214F92}\MpKsl5a0ab057.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2E43ECF8-5626-424C-8AD8-2E48D0214F92}\MpKsl5a0ab057.sys [?]
S1 MpKsl5bb9b265;MpKsl5bb9b265;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DB2A8BE9-EF91-46C4-B9D6-129E83063CA3}\MpKsl5bb9b265.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DB2A8BE9-EF91-46C4-B9D6-129E83063CA3}\MpKsl5bb9b265.sys [?]
S1 MpKsl5f0dc258;MpKsl5f0dc258;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl5f0dc258.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl5f0dc258.sys [?]
S1 MpKsl61031707;MpKsl61031707;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl61031707.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl61031707.sys [?]
S1 MpKsl75d7b8c4;MpKsl75d7b8c4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl75d7b8c4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl75d7b8c4.sys [?]
S1 MpKsl760a8b3a;MpKsl760a8b3a;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsl760a8b3a.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsl760a8b3a.sys [?]
S1 MpKsl7cdcf280;MpKsl7cdcf280;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E10260D-59E3-45F7-B192-9B5217FDF1A5}\MpKsl7cdcf280.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E10260D-59E3-45F7-B192-9B5217FDF1A5}\MpKsl7cdcf280.sys [?]
S1 MpKsl7dff7484;MpKsl7dff7484;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl7dff7484.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl7dff7484.sys [?]
S1 MpKsl81d3fbd3;MpKsl81d3fbd3;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl81d3fbd3.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl81d3fbd3.sys [?]
S1 MpKsl898a0807;MpKsl898a0807;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKsl898a0807.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKsl898a0807.sys [?]
S1 MpKsl9c227bc4;MpKsl9c227bc4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C97C82AE-2EB8-46D6-91DF-BB00BDEBCE48}\MpKsl9c227bc4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C97C82AE-2EB8-46D6-91DF-BB00BDEBCE48}\MpKsl9c227bc4.sys [?]
S1 MpKsl9d03b422;MpKsl9d03b422;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B501A6D5-BD17-4EE5-83A0-05C30272C54D}\MpKsl9d03b422.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B501A6D5-BD17-4EE5-83A0-05C30272C54D}\MpKsl9d03b422.sys [?]
S1 MpKslae57a0b2;MpKslae57a0b2;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D9696CD-4AA3-4A68-87A5-28A2BF9FE6D3}\MpKslae57a0b2.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D9696CD-4AA3-4A68-87A5-28A2BF9FE6D3}\MpKslae57a0b2.sys [?]
S1 MpKslb0dd9ce9;MpKslb0dd9ce9;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8FB29C02-D612-4739-8AC4-64D9C24AC6F2}\MpKslb0dd9ce9.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8FB29C02-D612-4739-8AC4-64D9C24AC6F2}\MpKslb0dd9ce9.sys [?]
S1 MpKslbc39adbf;MpKslbc39adbf;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7970C9B1-A157-44B3-B3DD-28C9A6A531EB}\MpKslbc39adbf.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7970C9B1-A157-44B3-B3DD-28C9A6A531EB}\MpKslbc39adbf.sys [?]
S1 MpKslc66ec8b4;MpKslc66ec8b4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{60198707-CC3A-457C-A3FE-95708C24AC5F}\MpKslc66ec8b4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{60198707-CC3A-457C-A3FE-95708C24AC5F}\MpKslc66ec8b4.sys [?]
S1 MpKslce24ba4d;MpKslce24ba4d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKslce24ba4d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKslce24ba4d.sys [?]
S1 MpKsle1cea29f;MpKsle1cea29f;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CF5ECCB1-094B-4422-B232-9844F43A802D}\MpKsle1cea29f.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CF5ECCB1-094B-4422-B232-9844F43A802D}\MpKsle1cea29f.sys [?]
S1 MpKsle4e301a5;MpKsle4e301a5;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsle4e301a5.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsle4e301a5.sys [?]
S1 MpKsled818e7b;MpKsled818e7b;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A048F9D2-7E84-4767-A586-A53BA84A3CA9}\MpKsled818e7b.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A048F9D2-7E84-4767-A586-A53BA84A3CA9}\MpKsled818e7b.sys [?]
S1 MpKslf3d1d45e;MpKslf3d1d45e;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKslf3d1d45e.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKslf3d1d45e.sys [?]
S1 MpKslf8e56aa4;MpKslf8e56aa4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKslf8e56aa4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKslf8e56aa4.sys [?]
S1 MpKslfa2eae8e;MpKslfa2eae8e;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CA670099-AA4E-4E21-B634-67D8EFFB12B2}\MpKslfa2eae8e.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CA670099-AA4E-4E21-B634-67D8EFFB12B2}\MpKslfa2eae8e.sys [?]
S1 SpyEmrg;Spy Emergency Driver; [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [19.1.2009 20:31 277544]
S2 BMJ1IG8W;BMJ1IG8W;c:\windows\system32\drivers\BZ8AC6AI.sys [2.1.2009 10:41 28384]
S2 EG Station Information Service;EG Station Information Service;c:\esko\bg_prog_egsis_v010\bin_ix86\egsissrv.exe [20.1.2008 2:27 81920]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17.2.2010 19:11 135664]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.7.2009 9:03 247096]
S2 IoHw32;IoHw32 Kernel Driver;c:\program files\HInfoCPU\IoHw32.sys [1.1.2003 7:51 4609]
S2 ITPASH87;ITPASH87;c:\windows\system32\drivers\OT1Q22XN.sys [30.12.2008 16:24 28384]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 4:09 50704]
S2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [18.3.2010 20:50 15960]
S2 SamsungAllShareV2.0;Samsung AllShare PC;d:\nová složka\AllShare\AllShareDMS\AllShareDMS.exe [2.3.2012 17:00 25504]
S2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [23.12.2010 8:06 5120]
S2 XAMPP;XAMPP Service;k:\xamp\service.exe --> k:\xamp\service.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12.4.2012 5:50 250808]
S3 ArtiosLM;Artios License Manager;c:\windows\system32\artioslm.exe [10.7.2000 17:25 239616]
S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\ATICDSDr.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\ATICDSDr.sys [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [1.5.2012 13:11 99856]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [12.1.2010 21:34 220672]
S3 cmudau32;C-Media USB UDA Sound Interface;c:\windows\system32\drivers\cmudaxu.sys [2.5.2007 0:03 1391040]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [25.6.2011 5:25 79360]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [17.2.2010 19:11 135664]
S3 Ma730c;MA730 Bluetooth Core Driver;c:\windows\system32\drivers\ma730c.sys [30.12.2008 15:44 157024]
S3 Ma730Pt;MA730 Bluetooth VCOM Driver;c:\windows\system32\drivers\ma730Pt.sys [30.12.2008 15:44 103680]
S3 Ma730VaA;MA730 Bluetooth Advanced Audio;c:\windows\system32\drivers\Ma730VaA.sys [30.12.2008 15:44 21851]
S3 Ma730Vad;MA730 Bluetooth Audio;c:\windows\system32\drivers\Ma730Vad.sys [30.12.2008 15:44 50522]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25.4.2012 22:41 114144]
S3 MSSQL$ARTIOSCADDB;MSSQL$ARTIOSCADDB;c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlservr.exe -sARTIOSCADDB --> c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlservr.exe -sARTIOSCADDB [?]
S3 SimpleSlideShowServer;SimpleSlideShowServer;d:\nová složka\AllShare\AllShareSlideShowService.exe [2.3.2012 17:00 27584]
S3 spotJ;Spot Software GPS USB Driver (spotJ);c:\windows\system32\drivers\spotJ32.sys [12.1.2010 20:44 36608]
S3 SpotVcp;NXP swGPS Spot Virtual COM port driver;c:\windows\system32\drivers\SpotVcp.sys [16.5.2007 14:19 34304]
S3 SQLAgent$ARTIOSCADDB;SQLAgent$ARTIOSCADDB;c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlagent.EXE -i ARTIOSCADDB --> c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlagent.EXE -i ARTIOSCADDB [?]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [4.2.2010 1:29 1506304]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [28.4.2007 15:29 160640]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.5.2007 8:50 721904]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 09:44]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 17:11]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 17:11]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.3.1
TCP: Interfaces\{37CE4976-1106-4A08-B9C8-54CFB8DA7ED4}: NameServer = 10.200.200.1
TCP: Interfaces\{EA208548-90E3-451D-B922-626D66366764}: NameServer = 10.200.200.1
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file://c:\program files\AutoCAD LT 2000i Cz\InstFred.ocx
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\8nfqzt63.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-TPSvc - TPSvc.dll
MSConfigStartUp-Cm106Sound - cm106.cpl
MSConfigStartUp-egui - c:\program files\ESET\ESET Smart Security\egui.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-15 11:03
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,36,c1,aa,77,f7,f8,90,4d,92,2a,1f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,36,c1,aa,77,f7,f8,90,4d,92,2a,1f,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(988)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2012-10-15 11:05:16
ComboFix-quarantined-files.txt 2012-10-15 09:05
ComboFix2.txt 2012-10-12 09:08
.
Před spuštěním: 404 103 168
Po spuštění: 384 679 936
.
- - End Of File - - F84582C4D98C2661BE14D26E022CD82C

#23 Příspěvek od **vyosek** » 15 říj 2012 20:33

Odinstalujte Trojan Remover a tez Ad-Aware

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
gupdate
gupdatem
ICQ Service

Folder::
c:\program files\ICQ6Toolbar
c:\program files\Lavasoft
c:\program files\Trojan Remover

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[-HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]

DDS::
mURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
mURLSearchHooks: {D3F669EB-57CE-4f45-8FBD-E245CBB46366} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
dURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\bearshare applications\bearshare mediabar\BearShareIEHelper.dll
BHO: <No Name>: {E3215F20-3212-11D6-9F8B-00D0B743919D} - 
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: BearShare MediaBar: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll
TB: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

michalkaktus · #24 Příspěvek od **michalkaktus** » 16 říj 2012 08:10

Tak tady to mate, probehlo to bez problemu

ComboFix 12-10-16.02 - Administrator 16.10.2012 8:29.11.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2617 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\bearshare applications\bearshare mediabar\BearShareIEHelper.dll
c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\icq6toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\program files\Lavasoft
c:\program files\Trojan Remover
c:\program files\Trojan Remover\02230399f43e5e8ca89edb0602c7b080.szcpf
c:\program files\Trojan Remover\efo5B.exe
c:\program files\Trojan Remover\rmt.dta.BAK
c:\program files\Trojan Remover\Trjscan.exe.BAK
c:\program files\Trojan Remover\ylg15.exe
c:\program files\yahoo!\companion\installs\cpn\yt.dll
c:\windows\system32\msstdfmt.dll
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Legacy_GUPDATEM
-------\Legacy_ICQ_SERVICE
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-16 do 2012-10-16 )))))))))))))))))))))))))))))))
.
.
2012-10-15 11:42 . 2012-10-15 11:42 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\ESTsoft
2012-10-15 11:42 . 2012-10-15 11:42 -------- d-----w- c:\documents and settings\Administrator\EurekaLog
2012-10-15 06:49 . 2012-10-15 06:49 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\vlc
2012-10-12 16:52 . 2012-10-12 16:53 -------- d-----w- C:\rsit
2012-09-20 19:51 . 2012-09-20 19:51 -------- d-----w- c:\program files\slovesa
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 09:44 . 2012-04-12 03:50 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 09:44 . 2012-01-04 01:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:18 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-18 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2004-08-18 12:00 2150912 ------w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:27 . 2004-08-17 15:45 2029568 ------w- c:\windows\system32\ntkrnlpa.exe
2005-09-09 17:55 . 2007-09-03 14:52 7155864 ----a-w- c:\program files\NGhost10.msi
2010-03-31 08:09 . 2010-03-31 08:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2010-04-08 10:36 . 2010-04-08 10:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2012-09-10 19:54 . 2011-05-29 20:00 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Service Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Solni^Nabídka Start^Programy^Po spuštění^Password Safe.lnk]
backup=c:\windows\pss\Password Safe.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2008-11-10 19:35 962112 ----a-w- c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
2012-03-01 21:59 285072 ----a-w- d:\nová složka\AllShare\AllShareAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
2010-12-17 17:12 332288 ----a-w- c:\program files\Common Files\Common Desktop Agent\CDASrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
2003-06-17 23:00 45056 ------w- c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2010-03-18 17:17 19456 ----a-w- c:\windows\system32\CtHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2007-02-26 00:01 437160 ----a-w- c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LchDrvKey]
2007-03-28 16:55 36864 ----a-w- c:\windows\LchDrvKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter]
2003-10-08 14:35 139264 ----a-w- c:\program files\Creative\MediaSource\RemoteControl\RcMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2008-11-10 19:00 4366848 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AVerRemote"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP1a\\RpcSandraSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP1a\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"d:\\hry\\red\\Redlightcenter.exe"=
"c:\\Esko\\bg_prog_egsis_v010\\bin_ix86\\egsissrv.exe"=
"c:\\Esko\\bg_prog_egsis_v010\\bin_ix86\\EGSystemInfoTool.exe"=
"c:\\Program Files\\FDRLab\\save2pc\\save2pc_light.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"d:\\hry\\Mass Effect\\MassEffectLauncher.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"d:\\hry\\Mass Effect\\Binaries\\MassEffect.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"d:\\hry\\crysis\\Bin32\\Crysis.exe"=
"d:\\hry\\crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\hry\\wolfenstein\\MP\\Wolf2MP.exe"=
"d:\\hry\\wolfenstein\\MP\\Wolf2MPLite.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\hry\\medal\\mohpa.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"d:\\Poslední zákoha disku c!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\\Program Files\\FTP Commander\\Ftpcomm.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"d:\\torent\\swapper.exe"=
"d:\\emule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"d:\\Utherverse VWW Client\\Utherverse.exe"=
"c:\\torent\\BitComet\\BitComet.exe"=
"d:\\torent\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Nová složka\\AllShare\\AllShareDMS\\AllShareDMS.exe"=
"d:\\Nová složka\\AllShare\\AllShare.exe"=
"d:\\Nová složka\\AllShare\\AllShareAgent.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"d:\\hry\\pes2012\\pes2012.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
"d:\\hry\\call of juarez\\CoJBiBGame_x86.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\hry\\Call of Duty - Black Ops\\BlackOps.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7263:TCP"= 7263:TCP:BitComet 7263 TCP
"7263:UDP"= 7263:UDP:BitComet 7263 UDP
"7326:TCP"= 7326:TCP:BitComet 7326 TCP
"7326:UDP"= 7326:UDP:BitComet 7326 UDP
"1025:TCP"= 1025:TCP:dc++
"20411:TCP"= 20411:TCP:BitComet 20411 TCP
"20411:UDP"= 20411:UDP:BitComet 20411 UDP
"26005:TCP"= 26005:TCP:BitComet 26005 TCP
"26005:UDP"= 26005:UDP:BitComet 26005 UDP
"9695:TCP"= 9695:TCP:BitComet 9695 TCP
"9695:UDP"= 9695:UDP:BitComet 9695 UDP
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowRedirect"= 1 (0x1)
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
.
R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [7.12.2009 17:59 61328]
R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [24.2.2010 15:06 173328]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [1.1.2009 22:52 971232]
S0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [28.4.2007 15:29 5248]
S0 ElbyVCD;ElbyVCD; [x]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [7.12.2009 17:59 61328]
S1 MpKsl03f326c6;MpKsl03f326c6;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F4928A3-2C8D-4757-894B-33E825962D47}\MpKsl03f326c6.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F4928A3-2C8D-4757-894B-33E825962D47}\MpKsl03f326c6.sys [?]
S1 MpKsl04007644;MpKsl04007644;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3C595C1E-60DD-4F65-93A1-371284D42633}\MpKsl04007644.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3C595C1E-60DD-4F65-93A1-371284D42633}\MpKsl04007644.sys [?]
S1 MpKsl0cc2a520;MpKsl0cc2a520;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl0cc2a520.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl0cc2a520.sys [?]
S1 MpKsl3a6dfc4a;MpKsl3a6dfc4a;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl3a6dfc4a.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl3a6dfc4a.sys [?]
S1 MpKsl3d1cd803;MpKsl3d1cd803;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl3d1cd803.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl3d1cd803.sys [?]
S1 MpKsl4f7cacfe;MpKsl4f7cacfe;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3A2C55A7-FD2D-45BE-B4E6-F8FA907FF3CD}\MpKsl4f7cacfe.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3A2C55A7-FD2D-45BE-B4E6-F8FA907FF3CD}\MpKsl4f7cacfe.sys [?]
S1 MpKsl52917d25;MpKsl52917d25;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3ED11766-1A1F-483E-95F0-9032804F91D9}\MpKsl52917d25.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3ED11766-1A1F-483E-95F0-9032804F91D9}\MpKsl52917d25.sys [?]
S1 MpKsl5658b7dc;MpKsl5658b7dc;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{59BA67FA-CA49-4DC0-BF13-3BB0CDCE4DEC}\MpKsl5658b7dc.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{59BA67FA-CA49-4DC0-BF13-3BB0CDCE4DEC}\MpKsl5658b7dc.sys [?]
S1 MpKsl5a0ab057;MpKsl5a0ab057;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2E43ECF8-5626-424C-8AD8-2E48D0214F92}\MpKsl5a0ab057.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2E43ECF8-5626-424C-8AD8-2E48D0214F92}\MpKsl5a0ab057.sys [?]
S1 MpKsl5bb9b265;MpKsl5bb9b265;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DB2A8BE9-EF91-46C4-B9D6-129E83063CA3}\MpKsl5bb9b265.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DB2A8BE9-EF91-46C4-B9D6-129E83063CA3}\MpKsl5bb9b265.sys [?]
S1 MpKsl5f0dc258;MpKsl5f0dc258;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl5f0dc258.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl5f0dc258.sys [?]
S1 MpKsl61031707;MpKsl61031707;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl61031707.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKsl61031707.sys [?]
S1 MpKsl75d7b8c4;MpKsl75d7b8c4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl75d7b8c4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CDC44C32-986D-472D-B5C8-C8AF0B7F03D2}\MpKsl75d7b8c4.sys [?]
S1 MpKsl760a8b3a;MpKsl760a8b3a;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsl760a8b3a.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsl760a8b3a.sys [?]
S1 MpKsl7cdcf280;MpKsl7cdcf280;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E10260D-59E3-45F7-B192-9B5217FDF1A5}\MpKsl7cdcf280.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E10260D-59E3-45F7-B192-9B5217FDF1A5}\MpKsl7cdcf280.sys [?]
S1 MpKsl7dff7484;MpKsl7dff7484;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl7dff7484.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKsl7dff7484.sys [?]
S1 MpKsl81d3fbd3;MpKsl81d3fbd3;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl81d3fbd3.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A3B23D47-2E0A-41C6-AC7E-850F17422425}\MpKsl81d3fbd3.sys [?]
S1 MpKsl898a0807;MpKsl898a0807;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKsl898a0807.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKsl898a0807.sys [?]
S1 MpKsl9c227bc4;MpKsl9c227bc4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C97C82AE-2EB8-46D6-91DF-BB00BDEBCE48}\MpKsl9c227bc4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C97C82AE-2EB8-46D6-91DF-BB00BDEBCE48}\MpKsl9c227bc4.sys [?]
S1 MpKsl9d03b422;MpKsl9d03b422;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B501A6D5-BD17-4EE5-83A0-05C30272C54D}\MpKsl9d03b422.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B501A6D5-BD17-4EE5-83A0-05C30272C54D}\MpKsl9d03b422.sys [?]
S1 MpKslae57a0b2;MpKslae57a0b2;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D9696CD-4AA3-4A68-87A5-28A2BF9FE6D3}\MpKslae57a0b2.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D9696CD-4AA3-4A68-87A5-28A2BF9FE6D3}\MpKslae57a0b2.sys [?]
S1 MpKslb0dd9ce9;MpKslb0dd9ce9;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8FB29C02-D612-4739-8AC4-64D9C24AC6F2}\MpKslb0dd9ce9.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8FB29C02-D612-4739-8AC4-64D9C24AC6F2}\MpKslb0dd9ce9.sys [?]
S1 MpKslbc39adbf;MpKslbc39adbf;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7970C9B1-A157-44B3-B3DD-28C9A6A531EB}\MpKslbc39adbf.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7970C9B1-A157-44B3-B3DD-28C9A6A531EB}\MpKslbc39adbf.sys [?]
S1 MpKslc66ec8b4;MpKslc66ec8b4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{60198707-CC3A-457C-A3FE-95708C24AC5F}\MpKslc66ec8b4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{60198707-CC3A-457C-A3FE-95708C24AC5F}\MpKslc66ec8b4.sys [?]
S1 MpKslce24ba4d;MpKslce24ba4d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKslce24ba4d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4015787D-FCD5-4B27-8F01-312A7F95314D}\MpKslce24ba4d.sys [?]
S1 MpKsle1cea29f;MpKsle1cea29f;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CF5ECCB1-094B-4422-B232-9844F43A802D}\MpKsle1cea29f.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CF5ECCB1-094B-4422-B232-9844F43A802D}\MpKsle1cea29f.sys [?]
S1 MpKsle4e301a5;MpKsle4e301a5;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsle4e301a5.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CE843FA1-B71A-40D0-ABAB-47DC05321055}\MpKsle4e301a5.sys [?]
S1 MpKsled818e7b;MpKsled818e7b;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A048F9D2-7E84-4767-A586-A53BA84A3CA9}\MpKsled818e7b.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A048F9D2-7E84-4767-A586-A53BA84A3CA9}\MpKsled818e7b.sys [?]
S1 MpKslf3d1d45e;MpKslf3d1d45e;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKslf3d1d45e.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A2BCC453-EC8A-47B4-9B6E-8FCCF05ABF1D}\MpKslf3d1d45e.sys [?]
S1 MpKslf8e56aa4;MpKslf8e56aa4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKslf8e56aa4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{028D6023-B748-4B20-AC91-D8FA04DCB248}\MpKslf8e56aa4.sys [?]
S1 MpKslfa2eae8e;MpKslfa2eae8e;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CA670099-AA4E-4E21-B634-67D8EFFB12B2}\MpKslfa2eae8e.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CA670099-AA4E-4E21-B634-67D8EFFB12B2}\MpKslfa2eae8e.sys [?]
S1 SpyEmrg;Spy Emergency Driver; [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [19.1.2009 20:31 277544]
S2 BMJ1IG8W;BMJ1IG8W;c:\windows\system32\drivers\BZ8AC6AI.sys [2.1.2009 10:41 28384]
S2 EG Station Information Service;EG Station Information Service;c:\esko\bg_prog_egsis_v010\bin_ix86\egsissrv.exe [20.1.2008 2:27 81920]
S2 IoHw32;IoHw32 Kernel Driver;c:\program files\HInfoCPU\IoHw32.sys [1.1.2003 7:51 4609]
S2 ITPASH87;ITPASH87;c:\windows\system32\drivers\OT1Q22XN.sys [30.12.2008 16:24 28384]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 4:09 50704]
S2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [18.3.2010 20:50 15960]
S2 SamsungAllShareV2.0;Samsung AllShare PC;d:\nová složka\AllShare\AllShareDMS\AllShareDMS.exe [2.3.2012 17:00 25504]
S2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [23.12.2010 8:06 5120]
S2 XAMPP;XAMPP Service;k:\xamp\service.exe --> k:\xamp\service.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12.4.2012 5:50 250808]
S3 ArtiosLM;Artios License Manager;c:\windows\system32\artioslm.exe [10.7.2000 17:25 239616]
S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\ATICDSDr.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\ATICDSDr.sys [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [1.5.2012 13:11 99856]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [12.1.2010 21:34 220672]
S3 cmudau32;C-Media USB UDA Sound Interface;c:\windows\system32\drivers\cmudaxu.sys [2.5.2007 0:03 1391040]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [25.6.2011 5:25 79360]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
S3 Ma730c;MA730 Bluetooth Core Driver;c:\windows\system32\drivers\ma730c.sys [30.12.2008 15:44 157024]
S3 Ma730Pt;MA730 Bluetooth VCOM Driver;c:\windows\system32\drivers\ma730Pt.sys [30.12.2008 15:44 103680]
S3 Ma730VaA;MA730 Bluetooth Advanced Audio;c:\windows\system32\drivers\Ma730VaA.sys [30.12.2008 15:44 21851]
S3 Ma730Vad;MA730 Bluetooth Audio;c:\windows\system32\drivers\Ma730Vad.sys [30.12.2008 15:44 50522]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25.4.2012 22:41 114144]
S3 MSSQL$ARTIOSCADDB;MSSQL$ARTIOSCADDB;c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlservr.exe -sARTIOSCADDB --> c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlservr.exe -sARTIOSCADDB [?]
S3 SimpleSlideShowServer;SimpleSlideShowServer;d:\nová složka\AllShare\AllShareSlideShowService.exe [2.3.2012 17:00 27584]
S3 spotJ;Spot Software GPS USB Driver (spotJ);c:\windows\system32\drivers\spotJ32.sys [12.1.2010 20:44 36608]
S3 SpotVcp;NXP swGPS Spot Virtual COM port driver;c:\windows\system32\drivers\SpotVcp.sys [16.5.2007 14:19 34304]
S3 SQLAgent$ARTIOSCADDB;SQLAgent$ARTIOSCADDB;c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlagent.EXE -i ARTIOSCADDB --> c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlagent.EXE -i ARTIOSCADDB [?]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [4.2.2010 1:29 1506304]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [28.4.2007 15:29 160640]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.5.2007 8:50 721904]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.3.1
TCP: Interfaces\{37CE4976-1106-4A08-B9C8-54CFB8DA7ED4}: NameServer = 10.200.200.1
TCP: Interfaces\{EA208548-90E3-451D-B922-626D66366764}: NameServer = 10.200.200.1
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file://c:\program files\AutoCAD LT 2000i Cz\InstFred.ocx
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\8nfqzt63.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-16 08:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(992)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2012-10-16 08:39:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-16 06:39
ComboFix2.txt 2012-10-15 09:05
ComboFix3.txt 2012-10-12 09:08
.
Před spuštěním: 320 917 504
Po spuštění: 262 733 824
.
- - End Of File - - 3898EA156166A883C3021AD62494DAD9

#25 Příspěvek od **vyosek** » 16 říj 2012 12:03

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

michalkaktus · #26 Příspěvek od **michalkaktus** » 16 říj 2012 18:20

# AdwCleaner v2.005 - Logfile created 10/16/2012 at 19:19:09
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MICHAL
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
Folder Found : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [20047 octets] - [13/10/2012 18:09:11]
AdwCleaner[R2].txt - [20089 octets] - [13/10/2012 18:16:11]
AdwCleaner[R3].txt - [20150 octets] - [14/10/2012 21:06:12]
AdwCleaner[R4].txt - [20211 octets] - [14/10/2012 21:29:55]
AdwCleaner[S1].txt - [20572 octets] - [15/10/2012 06:56:53]
AdwCleaner[R5].txt - [1079 octets] - [15/10/2012 07:02:55]
AdwCleaner[R6].txt - [1456 octets] - [16/10/2012 19:19:09]

########## EOF - C:\AdwCleaner[R6].txt - [1516 octets] ##########

#27 Příspěvek od **vyosek** » 16 říj 2012 18:45

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

michalkaktus · #28 Příspěvek od **michalkaktus** » 16 říj 2012 19:53

# AdwCleaner v2.004 - Logfile created 10/16/2012 at 20:49:06
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MICHAL
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Zynga

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [20047 octets] - [13/10/2012 18:09:11]
AdwCleaner[R2].txt - [20089 octets] - [13/10/2012 18:16:11]
AdwCleaner[R3].txt - [20150 octets] - [14/10/2012 21:06:12]
AdwCleaner[R4].txt - [20211 octets] - [14/10/2012 21:29:55]
AdwCleaner[S1].txt - [20572 octets] - [15/10/2012 06:56:53]
AdwCleaner[R5].txt - [1079 octets] - [15/10/2012 07:02:55]
AdwCleaner[R6].txt - [1585 octets] - [16/10/2012 19:19:09]
AdwCleaner[S2].txt - [1031 octets] - [16/10/2012 20:49:06]

########## EOF - C:\AdwCleaner[S2].txt - [1091 octets] ##########

michalkaktus · #29 Příspěvek od **michalkaktus** » 17 říj 2012 09:02

Asi to bude pekna potvora

#30 Příspěvek od **vyosek** » 17 říj 2012 11:43

Jeste jeden skript pro ComboFix (postup je stejny)

Kód: Vybrat vše

KillAll::

Driver::
MpKsl03f326c6
MpKsl04007644
MpKsl0cc2a520
MpKsl3a6dfc4a
MpKsl3d1cd803
MpKsl4f7cacfe
MpKsl52917d25
MpKsl5658b7dc
MpKsl5a0ab057
MpKsl5bb9b265
MpKsl5f0dc258
MpKsl61031707
MpKsl75d7b8c4
MpKsl760a8b3a
MpKsl7cdcf280
MpKsl7dff7484
MpKsl81d3fbd3
MpKsl898a0807
MpKsl9c227bc4
MpKsl9d03b422
MpKslae57a0b2
MpKslb0dd9ce9
MpKslbc39adbf
MpKslc66ec8b4
MpKslce24ba4d
MpKsle1cea29f
MpKsle4e301a5
MpKsled818e7b
MpKslf3d1d45e
MpKslf8e56aa4
MpKslfa2eae8e
XAMPP
SpyEmrg

Folder::
C:\Program Files\Zynga

ClearJavaCache::

Reboot::

VIRY.CZ

zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows

Re: zablokovany windows