prosím o pomoc nevím si rady s následující hláškou z AVG

Zpráva

bllemby · #1 Příspěvek od **bllemby** » 18 dub 2013 15:42

AVG vyhazuje hlášku:
"C:\WINDOWS\system32\drivers\spkk.sys";"i8042prt.sys, přesměrovaný import HAL.dll READ_PORT_UCHAR -> spkk.sys +0x11B90"
"C:\WINDOWS\system32\drivers\spkk.sys";"pci.sys, přesměrovaný import ntoskrnl.exe IoDetachDevice -> spkk.sys +0x2CDDC"
"C:\WINDOWS\system32\drivers\spkk.sys";"pci.sys, přesměrovaný import ntoskrnl.exe IoAttachDeviceToDeviceStack -> spkk.sys +0x2CE30"
"C:\WINDOWS\system32\drivers\spkk.sys";"atapi.sys, přesměrovaný import HAL.dll READ_PORT_UCHAR -> spkk.sys +0x2042"
"C:\WINDOWS\system32\drivers\spkk.sys";"atapi.sys, přesměrovaný import HAL.dll READ_PORT_BUFFER_USHORT -> spkk.sys +0x213E"
"C:\WINDOWS\system32\drivers\spkk.sys";"atapi.sys, přesměrovaný import HAL.dll READ_PORT_USHORT -> spkk.sys +0x20C0"
"C:\WINDOWS\system32\drivers\spkk.sys";"atapi.sys, přesměrovaný import HAL.dll WRITE_PORT_BUFFER_USHORT -> spkk.sys +0x2800"
"C:\WINDOWS\system32\drivers\spkk.sys";"atapi.sys, přesměrovaný import HAL.dll WRITE_PORT_UCHAR -> spkk.sys +0x26D6"

A nejde to vůbec odstranit. Můžete mi prosím někdo pomoci a poradit co s tím? Děkuji pěkně

Ještě připojuji log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by - at 2013-04-18 16:41:14
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 130 GB (43%) free of 303 GB
Total RAM: 2046 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:41:23, on 18.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
C:\Program Files\IB Updater\ExtensionUpdaterService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nlssrv32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\System Explorer\service\SystemExplorerService.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\-\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\-.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTo0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTo0.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTo0.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKCU\..\Run: [Google Update (1)] "C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.07\AMVConverter\grab.html
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.07\MediaManager\grab.html
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6770.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{931D5994-A649-4F2F-BBA6-A549717D18F5}: NameServer = 84.16.104.129,84.16.96.2
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: This service enables products that use the Nalpeiron Licensing System. (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

--
End of file - 12163 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://isearch.avg.com/?cid={DF9F261F-1 ... 2012-02-03 15:30:22&v=14.0.3.14&pid=avg&sg=&sap=hp"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, cs@dictionaries.addons.mozilla.org:1.0.2, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, jqs@sun.com:1.0, DTToolbar@toolbarnet.com:1.1.2.0185, bkmrksync@nokia.com:1.0.0.736, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.3.0.7280, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\14.2.0.1
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\IB Updater\Firefox
"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"=C:\Program Files\IB Updater\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

C:\Program Files\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll

C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\extensions\
cs@dictionaries.addons.mozilla.org

C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\searchplugins\
ashampoo-us-customized-web-search.xml
daemon-search.xml
MyStart Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-10-15 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-18 1929392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-18 1929392]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTo0.dll [2011-05-09 176936]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update (1)"=C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-07-12 116648]
"SystemExplorerAutoStart"=C:\Program Files\System Explorer\SystemExplorer.exe [2012-12-02 2846168]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-02-18 774168]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Spyder3Utility.lnk - C:\Program Files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\ARFC\wrtc.exe"="C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvid.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.dvsd"=pdvcodec.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-04-18 07:29:15 ----D---- C:\Program Files\Spybot - Search & Destroy
2013-04-18 07:29:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-04-18 07:07:29 ----SHD---- C:\RECYCLER
2013-04-18 06:57:22 ----A---- C:\ComboFix.txt
2013-04-18 06:35:03 ----A---- C:\Boot.bak
2013-04-18 06:34:55 ----RASHD---- C:\cmdcons
2013-04-18 06:33:23 ----A---- C:\WINDOWS\zip.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\SWSC.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\SWREG.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\sed.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\PEV.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\NIRCMD.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\MBR.exe
2013-04-18 06:33:23 ----A---- C:\WINDOWS\grep.exe
2013-04-18 06:33:15 ----D---- C:\Qoobox
2013-04-18 06:33:05 ----D---- C:\WINDOWS\erdnt
2013-04-18 05:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-04-18 00:52:27 ----D---- C:\Program Files\Common Files\Java
2013-04-18 00:52:03 ----D---- C:\Program Files\Mozilla Firefox
2013-04-18 00:51:48 ----HD---- C:\WINDOWS\$NtUninstallKB2808735$
2013-04-18 00:51:45 ----HD---- C:\WINDOWS\$NtUninstallKB2813345$
2013-04-18 00:51:45 ----HD---- C:\WINDOWS\$NtUninstallKB2813170$
2013-04-18 00:51:44 ----HD---- C:\WINDOWS\$NtUninstallKB2820917$
2013-04-18 00:16:20 ----A---- C:\WINDOWS\system32\drivers\spem.sys
2013-04-17 23:07:34 ----A---- C:\WINDOWS\system32\drivers\spry.sys
2013-04-17 23:00:27 ----A---- C:\WINDOWS\system32\drivers\spjg.sys
2013-04-17 22:28:30 ----A---- C:\WINDOWS\system32\drivers\spri.sys
2013-04-17 22:13:26 ----A---- C:\WINDOWS\system32\drivers\spos.sys
2013-04-17 09:06:46 ----D---- C:\Program Files\Common Files\Java(2)
2013-04-16 16:45:51 ----A---- C:\WINDOWS\system32\javaws.exe
2013-04-16 16:45:44 ----A---- C:\WINDOWS\system32\javaw.exe
2013-04-16 16:45:43 ----A---- C:\WINDOWS\system32\java.exe
2013-04-01 14:26:50 ----D---- C:\Program Files\ExposurePlot
2013-03-31 15:59:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVDCoverPlus
2013-03-31 15:53:28 ----D---- C:\Documents and Settings\-\Data aplikací\Popisovac
2013-03-31 15:53:22 ----D---- C:\Program Files\Popisovač CD-DVD 4

======List of files/folders modified in the last 1 month======

2013-04-18 16:41:18 ----D---- C:\Program Files\trend micro
2013-04-18 16:34:52 ----D---- C:\WINDOWS\system32\drivers
2013-04-18 15:29:26 ----D---- C:\WINDOWS\Temp
2013-04-18 15:23:09 ----D---- C:\WINDOWS\system32\drivers\AVG
2013-04-18 15:19:20 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-18 08:39:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-18 07:51:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2013-04-18 07:39:58 ----D---- C:\WINDOWS\system32\drivers\etc
2013-04-18 07:31:53 ----AD---- C:\WINDOWS
2013-04-18 07:29:15 ----RD---- C:\Program Files
2013-04-18 07:20:08 ----D---- C:\WINDOWS\system32\config
2013-04-18 06:56:08 ----A---- C:\WINDOWS\system.ini
2013-04-18 06:54:13 ----D---- C:\WINDOWS\system32
2013-04-18 06:54:13 ----D---- C:\WINDOWS\AppPatch
2013-04-18 06:54:10 ----RD---- C:\Program Files\Common Files
2013-04-18 06:42:47 ----SD---- C:\WINDOWS\Tasks
2013-04-18 06:41:05 ----D---- C:\WINDOWS\system32\System32
2013-04-18 06:35:03 ----RASH---- C:\boot.ini
2013-04-18 06:33:12 ----D---- C:\WINDOWS\Prefetch
2013-04-18 06:20:28 ----HD---- C:\WINDOWS\inf
2013-04-18 00:52:44 ----D---- C:\WINDOWS\system32\wbem
2013-04-18 00:52:44 ----D---- C:\WINDOWS\Registration
2013-04-18 00:52:31 ----SHD---- C:\WINDOWS\Installer
2013-04-18 00:52:31 ----D---- C:\Config.Msi
2013-04-18 00:52:00 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-18 00:51:49 ----D---- C:\WINDOWS\system32\LogFiles
2013-04-18 00:51:40 ----D---- C:\Documents and Settings\-\Data aplikací\Macromedia
2013-04-18 00:18:33 ----D---- C:\WINDOWS\Debug
2013-04-17 22:55:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-04-17 22:25:08 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-04-17 22:09:41 ----A---- C:\WINDOWS\win.ini
2013-04-17 08:45:32 ----D---- C:\Program Files\Java
2013-04-16 15:39:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-04-13 07:01:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-04-13 07:00:50 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-04-12 22:32:47 ----D---- C:\Program Files\rajce
2013-04-11 15:37:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2013-04-10 23:42:18 ----D---- C:\Program Files\Internet Explorer
2013-04-10 23:42:08 ----D---- C:\WINDOWS\ie8updates
2013-04-10 23:42:03 ----HD---- C:\WINDOWS\$hf_mig$
2013-04-10 23:39:14 ----A---- C:\WINDOWS\system32\MRT.exe
2013-04-08 21:36:30 ----D---- C:\Documents and Settings\-\Data aplikací\vlc
2013-04-05 06:24:23 ----D---- C:\Program Files\Focus Magic
2013-04-05 06:24:23 ----D---- C:\Program Files\AVG Secure Search
2013-04-05 06:24:23 ----D---- C:\Documents and Settings\-\Data aplikací\uTorrent
2013-04-05 05:59:23 ----D---- C:\Program Files\Glary Utilities
2013-04-05 05:57:46 ----D---- C:\Documents and Settings\-\Data aplikací\GlarySoft
2013-04-03 10:19:56 ----D---- C:\Documents and Settings\-\Data aplikací\Vso
2013-03-31 09:35:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-03-19 17:01:19 ----D---- C:\Program Files\Common Files\Adobe
2013-03-19 17:00:32 ----D---- C:\WINDOWS\WinSxS
2013-03-19 16:59:59 ----RSD---- C:\WINDOWS\Fonts
2013-03-19 16:59:57 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-03 691696]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-08-17 441760]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2010-08-17 44384]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-28 6108776]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-11-13 47360]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2010-05-24 4003008]
R3 SRS_AE_Service;SRS Audio; C:\WINDOWS\system32\drivers\SRS_AE_i386.sys [2012-06-21 407368]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 abzujwb9;abzujwb9; C:\WINDOWS\system32\drivers\abzujwb9.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-09-20 83168]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2012-01-31 20032]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Spyder3;Datacolor Spyder3; C:\WINDOWS\system32\DRIVERS\Spyder3.sys [2010-03-30 12288]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-12-05 2321560]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 IB Updater;IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [2013-01-29 188760]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 nlsX86cc;This service enables products that use the Nalpeiron Licensing System.; C:\WINDOWS\system32\nlssrv32.exe [2011-09-22 66560]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files\System Explorer\service\SystemExplorerService.exe [2012-11-25 567256]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-13 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-20 1045256]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-07 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-11 115608]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SRSHDAudioService;SRS HDAudio Lab Service; C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [2012-06-25 13232]

-----------------EOF-----------------

bllemby · #2 Příspěvek od **bllemby** » 18 dub 2013 18:00

Naughty píše:Ahoj,

kdopak Ti poradil pouzit ComboFix? Ty s nim umis?

Proc pomahat cloveku ktery nedokoncuje prohlidky?

Co že jsem použil??

bllemby · #3 Příspěvek od **bllemby** » 18 dub 2013 18:01

bllemby píše:
Naughty píše:Ahoj,

kdopak Ti poradil pouzit ComboFix? Ty s nim umis?

Proc pomahat cloveku ktery nedokoncuje prohlidky?

Co že jsem použil??

Nebyl jsem tři dny doma, pustil PC a AVG tohle nahlásilo. Proto jsem to sem dal. To asi syn.

bllemby · #4 Příspěvek od **bllemby** » 18 dub 2013 18:13

A proč pomáhat?? No protože lidi by si pomáhat měli. Hlavně ti kteří jsou v něčem dobří a rozumí tomu. Taky předávám své poznatky z oboru fotografie nezkušeným. To tak na světě chodí, že by jsme si pomáhat měli.

bllemby · #5 Příspěvek od **bllemby** » 18 dub 2013 18:21

Děkuji moc. Tak že se nemusím ničeho bát??

bllemby · #6 Příspěvek od **bllemby** » 18 dub 2013 18:24

Myslíte tohle?? Něco jsem tam našel A mladej se má na co těšit

ComboFix 13-04-18.01 - - 18.04.2013 6:50.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1255 [GMT 2:00]
Spuštěný z: c:\documents and settings\-\Dokumenty\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-18 do 2013-04-18 )))))))))))))))))))))))))))))))
.
.
2013-04-18 03:58 . 2013-04-18 03:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-04-17 22:52 . 2013-04-17 22:52 -------- d-----w- c:\windows\system32\wbem\Repository
2013-04-17 22:52 . 2013-04-17 22:52 -------- d-----w- c:\program files\Common Files\Java
2013-04-17 22:16 . 2013-04-17 22:16 0 ----a-w- c:\windows\system32\drivers\spem.sys
2013-04-17 21:07 . 2013-04-17 21:07 0 ----a-w- c:\windows\system32\drivers\spry.sys
2013-04-17 21:00 . 2013-04-17 21:00 0 ----a-w- c:\windows\system32\drivers\spjg.sys
2013-04-17 20:55 . 2013-04-17 20:55 -------- d-----w- c:\documents and settings\-\Local Settings\Data aplikací\Sun
2013-04-17 20:28 . 2013-04-17 20:28 0 ----a-w- c:\windows\system32\drivers\spri.sys
2013-04-17 20:13 . 2013-04-17 20:13 0 ----a-w- c:\windows\system32\drivers\spos.sys
2013-04-01 12:26 . 2013-04-01 12:30 -------- d-----w- c:\program files\ExposurePlot
2013-03-31 13:59 . 2013-03-31 13:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVDCoverPlus
2013-03-31 13:53 . 2013-03-31 13:53 -------- d-----w- c:\documents and settings\-\Data aplikací\Popisovac
2013-03-31 13:53 . 2013-03-31 13:53 -------- d-----w- c:\program files\Popisovač CD-DVD 4
2013-03-20 20:49 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 05:00 . 2012-03-29 11:32 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-13 05:00 . 2011-05-20 13:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 01:18 . 2011-07-11 00:14 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-03-08 08:36 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2008-04-14 08:06 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2008-04-14 06:06 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-02 02:08 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:08 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:08 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:57 . 2008-04-14 05:45 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-02-27 07:58 . 2010-08-16 11:29 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-18 16:38 . 2012-08-30 20:57 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-12 00:32 . 2008-04-13 22:26 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55 . 2008-04-14 06:51 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-03-11 05:30 . 2013-03-11 05:29 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentControl2\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 16:38 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update (1)"="c:\documents and settings\-\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2012-07-12 116648]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2012-12-02 2846168]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-02-18 774168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Spyder3Utility.lnk - c:\program files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe [2010-7-26 7667970]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDCPL"=RTHDCPL.EXE
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"reset"=regedit /s reset.reg
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CanonSolutionMenuEx"=c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe"
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"SRSAENotifier"=c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13.9.2011 7:30 31952]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.11.2010 18:28 691696]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.10.2011 7:23 250080]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11.7.2011 2:14 302368]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30.8.2012 22:57 33112]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [5.12.2012 4:44 2321560]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14.2.2012 4:53 193288]
R2 IB Updater;IB Updater;c:\program files\IB Updater\ExtensionUpdaterService.exe [14.12.2012 17:33 188760]
R2 nlsX86cc;This service enables products that use the Nalpeiron Licensing System.;c:\windows\system32\nlssrv32.exe [22.9.2011 18:30 66560]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [18.2.2013 18:38 968880]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [23.5.2011 2:03 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23.12.2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 17232]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [13.11.2010 23:41 47360]
R3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_i386.sys [21.6.2012 17:04 407368]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files\System Explorer\service\SystemExplorerService.exe [3.3.2013 12:42 567256]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2.11.2012 4:51 5174392]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16.8.2010 14:16 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [23.5.2011 2:03 30944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [22.10.2012 19:30 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [1.3.2012 19:46 20032]
S3 Spyder3;Datacolor Spyder3;c:\windows\system32\drivers\Spyder3.sys [12.4.2010 10:12 12288]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [22.10.2012 19:30 181344]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S4 SRSHDAudioService;SRS HDAudio Lab Service;c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [25.6.2012 16:16 13232]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 05:00]
.
2013-03-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2013-04-18 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2012-01-02 19:09]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-07 10:48]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-07 10:48]
.
2013-04-18 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-21 18:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.incredibar.com/mb201?a=6OyXaTCFsw&i=26
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.07\AMVConverter\grab.html
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.07\MediaManager\grab.html
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 84.16.104.129 84.16.96.2
TCP: Interfaces\{931D5994-A649-4F2F-BBA6-A549717D18F5}: NameServer = 84.16.104.129,84.16.96.2
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://isearch.avg.com/?cid={DF9F261F-140E-418C-ACA0-D5915326070D}&mid=cd089638408e47d19b0bd154d49abb83-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&pr=pr&d=2012-02-03 15:30&v=14.0.3.14&pid=avg&sg=&sap=hp
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-03-13 17:01; {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}; c:\program files\IB Updater\Firefox
FF - ExtSQL: !HIDDEN! 2010-08-19 00:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 786565a2000000000000001d927e5270
FF - user.js: extensions.incredibar_i.instlDay - 15688
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1416:34
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyXaTCFsw
FF - user.js: extensions.incredibar_i.upn2n - 92262620650579276
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10643
FF - user.js: extensions.incredibar_i.ppd -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-18 06:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{016BB21D-9258-E45B-2E32-559602AAA485}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaobbpjhaaeikpmfeh"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
"haiclnmmfklmbhah"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
"hahjfecjjflellff"=hex:70,62,68,67,61,61,6c,69,6b,63,6d,6d,6c,6c,64,67,69,6d,
66,64,67,70,6d,63,6f,70,66,6a,6c,6e,68,70,68,6d,69,63,67,63,65,68,6c,64,6b,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{016BB21D-9258-E45B-2E32-559602AAA485}\InProcServer32*]
"jamceoogkfclhcmnbilg"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,
65,6f,70,00,00
"iamcgpeklknpdkaogp"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\CLBCATQ.DLL
.
- - - - - - - > 'explorer.exe'(3360)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-04-18 06:57:21
ComboFix-quarantined-files.txt 2013-04-18 04:57
ComboFix2.txt 2013-04-18 04:43
.
Před spuštěním: Volných bajtů: 136 810 446 848
Po spuštění: Volných bajtů: 136 796 225 536
.
- - End Of File - - E2F785259A3BF27651ABE21374B2ECB3

bllemby · #7 Příspěvek od **bllemby** » 18 dub 2013 18:28

Mně také ne jsem naprostý laik. Já PC hlavně využívám pro úpravu fotek. A vůbec tomu nerozumím

bllemby · #8 Příspěvek od **bllemby** » 18 dub 2013 18:49

https://www.virustotal.com/cs/file/bf11 ... /analysis/

SHA256: bf11501f9490287145a19a5ca740b8e4faa3b7a16acb5344f7df9fc38ca55afa
SHA1: 0fdfa5fe1b00cc34dc62754b609abdc94d130a81
MD5: 3402587bdbdb710c2ab586b331e1a11d
File size: 2.7 MB ( 2846168 bytes )
File name: SystemExplorer.exe
File type: Win32 EXE
Tags: peexe signed
Detection ratio: 0 / 46
Analysis date: 2013-04-14 13:16:18 UTC ( 4 dny, 4 hodiny ago )
9 4
Less details
Analysis
Relationships
Additional information
Comments
Votes
Behavioural information
Antivirus Result Update
Agnitum 20130413
AhnLab-V3 20130414
AntiVir 20130414
Antiy-AVL 20130414
Avast 20130414
AVG 20130414
BitDefender 20130414
ByteHero 20130322
CAT-QuickHeal 20130414
ClamAV 20130414
Commtouch 20130413
Comodo 20130414
DrWeb 20130414
Emsisoft 20130414
eSafe 20130407
ESET-NOD32 20130414
F-Prot 20130413
F-Secure 20130414
Fortinet 20130414
GData 20130414
Ikarus 20130414
Jiangmin 20130414
K7AntiVirus 20130412
Kaspersky 20130414
Kingsoft 20130408
Malwarebytes 20130414
McAfee 20130414
McAfee-GW-Edition 20130414
Microsoft 20130414
MicroWorld-eScan 20130414
NANO-Antivirus 20130414
Norman 20130414
nProtect 20130414
Panda 20130414
PCTools 20130414
Rising 20130412
Sophos 20130414
SUPERAntiSpyware 20130413
Symantec 20130414
TheHacker 20130413
TotalDefense 20130414
TrendMicro 20130414
TrendMicro-HouseCall 20130414
VBA32 20130412
VIPRE 20130414
ViRobot 20130413

bllemby · #9 Příspěvek od **bllemby** » 18 dub 2013 18:51

A odbarvení fotky jde dnes už jen jedním klikem

bllemby · #10 Příspěvek od **bllemby** » 19 dub 2013 21:28

# AdwCleaner v2.200 - Log vytvooen 19/04/2013 v 22:25:30
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : - - 860194E4471748E
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\-\Dokumenty\Downloads\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

Nalezeno : IB Updater

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\-\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\-\Data aplikací\Media Finder
Složka Nalezeno : C:\Documents and Settings\-\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Složka Nalezeno : C:\Documents and Settings\-\Data aplikací\PriceGong
Složka Nalezeno : C:\Documents and Settings\-\Local Settings\Data aplikací\APN
Složka Nalezeno : C:\Documents and Settings\-\Local Settings\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\-\Local Settings\Data aplikací\Conduit
Složka Nalezeno : C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Složka Nalezeno : C:\Documents and Settings\-\Local Settings\Data aplikací\uTorrentControl2
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\All Users\Nabídka Start\Programy\Media Finder
Složka Nalezeno : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\uTorrentControl2
Složka Nalezeno : C:\Program Files\AVG Secure Search
Složka Nalezeno : C:\Program Files\Common Files\AVG Secure Search
Složka Nalezeno : C:\Program Files\DAEMON Tools Toolbar
Složka Nalezeno : C:\Program Files\IB Updater
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
Složka Nalezeno : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Složka Nalezeno : C:\Program Files\Perion
Složka Nalezeno : C:\Program Files\uTorrentControl2
Složka Nalezeno : C:\WINDOWS\system32\WNLT
Soubor Nalezeno : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\searchplugins\daemon-search.xml
Soubor Nalezeno : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\searchplugins\MyStart Search.xml
Soubor Nalezeno : C:\END
Soubor Nalezeno : C:\user.js
Soubor Nalezeno : C:\WINDOWS\system32\ImhxxpComm.dll

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\ConduitSearchScopes
Klíe Nalezeno : HKCU\Software\IB Updater
Klíe Nalezeno : HKCU\Software\IB Updater
Klíe Nalezeno : HKCU\Software\IM
Klíe Nalezeno : HKCU\Software\ImInstaller
Klíe Nalezeno : HKCU\Software\incredibar.com
Klíe Nalezeno : HKCU\Software\MediaFinder
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\uTorrentControl2
Klíe Nalezeno : HKCU\Toolbar
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Klíe Nalezeno : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\I
Klíe Nalezeno : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Klíe Nalezeno : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Klíe Nalezeno : HKLM\Software\IB Updater
Klíe Nalezeno : HKLM\Software\IB Updater
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2669A021-67D1-4007-ABCE-A25A1F8A2D0C}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A06511D-8195-4413-8EEE-5018BA268578}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\Software\uTorrentControl2
Klíe Nalezeno : HKLM\Software\WNLT
Klíe Nalezeno : HKU\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKU\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKU\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={DF9F261F-140E-418C-ACA0-D5915326070D}&mid=cd089638408e47d19b0bd154d49abb83-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&pr=pr&d=2012-02-03 15:30:22&pid=avg&sg=&v=14.2.0.1&sap=nt

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\73c1exq5.default\prefs.js

Nalezeno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Nalezeno : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Nalezeno : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={DF9F261F-140E-418C-ACA0-D5915326[...]
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", false);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.installTime", "1282155443");
Nalezeno : user_pref("icqtoolbar.newtab_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "3.6.8");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uninstStatSent", true);
Nalezeno : user_pref("icqtoolbar.uniqueID", "128215427412821543791282155443722");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1282155445);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");
Nalezeno : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={DF9F261F-140E-418C-ACA0-D5915326070D}&m[...]

Soubor : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\prefs.js

Nalezeno : user_pref("CT2481032_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nalezeno : user_pref("Smartbar.ConduitHomepagesList", "");
Nalezeno : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Nalezeno : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Nalezeno : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Nalezeno : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Data aplikac\\AVG Se[...]
Nalezeno : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Nalezeno : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb201?a=6OyXaTCFsw&i=26");
Nalezeno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Nalezeno : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Nalezeno : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...]
Nalezeno : user_pref("browser.search.order.1", "Search the web (Babylon)");
Nalezeno : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={DF9F261F-140E-418C-ACA0-D5915326[...]
Nalezeno : user_pref("extensions.incredibar.actvtyRptTime", "1355771461512");
Nalezeno : user_pref("extensions.incredibar.admin", false);
Nalezeno : user_pref("extensions.incredibar.aflt", "orgnl");
Nalezeno : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Nalezeno : user_pref("extensions.incredibar.cntry", "CZ");
Nalezeno : user_pref("extensions.incredibar.dfltLng", "EN");
Nalezeno : user_pref("extensions.incredibar.dfltSrch", false);
Nalezeno : user_pref("extensions.incredibar.dfltlng", "EN");
Nalezeno : user_pref("extensions.incredibar.dfltsrch", "false");
Nalezeno : user_pref("extensions.incredibar.did", "10643");
Nalezeno : user_pref("extensions.incredibar.envrmnt", "production");
Nalezeno : user_pref("extensions.incredibar.excTlbr", false);
Nalezeno : user_pref("extensions.incredibar.hdrMd5", "91017809131739A67A39DF41372991FA");
Nalezeno : user_pref("extensions.incredibar.hmpg", false);
Nalezeno : user_pref("extensions.incredibar.hrdid", "786565a2000000000000001d927e5270");
Nalezeno : user_pref("extensions.incredibar.id", "786565a2000000000000001d927e5270");
Nalezeno : user_pref("extensions.incredibar.installerproductid", "26");
Nalezeno : user_pref("extensions.incredibar.instlDay", "15688");
Nalezeno : user_pref("extensions.incredibar.instlRef", "");
Nalezeno : user_pref("extensions.incredibar.instlday", "15688");
Nalezeno : user_pref("extensions.incredibar.instlref", "");
Nalezeno : user_pref("extensions.incredibar.isDcmntCmplt", false);
Nalezeno : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Nalezeno : user_pref("extensions.incredibar.keywordurl", "");
Nalezeno : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1416:34:11");
Nalezeno : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Nalezeno : user_pref("extensions.incredibar.newTab", false);
Nalezeno : user_pref("extensions.incredibar.newtab", "false");
Nalezeno : user_pref("extensions.incredibar.newtaburl", "");
Nalezeno : user_pref("extensions.incredibar.noFFXTlbr", false);
Nalezeno : user_pref("extensions.incredibar.ppd", "");
Nalezeno : user_pref("extensions.incredibar.prdct", "incredibar");
Nalezeno : user_pref("extensions.incredibar.productid", "26");
Nalezeno : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Nalezeno : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Nalezeno : user_pref("extensions.incredibar.sg", "none");
Nalezeno : user_pref("extensions.incredibar.smplGrp", "none");
Nalezeno : user_pref("extensions.incredibar.smplgrp", "none");
Nalezeno : user_pref("extensions.incredibar.srch", "");
Nalezeno : user_pref("extensions.incredibar.srchprvdr", "");
Nalezeno : user_pref("extensions.incredibar.tlbrId", "base");
Nalezeno : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB_T[...]
Nalezeno : user_pref("extensions.incredibar.tlbrid", "base");
Nalezeno : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB_T[...]
Nalezeno : user_pref("extensions.incredibar.upn2", "6OyXaTCFsw");
Nalezeno : user_pref("extensions.incredibar.upn2n", "92262620650579276");
Nalezeno : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Nalezeno : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1416:34:11");
Nalezeno : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Nalezeno : user_pref("extensions.incredibar.vrsnts", "1.5.11.1416:34:11");
Nalezeno : user_pref("extensions.incredibar_i.aflt", "orgnl");
Nalezeno : user_pref("extensions.incredibar_i.dfltLng", "");
Nalezeno : user_pref("extensions.incredibar_i.did", "10643");
Nalezeno : user_pref("extensions.incredibar_i.excTlbr", false);
Nalezeno : user_pref("extensions.incredibar_i.id", "786565a2000000000000001d927e5270");
Nalezeno : user_pref("extensions.incredibar_i.installerproductid", "26");
Nalezeno : user_pref("extensions.incredibar_i.instlDay", "15688");
Nalezeno : user_pref("extensions.incredibar_i.instlRef", "");
Nalezeno : user_pref("extensions.incredibar_i.ms_url_id", "");
Nalezeno : user_pref("extensions.incredibar_i.newTab", false);
Nalezeno : user_pref("extensions.incredibar_i.ppd", "");
Nalezeno : user_pref("extensions.incredibar_i.prdct", "incredibar");
Nalezeno : user_pref("extensions.incredibar_i.productid", "26");
Nalezeno : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Nalezeno : user_pref("extensions.incredibar_i.smplGrp", "none");
Nalezeno : user_pref("extensions.incredibar_i.tlbrId", "base");
Nalezeno : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB[...]
Nalezeno : user_pref("extensions.incredibar_i.upn2", "6OyXaTCFsw");
Nalezeno : user_pref("extensions.incredibar_i.upn2n", "92262620650579276");
Nalezeno : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Nalezeno : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1416:34:11");
Nalezeno : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Nalezeno : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=[...]
Nalezeno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Nalezeno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer", "hxxp://isearch.avg.com/[...]
Nalezeno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.[...]
Nalezeno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [21199 octets] - [19/04/2013 22:25:30]

########## EOF - C:\AdwCleaner[R1].txt - [21260 octets] ##########

bllemby · #11 Příspěvek od **bllemby** » 19 dub 2013 21:34

# AdwCleaner v2.200 - Log vytvooen 19/04/2013 v 22:27:21
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : - - 860194E4471748E
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\-\Dokumenty\Downloads\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

Zastaveno & vymazáno : IB Updater

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\-\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\-\Data aplikací\Media Finder
Složka Vymazáno : C:\Documents and Settings\-\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Složka Vymazáno : C:\Documents and Settings\-\Data aplikací\PriceGong
Složka Vymazáno : C:\Documents and Settings\-\Local Settings\Data aplikací\APN
Složka Vymazáno : C:\Documents and Settings\-\Local Settings\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\-\Local Settings\Data aplikací\Conduit
Složka Vymazáno : C:\Documents and Settings\-\Local Settings\Data aplikací\uTorrentControl2
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\All Users\Nabídka Start\Programy\Media Finder
Složka Vymazáno : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\uTorrentControl2
Složka Vymazáno : C:\Program Files\AVG Secure Search
Složka Vymazáno : C:\Program Files\DAEMON Tools Toolbar
Složka Vymazáno : C:\Program Files\IB Updater
Složka Vymazáno : C:\Program Files\ICQ6Toolbar
Složka Vymazáno : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Složka Vymazáno : C:\Program Files\Perion
Složka Vymazáno : C:\Program Files\uTorrentControl2
Složka Vymazáno : C:\WINDOWS\system32\WNLT
Soubor Vymazáno : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\searchplugins\daemon-search.xml
Soubor Vymazáno : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\searchplugins\MyStart Search.xml
Soubor Vymazáno : C:\END
Soubor Vymazáno : C:\user.js
Soubor Vymazáno : C:\WINDOWS\system32\ImhxxpComm.dll
Vymazáno poi restartu : C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Vymazáno poi restartu : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AVG Secure Search
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\ConduitSearchScopes
Klíe Vymazáno : HKCU\Software\IB Updater
Klíe Vymazáno : HKCU\Software\IM
Klíe Vymazáno : HKCU\Software\ImInstaller
Klíe Vymazáno : HKCU\Software\incredibar.com
Klíe Vymazáno : HKCU\Software\MediaFinder
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKCU\Software\uTorrentControl2
Klíe Vymazáno : HKCU\Toolbar
Klíe Vymazáno : HKLM\Software\AVG Secure Search
Klíe Vymazáno : HKLM\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Klíe Vymazáno : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\I
Klíe Vymazáno : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Klíe Vymazáno : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MF
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Klíe Vymazáno : HKLM\Software\IB Updater
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2669A021-67D1-4007-ABCE-A25A1F8A2D0C}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A06511D-8195-4413-8EEE-5018BA268578}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Vymazáno : HKLM\Software\uTorrentControl2
Klíe Vymazáno : HKLM\Software\WNLT

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={DF9F261F-140E-418C-ACA0-D5915326070D}&mid=cd089638408e47d19b0bd154d49abb83-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&pr=pr&d=2012-02-03 15:30:22&pid=avg&sg=&v=14.2.0.1&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\73c1exq5.default\prefs.js

Vymazáno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Vymazáno : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Vymazáno : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={DF9F261F-140E-418C-ACA0-D5915326[...]
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.engineVerified", false);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Vymazáno : user_pref("icqtoolbar.installTime", "1282155443");
Vymazáno : user_pref("icqtoolbar.newtab_state", "1");
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "3.6.8");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uninstStatSent", true);
Vymazáno : user_pref("icqtoolbar.uniqueID", "128215427412821543791282155443722");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1282155445);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");
Vymazáno : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={DF9F261F-140E-418C-ACA0-D5915326070D}&m[...]

Soubor : C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\prefs.js

C:\Documents and Settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\user.js ... Vymazáno !

Vymazáno : user_pref("CT2481032_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazáno : user_pref("Smartbar.ConduitHomepagesList", "");
Vymazáno : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Vymazáno : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Vymazáno : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Vymazáno : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Data aplikac\\AVG Se[...]
Vymazáno : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Vymazáno : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb201?a=6OyXaTCFsw&i=26");
Vymazáno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Vymazáno : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Vymazáno : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...]
Vymazáno : user_pref("browser.search.order.1", "Search the web (Babylon)");
Vymazáno : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={DF9F261F-140E-418C-ACA0-D5915326[...]
Vymazáno : user_pref("extensions.incredibar.actvtyRptTime", "1355771461512");
Vymazáno : user_pref("extensions.incredibar.admin", false);
Vymazáno : user_pref("extensions.incredibar.aflt", "orgnl");
Vymazáno : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Vymazáno : user_pref("extensions.incredibar.cntry", "CZ");
Vymazáno : user_pref("extensions.incredibar.dfltLng", "EN");
Vymazáno : user_pref("extensions.incredibar.dfltSrch", false);
Vymazáno : user_pref("extensions.incredibar.dfltlng", "EN");
Vymazáno : user_pref("extensions.incredibar.dfltsrch", "false");
Vymazáno : user_pref("extensions.incredibar.did", "10643");
Vymazáno : user_pref("extensions.incredibar.envrmnt", "production");
Vymazáno : user_pref("extensions.incredibar.excTlbr", false);
Vymazáno : user_pref("extensions.incredibar.hdrMd5", "91017809131739A67A39DF41372991FA");
Vymazáno : user_pref("extensions.incredibar.hmpg", false);
Vymazáno : user_pref("extensions.incredibar.hrdid", "786565a2000000000000001d927e5270");
Vymazáno : user_pref("extensions.incredibar.id", "786565a2000000000000001d927e5270");
Vymazáno : user_pref("extensions.incredibar.installerproductid", "26");
Vymazáno : user_pref("extensions.incredibar.instlDay", "15688");
Vymazáno : user_pref("extensions.incredibar.instlRef", "");
Vymazáno : user_pref("extensions.incredibar.instlday", "15688");
Vymazáno : user_pref("extensions.incredibar.instlref", "");
Vymazáno : user_pref("extensions.incredibar.isDcmntCmplt", false);
Vymazáno : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Vymazáno : user_pref("extensions.incredibar.keywordurl", "");
Vymazáno : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1416:34:11");
Vymazáno : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Vymazáno : user_pref("extensions.incredibar.newTab", false);
Vymazáno : user_pref("extensions.incredibar.newtab", "false");
Vymazáno : user_pref("extensions.incredibar.newtaburl", "");
Vymazáno : user_pref("extensions.incredibar.noFFXTlbr", false);
Vymazáno : user_pref("extensions.incredibar.ppd", "");
Vymazáno : user_pref("extensions.incredibar.prdct", "incredibar");
Vymazáno : user_pref("extensions.incredibar.productid", "26");
Vymazáno : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Vymazáno : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Vymazáno : user_pref("extensions.incredibar.sg", "none");
Vymazáno : user_pref("extensions.incredibar.smplGrp", "none");
Vymazáno : user_pref("extensions.incredibar.smplgrp", "none");
Vymazáno : user_pref("extensions.incredibar.srch", "");
Vymazáno : user_pref("extensions.incredibar.srchprvdr", "");
Vymazáno : user_pref("extensions.incredibar.tlbrId", "base");
Vymazáno : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB_T[...]
Vymazáno : user_pref("extensions.incredibar.tlbrid", "base");
Vymazáno : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB_T[...]
Vymazáno : user_pref("extensions.incredibar.upn2", "6OyXaTCFsw");
Vymazáno : user_pref("extensions.incredibar.upn2n", "92262620650579276");
Vymazáno : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Vymazáno : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1416:34:11");
Vymazáno : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Vymazáno : user_pref("extensions.incredibar.vrsnts", "1.5.11.1416:34:11");
Vymazáno : user_pref("extensions.incredibar_i.aflt", "orgnl");
Vymazáno : user_pref("extensions.incredibar_i.dfltLng", "");
Vymazáno : user_pref("extensions.incredibar_i.did", "10643");
Vymazáno : user_pref("extensions.incredibar_i.excTlbr", false);
Vymazáno : user_pref("extensions.incredibar_i.id", "786565a2000000000000001d927e5270");
Vymazáno : user_pref("extensions.incredibar_i.installerproductid", "26");
Vymazáno : user_pref("extensions.incredibar_i.instlDay", "15688");
Vymazáno : user_pref("extensions.incredibar_i.instlRef", "");
Vymazáno : user_pref("extensions.incredibar_i.ms_url_id", "");
Vymazáno : user_pref("extensions.incredibar_i.newTab", false);
Vymazáno : user_pref("extensions.incredibar_i.ppd", "");
Vymazáno : user_pref("extensions.incredibar_i.prdct", "incredibar");
Vymazáno : user_pref("extensions.incredibar_i.productid", "26");
Vymazáno : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Vymazáno : user_pref("extensions.incredibar_i.smplGrp", "none");
Vymazáno : user_pref("extensions.incredibar_i.tlbrId", "base");
Vymazáno : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB[...]
Vymazáno : user_pref("extensions.incredibar_i.upn2", "6OyXaTCFsw");
Vymazáno : user_pref("extensions.incredibar_i.upn2n", "92262620650579276");
Vymazáno : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Vymazáno : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1416:34:11");
Vymazáno : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Vymazáno : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=[...]
Vymazáno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Vymazáno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer", "hxxp://isearch.avg.com/[...]
Vymazáno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.[...]
Vymazáno : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Documents and Settings\-\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [21330 octets] - [19/04/2013 22:25:30]
AdwCleaner[S1].txt - [20463 octets] - [19/04/2013 22:27:21]

########## EOF - C:\AdwCleaner[S1].txt - [20524 octets] ##########

bllemby · #12 Příspěvek od **bllemby** » 20 dub 2013 18:01

Zdravím byl jsem celý den fotit koně. Myslíte tohel?? :
ComboFix 13-04-18.01 - - 18.04.2013 6:50.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1255 [GMT 2:00]
Spuštěný z: c:\documents and settings\-\Dokumenty\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-18 do 2013-04-18 )))))))))))))))))))))))))))))))
.
.
2013-04-18 03:58 . 2013-04-18 03:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-04-17 22:52 . 2013-04-17 22:52 -------- d-----w- c:\windows\system32\wbem\Repository
2013-04-17 22:52 . 2013-04-17 22:52 -------- d-----w- c:\program files\Common Files\Java
2013-04-17 22:16 . 2013-04-17 22:16 0 ----a-w- c:\windows\system32\drivers\spem.sys
2013-04-17 21:07 . 2013-04-17 21:07 0 ----a-w- c:\windows\system32\drivers\spry.sys
2013-04-17 21:00 . 2013-04-17 21:00 0 ----a-w- c:\windows\system32\drivers\spjg.sys
2013-04-17 20:55 . 2013-04-17 20:55 -------- d-----w- c:\documents and settings\-\Local Settings\Data aplikací\Sun
2013-04-17 20:28 . 2013-04-17 20:28 0 ----a-w- c:\windows\system32\drivers\spri.sys
2013-04-17 20:13 . 2013-04-17 20:13 0 ----a-w- c:\windows\system32\drivers\spos.sys
2013-04-01 12:26 . 2013-04-01 12:30 -------- d-----w- c:\program files\ExposurePlot
2013-03-31 13:59 . 2013-03-31 13:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVDCoverPlus
2013-03-31 13:53 . 2013-03-31 13:53 -------- d-----w- c:\documents and settings\-\Data aplikací\Popisovac
2013-03-31 13:53 . 2013-03-31 13:53 -------- d-----w- c:\program files\Popisovač CD-DVD 4
2013-03-20 20:49 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 05:00 . 2012-03-29 11:32 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-13 05:00 . 2011-05-20 13:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 01:18 . 2011-07-11 00:14 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-03-08 08:36 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2008-04-14 08:06 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2008-04-14 06:06 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-02 02:08 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:08 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:08 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:57 . 2008-04-14 05:45 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-02-27 07:58 . 2010-08-16 11:29 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-18 16:38 . 2012-08-30 20:57 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-12 00:32 . 2008-04-13 22:26 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55 . 2008-04-14 06:51 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-03-11 05:30 . 2013-03-11 05:29 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentControl2\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 16:38 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update (1)"="c:\documents and settings\-\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2012-07-12 116648]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2012-12-02 2846168]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-02-18 774168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Spyder3Utility.lnk - c:\program files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe [2010-7-26 7667970]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDCPL"=RTHDCPL.EXE
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"reset"=regedit /s reset.reg
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CanonSolutionMenuEx"=c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe"
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"SRSAENotifier"=c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13.9.2011 7:30 31952]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.11.2010 18:28 691696]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.10.2011 7:23 250080]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11.7.2011 2:14 302368]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30.8.2012 22:57 33112]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [5.12.2012 4:44 2321560]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14.2.2012 4:53 193288]
R2 IB Updater;IB Updater;c:\program files\IB Updater\ExtensionUpdaterService.exe [14.12.2012 17:33 188760]
R2 nlsX86cc;This service enables products that use the Nalpeiron Licensing System.;c:\windows\system32\nlssrv32.exe [22.9.2011 18:30 66560]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [18.2.2013 18:38 968880]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [23.5.2011 2:03 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23.12.2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 17232]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [13.11.2010 23:41 47360]
R3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_i386.sys [21.6.2012 17:04 407368]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files\System Explorer\service\SystemExplorerService.exe [3.3.2013 12:42 567256]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2.11.2012 4:51 5174392]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16.8.2010 14:16 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [23.5.2011 2:03 30944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [22.10.2012 19:30 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [1.3.2012 19:46 20032]
S3 Spyder3;Datacolor Spyder3;c:\windows\system32\drivers\Spyder3.sys [12.4.2010 10:12 12288]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [22.10.2012 19:30 181344]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S4 SRSHDAudioService;SRS HDAudio Lab Service;c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [25.6.2012 16:16 13232]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 05:00]
.
2013-03-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2013-04-18 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2012-01-02 19:09]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-07 10:48]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-07 10:48]
.
2013-04-18 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-21 18:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.incredibar.com/mb201?a=6OyXaTCFsw&i=26
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.07\AMVConverter\grab.html
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.07\MediaManager\grab.html
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 84.16.104.129 84.16.96.2
TCP: Interfaces\{931D5994-A649-4F2F-BBA6-A549717D18F5}: NameServer = 84.16.104.129,84.16.96.2
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://isearch.avg.com/?cid={DF9F261F-140E-418C-ACA0-D5915326070D}&mid=cd089638408e47d19b0bd154d49abb83-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&pr=pr&d=2012-02-03 15:30&v=14.0.3.14&pid=avg&sg=&sap=hp
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-03-13 17:01; {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}; c:\program files\IB Updater\Firefox
FF - ExtSQL: !HIDDEN! 2010-08-19 00:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 786565a2000000000000001d927e5270
FF - user.js: extensions.incredibar_i.instlDay - 15688
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1416:34
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyXaTCFsw
FF - user.js: extensions.incredibar_i.upn2n - 92262620650579276
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10643
FF - user.js: extensions.incredibar_i.ppd -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-18 06:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{016BB21D-9258-E45B-2E32-559602AAA485}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaobbpjhaaeikpmfeh"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
"haiclnmmfklmbhah"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
"hahjfecjjflellff"=hex:70,62,68,67,61,61,6c,69,6b,63,6d,6d,6c,6c,64,67,69,6d,
66,64,67,70,6d,63,6f,70,66,6a,6c,6e,68,70,68,6d,69,63,67,63,65,68,6c,64,6b,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{016BB21D-9258-E45B-2E32-559602AAA485}\InProcServer32*]
"jamceoogkfclhcmnbilg"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,
65,6f,70,00,00
"iamcgpeklknpdkaogp"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\CLBCATQ.DLL
.
- - - - - - - > 'explorer.exe'(3360)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-04-18 06:57:21
ComboFix-quarantined-files.txt 2013-04-18 04:57
ComboFix2.txt 2013-04-18 04:43
.
Před spuštěním: Volných bajtů: 136 810 446 848
Po spuštění: Volných bajtů: 136 796 225 536
.
- - End Of File - - E2F785259A3BF27651ABE21374B2ECB3

bllemby · #13 Příspěvek od **bllemby** » 20 dub 2013 18:02

ComboFix 13-04-18.01 - - 18.04.2013 6:37.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1533 [GMT 2:00]
Spuštěný z: c:\documents and settings\-\Dokumenty\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\-\WINDOWS
c:\program files\Incredibar.com
c:\program files\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\66b8a04355026707.fb
c:\windows\system32\Cache\66e8f8c9a9bfa141.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\8292b025d8a09964.fb
c:\windows\system32\Cache\8fb3bbdacd5a746e.fb
c:\windows\system32\Cache\90abc9555af75fcd.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a37305c67098d595.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\ba5cc99af3ed3ac4.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d3f23c95a8b685f8.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f190d0b1d45a400a.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\unin0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-18 do 2013-04-18 )))))))))))))))))))))))))))))))
.
.
2013-04-18 03:58 . 2013-04-18 03:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-04-17 22:52 . 2013-04-17 22:52 -------- d-----w- c:\windows\system32\wbem\Repository
2013-04-17 22:52 . 2013-04-17 22:52 -------- d-----w- c:\program files\Common Files\Java
2013-04-17 22:16 . 2013-04-17 22:16 0 ----a-w- c:\windows\system32\drivers\spem.sys
2013-04-17 21:07 . 2013-04-17 21:07 0 ----a-w- c:\windows\system32\drivers\spry.sys
2013-04-17 21:00 . 2013-04-17 21:00 0 ----a-w- c:\windows\system32\drivers\spjg.sys
2013-04-17 20:55 . 2013-04-17 20:55 -------- d-----w- c:\documents and settings\-\Local Settings\Data aplikací\Sun
2013-04-17 20:28 . 2013-04-17 20:28 0 ----a-w- c:\windows\system32\drivers\spri.sys
2013-04-17 20:13 . 2013-04-17 20:13 0 ----a-w- c:\windows\system32\drivers\spos.sys
2013-04-01 12:26 . 2013-04-01 12:30 -------- d-----w- c:\program files\ExposurePlot
2013-03-31 13:59 . 2013-03-31 13:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVDCoverPlus
2013-03-31 13:53 . 2013-03-31 13:53 -------- d-----w- c:\documents and settings\-\Data aplikací\Popisovac
2013-03-31 13:53 . 2013-03-31 13:53 -------- d-----w- c:\program files\Popisovač CD-DVD 4
2013-03-20 20:49 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 05:00 . 2012-03-29 11:32 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-13 05:00 . 2011-05-20 13:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 01:18 . 2011-07-11 00:14 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-03-08 08:36 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2008-04-14 08:06 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2008-04-14 06:06 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-02 02:08 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:08 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:08 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:57 . 2008-04-14 05:45 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-02-27 07:58 . 2010-08-16 11:29 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-18 16:38 . 2012-08-30 20:57 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-12 00:32 . 2008-04-13 22:26 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55 . 2008-04-14 06:51 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-03-11 05:30 . 2013-03-11 05:29 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentControl2\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 16:38 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"= "c:\program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update (1)"="c:\documents and settings\-\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2012-07-12 116648]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2012-12-02 2846168]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-02-18 774168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Spyder3Utility.lnk - c:\program files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe [2010-7-26 7667970]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDCPL"=RTHDCPL.EXE
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"reset"=regedit /s reset.reg
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CanonSolutionMenuEx"=c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe"
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"SRSAENotifier"=c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13.9.2011 7:30 31952]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.11.2010 18:28 691696]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.10.2011 7:23 250080]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11.7.2011 2:14 302368]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30.8.2012 22:57 33112]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [5.12.2012 4:44 2321560]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14.2.2012 4:53 193288]
R2 IB Updater;IB Updater;c:\program files\IB Updater\ExtensionUpdaterService.exe [14.12.2012 17:33 188760]
R2 nlsX86cc;This service enables products that use the Nalpeiron Licensing System.;c:\windows\system32\nlssrv32.exe [22.9.2011 18:30 66560]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [18.2.2013 18:38 968880]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [23.5.2011 2:03 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23.12.2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 17232]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [13.11.2010 23:41 47360]
R3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_i386.sys [21.6.2012 17:04 407368]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2.11.2012 4:51 5174392]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16.8.2010 14:16 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [23.5.2011 2:03 30944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [22.10.2012 19:30 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [1.3.2012 19:46 20032]
S3 Spyder3;Datacolor Spyder3;c:\windows\system32\drivers\Spyder3.sys [12.4.2010 10:12 12288]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [22.10.2012 19:30 181344]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 SystemExplorerHelpService;System Explorer Service;c:\program files\System Explorer\service\SystemExplorerService.exe [3.3.2013 12:42 567256]
S4 SRSHDAudioService;SRS HDAudio Lab Service;c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [25.6.2012 16:16 13232]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 05:00]
.
2013-03-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2013-04-18 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2012-01-02 19:09]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-07 10:48]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-07 10:48]
.
2013-04-18 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-21 18:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.incredibar.com/mb201?a=6OyXaTCFsw&i=26
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.07\AMVConverter\grab.html
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.07\MediaManager\grab.html
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 84.16.104.129 84.16.96.2
TCP: Interfaces\{931D5994-A649-4F2F-BBA6-A549717D18F5}: NameServer = 84.16.104.129,84.16.96.2
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\-\Data aplikací\Mozilla\Firefox\Profiles\s7mmfws2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://isearch.avg.com/?cid={DF9F261F-140E-418C-ACA0-D5915326070D}&mid=cd089638408e47d19b0bd154d49abb83-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&pr=pr&d=2012-02-03 15:30&v=14.0.3.14&pid=avg&sg=&sap=hp
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-03-13 17:01; {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}; c:\program files\IB Updater\Firefox
FF - ExtSQL: !HIDDEN! 2010-08-19 00:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyXaTCFsw&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 786565a2000000000000001d927e5270
FF - user.js: extensions.incredibar_i.instlDay - 15688
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1416:34
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyXaTCFsw
FF - user.js: extensions.incredibar_i.upn2n - 92262620650579276
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10643
FF - user.js: extensions.incredibar_i.ppd -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-18 06:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1275210071-308236825-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{016BB21D-9258-E45B-2E32-559602AAA485}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaobbpjhaaeikpmfeh"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
"haiclnmmfklmbhah"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
"hahjfecjjflellff"=hex:70,62,68,67,61,61,6c,69,6b,63,6d,6d,6c,6c,64,67,69,6d,
66,64,67,70,6d,63,6f,70,66,6a,6c,6e,68,70,68,6d,69,63,67,63,65,68,6c,64,6b,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{016BB21D-9258-E45B-2E32-559602AAA485}\InProcServer32*]
"jamceoogkfclhcmnbilg"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,
65,6f,70,00,00
"iamcgpeklknpdkaogp"=hex:6a,61,6a,70,61,6d,6c,6f,6a,69,6a,64,62,70,70,6a,65,65,
6f,70,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(852)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2013-04-18 06:43:30
ComboFix-quarantined-files.txt 2013-04-18 04:43
.
Před spuštěním: Volných bajtů: 136 435 097 600
Po spuštění: Volných bajtů: 136 797 491 200
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - DECFC1393F410AEC42305FC9BD7DE6F2

bllemby · #14 Příspěvek od **bllemby** » 20 dub 2013 18:02

2013-04-18 04:42:54 . 2013-04-18 04:42:54 912 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-25_escape.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 928 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-24_flashusbdriver.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 924 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-22_WiBro_WiMAX.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 912 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-21_Searsburg.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-20_NXP_Driver.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-19_VIA_driver.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 948 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-18_Zinia_Serial_Driver.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 924 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-17_EMP_Chipset2.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-16_Shrewsbury.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 936 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-11_HSP_Plus_Default.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 884 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-09_Hsp.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-08_EMPChipset.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 896 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-07_Schorl.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 904 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-06_Spencer.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 892 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-05_Sloan.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 908 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-04_semseyite.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 920 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-03_Swallowtail.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 908 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-02_Siberian.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 908 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-01_Simmental.reg.dat
2013-04-18 04:42:54 . 2013-04-18 04:42:54 838 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-incredibar.reg.dat
2013-04-18 04:42:45 . 2013-04-18 04:42:45 534 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-WudfRd.reg.dat
2013-04-18 04:42:45 . 2013-04-18 04:42:45 534 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-WudfPf.reg.dat
2013-04-18 04:42:35 . 2013-04-18 04:42:35 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{124d001a-bdcb-472f-aa59-bbe7e4bc3204}.reg.dat
2013-04-18 04:39:38 . 2013-04-18 04:54:29 5,288 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2013-04-18 04:33:20 . 2013-04-18 04:49:34 102 ----a-w- C:\Qoobox\Quarantine\catchme.log
2013-02-18 16:38:43 . 2013-02-18 16:38:30 636 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\26c630d098e22dd5.fb.vir
2013-02-18 16:38:43 . 2013-02-18 16:38:30 577 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\95f567698be8a182.fb.vir
2013-02-18 16:38:43 . 2013-02-18 16:38:30 10,783 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\ba5cc99af3ed3ac4.fb.vir
2013-02-11 05:27:41 . 2013-02-11 05:27:33 10,993 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\a37305c67098d595.fb.vir
2013-02-06 20:11:09 . 2013-02-06 20:10:52 10,993 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\8fb3bbdacd5a746e.fb.vir
2013-01-31 18:07:35 . 2013-01-31 18:07:28 10,993 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\8292b025d8a09964.fb.vir
2013-01-21 14:01:53 . 2013-01-21 14:01:38 10,511 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d3f23c95a8b685f8.fb.vir
2012-12-14 15:34:12 . 2012-12-14 15:34:12 106,470 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe.vir
2012-08-30 20:57:34 . 2012-08-30 20:57:24 11,246 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\66e8f8c9a9bfa141.fb.vir
2012-07-09 17:47:38 . 2012-07-09 17:47:32 11,070 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\f190d0b1d45a400a.fb.vir
2012-06-12 15:32:11 . 2013-02-18 16:38:30 668 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\6d03dad1035885d3.fb.vir
2012-06-12 15:32:11 . 2013-02-18 16:38:30 663 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\c1fa887b03019701.fb.vir
2012-06-12 15:32:11 . 2013-02-18 16:38:30 1,071 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\f998975c9cc711ee.fb.vir
2012-06-12 15:32:11 . 2013-02-18 16:38:30 661 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\32c84fe32bb74d60.fb.vir
2012-06-12 15:32:11 . 2013-02-18 16:38:30 628 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\31a0997e9a5b5eb3.fb.vir
2012-06-12 15:32:10 . 2012-06-12 15:32:06 11,070 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\90abc9555af75fcd.fb.vir
2012-04-12 06:43:51 . 2012-03-29 05:11:06 24,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MASetupCleaner.exe.vir
2012-04-12 06:43:51 . 2012-03-29 05:11:06 172,032 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzapp.exe.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 639 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\590ba23ce359fd0c.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 630 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\272512937d9e61a4.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 627 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\651c5d3cdbfb8bd1.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 398 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\6c59ac5e7e7a3ad0.fb.vir
2012-03-13 13:01:29 . 2012-08-30 20:57:24 669 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\a8556537add6dfc5.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 586 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\c4d28dca2e7648be.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 1,045 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d201ef9910cd39de.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 366 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\ad10a52aff5e038d.fb.vir
2012-03-13 13:01:29 . 2012-03-13 13:01:17 1,062 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\e0de16f883bea794.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 622 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\287204568329e189.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 365 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\610289e025a3ee9a.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 567 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d2e94710a5708128.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 627 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d79b9dfe81484ec4.fb.vir
2012-03-13 13:01:29 . 2012-08-30 20:57:24 633 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\2c53092c95605355.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 1,022 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\3917078cb68ec657.fb.vir
2012-03-13 13:01:29 . 2013-02-18 16:38:30 1,291 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\28bc8f716fd76a47.fb.vir
2012-03-13 13:01:29 . 2012-03-13 13:01:17 7,902 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\66b8a04355026707.fb.vir
2012-01-23 16:47:30 . 2012-01-23 16:47:30 357,376 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll.vir
2012-01-21 22:18:16 . 2012-01-21 22:18:16 261,632 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll.vir
2012-01-21 22:18:14 . 2012-01-21 22:18:14 350,208 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe.vir
2012-01-21 22:18:14 . 2012-01-21 22:18:14 270,336 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll.vir
2012-01-21 22:17:30 . 2012-01-21 22:17:30 567,296 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll.vir
2011-03-23 18:09:57 . 1997-04-18 10:46:20 297,984 -c--a-w- C:\Qoobox\Quarantine\C\WINDOWS\unin0405.exe.vir

bllemby · #15 Příspěvek od **bllemby** » 20 dub 2013 18:43

Děkuji moc za pomoc. Hlášky v AVG si tedy nemám všímat?? Jo a program na upravu fotek pro odbarvení je zásuvný modull do photoshopu a jmenuje se NIK Silver

A ještě děkuji moc za pomoc

VIRY.CZ

prosím o pomoc nevím si rady s následující hláškou z AVG

prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG

Re: prosím o pomoc nevím si rady s následující hláškou z AVG